Re: Stack frame for netlink_broadcast

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ralf Baechle <ralf@linux-mips.org>
To: Bharat Bhushan <bharat.76@gmail.com>
Cc: linux-mips@linux-mips.org
Subject: Re: Stack frame for netlink_broadcast
Date: Mon, 16 May 2011 14:37:19 +0100	[thread overview]
Message-ID: <20110516133719.GA13589@linux-mips.org> (raw)
In-Reply-To: <BANLkTikzAjpOL1GwTw9JQFV3z9G3kRJ=1g@mail.gmail.com>

On Mon, May 16, 2011 at 02:34:46PM +0530, Bharat Bhushan wrote:

> I am using linux kernel version 2.6.16.51 MIPS port.
>
> I see the crash while using netlink_broadcast from kernel module.
> 
> CPU 0 Unable to handle kernel paging request at virtual address
> 00000000, epc == 8011c1c8, ra == 80120950
> Oops[#1]:
> Cpu 0
> $ 0   : 00000000 50104c00 00000000 804008c0
> $ 4   : 803841a0 00000000 00000001 00000000
> $ 8   : 40000000 00000000 00000000 00000000
> $12   : 00000000 00000001 8093bfff 00000002
> $16   : 81201480 8120193c 8a69e018 881e1b80
> $20   : 8ba5a520 00000001 80412d34 00000000
> $24   : 00000000 80343f04
> $28   : 80382000 80383d08 80383d10 80120950
> Hi    : 00000090
> Lo    : 0000007e
> epc   : 8011c1c8 dequeue_task+0xc/0x94     Tainted: PF
> ra    : 80120950 sys_sched_yield+0x7c/0xf8
> Status: 50104c02    KERNEL EXL
> Cause : 00808008
> BadVA : 00000000
> PrId  : 000c0904
> Modules linked in: cf ipi_hsl dataplane evb sjtag xlr_fmn hw_random
> ipt_connlimit xt_tcpudp xt_mark ipt_REDIRECT iptable_nat ip_nat
> ip_conntrack iptable_filter ip_tables x_tables hwreset panic_dump
> Process swapper (pid: 0, threadinfo=80382000, task=803841a0)
> Stack : 80383d10 802c0180 ffffffff 00000001 8a69e018 881e1b80 ffffffff 00000001
>         00000001 802d6390 8e143390 00000000 8e11f848 8e002d8c 00000000 00000001
>         00000001 00000000 881e1c08 80410000 8e9c7f30 881e1b80 8fc7de00 8fc7def8
>         00000002 8e409400 8e143390 00000000 00000000 8e0d7840 817a3e00 0001164d
>         00000000 00000000 000000d0 8e40c0e4 8e0d9ea0 8e0d9cb4 8e706738 00000002
> 
> 
> 
> Please note netlink_broadcast reserves Stack frame of 80bytes but
> tries to write to access 88(sp).
> 
> 802d60c8 <netlink_broadcast>:
> 802d60c8:   27bdffb0    addiu   sp,sp,-80
> 802d60cc:   afb40038    sw  s4,56(sp)
> 802d60d0:   afb30034    sw  s3,52(sp)
> 802d60d4:   afbf004c    sw  ra,76(sp)
> 802d60d8:   afbe0048    sw  s8,72(sp)
> 802d60dc:   afb70044    sw  s7,68(sp)
> 802d60e0:   afb60040    sw  s6,64(sp)
> 802d60e4:   afb5003c    sw  s5,60(sp)
> 802d60e8:   afb20030    sw  s2,48(sp)
> 802d60ec:   afb1002c    sw  s1,44(sp)
> 802d60f0:   afb00028    sw  s0,40(sp)
> 802d60f4:   afa40050    sw  a0,80(sp)  <-------Can this corrupt the
> previous stack frame?
> 802d60f8:   8ca20078    lw  v0,120(a1)
> 802d60fc:   00a09821    move    s3,a1
> 802d6100:   afa60058    sw  a2,88(sp) <------- Can this corrupt the
> previous stack frame?

No; this is entirely normal.  In the O32 ABI which is used to compile 32-bit
kernels the caller allocates the stackframe for the callee to save the
argument registers $a0 .. $a3 so you expect to see accesses to the 16 bytes
above the current stack frame just like here.

  Ralf

PS: 2.6.16.51 is now over 4 years old.  Please ship to the following address:

  British Museum
  Great Russell Street
  WC1B 3DG
  London
  Great Britain

;-)

     prev parent reply	other threads:[~2011-05-16 13:35 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-05-16  9:04 Stack frame for netlink_broadcast Bharat Bhushan
2011-05-16 13:37 ` Ralf Baechle [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20110516133719.GA13589@linux-mips.org \
    --to=ralf@linux-mips.org \
    --cc=bharat.76@gmail.com \
    --cc=linux-mips@linux-mips.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.