From: Andrew Morton <akpm@zip.com.au>
To: Daniel Jacobowitz <dan@debian.org>
Cc: linux-kernel@vger.kernel.org, Andrea Arcangeli <andrea@suse.de>
Subject: Re: [PATCH?] Crash in 2.4.17/ptrace
Date: Mon, 28 Jan 2002 13:03:05 -0800 [thread overview]
Message-ID: <3C55BC89.EDE3105C@zip.com.au> (raw)
In-Reply-To: <20020128153210.A3032@nevyn.them.org>
Daniel Jacobowitz wrote:
>
> I've been debugging frame buffer graphics lately, and encountering a
> very annoying problem. If the debugee has /dev/fb/0 mapped, and I try
> to print out the contents of a pointer into that buffer, GDB crashes in
> kernel/ptrace.c:access_process_vm. The problem seems to be that
> get_user_pages returns a NULL page. Something as simple as this
> prevents the crash:
>
> --- 2.4.18-pre7/2.4.18-pre7/kernel/ptrace.c Fri Dec 21 12:42:04 2001
> +++ 2.4.17/kernel-source-2.4.17/kernel/ptrace.c Mon Jan 28 15:30:39 2002
> @@ -160,6 +160,18 @@ int access_process_vm(struct task_struct
>
> flush_cache_page(vma, addr);
>
> +#if 1
> + if (!page)
> + {
> + /* FIXME: Writes? */
> + if (!write) memset (buf, 0, bytes);
> + len -= bytes;
> + buf += bytes;
> + continue;
> + }
> +#endif
> +
> +
> maddr = kmap(page);
> if (write) {
> memcpy(maddr + offset, buf, bytes);
Oh nice. And it seems that, say, an O_DIRECT write of, say,
a mmaped framebuffer will also oops the kernel.
Most callers of get_user_pages() aren't prepared for a
null page* in the returned array.
This patch *may* be sufficient, but perhaps get_user_pages()
should just bale out as soon as it finds an invalid page, rather
than sticking a null page * into the returned array and continuing.
--- linux-2.4.18-pre7/mm/memory.c Fri Dec 21 11:19:23 2001
+++ linux-akpm/mm/memory.c Mon Jan 28 12:54:40 2002
@@ -453,6 +453,7 @@ int get_user_pages(struct task_struct *t
vma = find_extend_vma(mm, start);
if ( !vma ||
+ (vma->vm_flags & VM_IO) ||
(!force &&
((write && (!(vma->vm_flags & VM_WRITE))) ||
(!write && (!(vma->vm_flags & VM_READ))) ) )) {
> Of course, I would much rather be able to see the contents of the
> framebuffer. Any suggestions?
Not with this patch, I'm afraid. For your testing purposes you
could just remove the VALID_PAGE() test in mm/memory.c:get_page_map(),
and then gdb should be able to get at the framebuffer.
-
next prev parent reply other threads:[~2002-01-28 21:10 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-28 20:32 [PATCH?] Crash in 2.4.17/ptrace Daniel Jacobowitz
2002-01-28 21:03 ` Andrew Morton [this message]
2002-01-28 21:19 ` Daniel Jacobowitz
2002-01-28 21:29 ` Andrew Morton
2002-01-28 21:55 ` Alan Cox
2002-01-28 22:12 ` Andrew Morton
2002-01-29 22:59 ` [Linux-fbdev-devel] " James Simmons
2002-01-29 23:02 ` Andrew Morton
2002-01-30 0:13 ` James Simmons
2002-01-28 22:15 ` Benjamin Herrenschmidt
2002-01-28 23:57 ` Andrea Arcangeli
2002-01-28 23:54 ` Andrea Arcangeli
2002-01-29 5:35 ` Andrew Morton
2002-01-28 23:47 ` Andrea Arcangeli
2002-01-28 21:42 ` Andrew Morton
-- strict thread matches above, loose matches on Subject: below --
2002-01-28 21:33 Manfred Spraul
2002-01-28 22:05 ` Alan Cox
2002-01-28 22:07 ` Manfred Spraul
2002-01-28 22:26 ` Daniel Jacobowitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3C55BC89.EDE3105C@zip.com.au \
--to=akpm@zip.com.au \
--cc=andrea@suse.de \
--cc=dan@debian.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.