ARM64: Fixed invalid pt_regs address #1
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This fix follow the commit 19bfb92 arm64: Fix miscalculation of the starting address of the pt_regs structure on the kernel stack The machdep->machspec->user_eframe_offset value comes from crash which already taken the size of pt_regs in to account. Core was generated by `/init'. #0 0x0000000000000015 in ?? () (gdb) info registers x0 0xffffff80080e1d3c -549620671172 ... x26 0xc79ecaf 209317039 x27 0xef412c356afbd300 -1206634617218804992 x28 0x7 7 x29 0xef412c356afbd300 -1206634617218804992 x30 0x16 22 sp 0x124 0x124 pc 0x15 0x15 cpsr 0x40000000 [ EL=0 Z ] fpsr 0x10 16 fpcr 0x0 0 Signed-off-by: Hong YANG <hong.yang3@nio.com>
d-hatayama
added a commit
that referenced
this pull request
Dec 8, 2021
…kernel
crash process results in segfault when gcore.so gets loaded on live
kernel. Looking into the generated core file of the crash process, the
segfault occurred during back tracing on some active task according to
the following backtrace:
(gdb) bt
#0 0x00000000005b9cba in x86_64_get_stack_frame (bt=0xffffa08306b21680, pcp=0x0, spp=0xffffa08306b21680) at x86_64.c:4919
#1 0x00007fcec84b9358 in gcore_get_regs_from_eframe () from /root/work/crash-gcore-command/src/gcore.so
#2 0x00007fcec84b9690 in get_active_regs () from /root/work/crash-gcore-command/src/gcore.so
#3 0x00007fcec84b9ad0 in genregs_get () from /root/work/crash-gcore-command/src/gcore.so
#4 0x00007fcec84ba745 in gcore_is_arch_32bit_emulation () from /root/work/crash-gcore-command/src/gcore.so
#5 0x00007fcec84ba77c in gcore_arch_get_gate_vma () from /root/work/crash-gcore-command/src/gcore.so
#6 0x00007fcec84ba9f7 in gcore_arch_vsyscall_has_vm_alwaysdump_flag () from /root/work/crash-gcore-command/src/gcore.so
#7 0x00007fcec84bcae0 in gcore_machdep_init () from /root/work/crash-gcore-command/src/gcore.so
#8 0x00007fcec84babbc in _init () from /root/work/crash-gcore-command/src/gcore.so
This backtrace is invoked in the context of
gcore_arch_vsyscall_has_vm_alwaysdump_flag() that tries to check if
the corresponding kernel is the one where VM_ALWAYSDUMP is still
present.
The reason why backtrace is invoked in this context is due to the
previous commit by which gcore_is_arch_32bit_emulation() now calls
genregs_get() and so could result in backtrace via
gcore_get_regs_from_eframe().
To fix this issue, avoid calling genregs_get() for active tasks by
explicitly choosing sleeping user tasks as target task by iterating
the task array in order.
Signed-off-by: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
Sorry for the very late response. Thank you for your PR, but I'm closing this PR because I had already detected this bug before this PR and there was another reporter, so I created the commit 991d384 for fixing this issue, where I used the information shared by you here, but described your and the other reporter's Signed-off-by in the commit. |
|
Thanks. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fix follow the commit 19bfb92
arm64: Fix miscalculation of the starting address of the pt_regs
structure on the kernel stack
The machdep->machspec->user_eframe_offset value comes from crash
which already taken the size of pt_regs in to account.
Core was generated by `/init'.
#0 0x0000000000000015 in ?? ()
(gdb) info registers
x0 0xffffff80080e1d3c -549620671172
...
x26 0xc79ecaf 209317039
x27 0xef412c356afbd300 -1206634617218804992
x28 0x7 7
x29 0xef412c356afbd300 -1206634617218804992
x30 0x16 22
sp 0x124 0x124
pc 0x15 0x15
cpsr 0x40000000 [ EL=0 Z ]
fpsr 0x10 16
fpcr 0x0 0
Signed-off-by: Hong YANG hong.yang3@nio.com