[PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Helge Deller <deller@gmx.de>
To: linux-parisc@vger.kernel.org
Cc: Kyle McMartin <kyle@mcmartin.ca>
Subject: [PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash
Date: Tue, 29 Jul 2008 22:31:46 +0200	[thread overview]
Message-ID: <488F7E32.4070204@gmx.de> (raw)
In-Reply-To: <200807201907.59762.deller@gmx.de>

[-- Attachment #1: Type: text/plain, Size: 2180 bytes --]

I narrowed down to the problematic codepath, and I assume the attached 
patch might fix it. Problem is, that I can't test without my testcase 
which is on gsyprf10 (which is unreachable right now), so this patch 
here is currently a RFC...

Helge

Signed-off-by: Helge Deller <deller@gmx.de>


Helge Deller wrote:
> On Sunday 20 July 2008, Helge Deller wrote:
>> While debugging some user-space stuff I just faced this 32bit kernel crash (2.6.26):
>> Maybe someone has an idea?
> 
> This is reproduceable.
> Testcase and docu is here: http://gsyprf10.external.hp.com/~deller/crash.tgz
> 
> Just run:
> LD_LIBRARY_PATH=.  ./a.out
> 
> Output is:
> making contexts
> swapping contexts
> start f2
> &on_stack=0x12d88
> start f1(a0=1,a1=2,a2=3,a3=fffffffc)
> <crash>
> 
> Info:
> - test program is from glibc:
>         glibc-2.7/stdlib/tst-setcontext.c
> - the compiled libc.so.6 includes some changes for *context() functions from me.
> 
>  
>> Kernel Fault: Code=15 regs=5f578640 (Addr=000127ec)
>>
>>      YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
>> PSW: 00000000000001001111110000001111 Not tainted
>> r00-03  0004fc0f 10644f10 1011ee68 5f578288
>> r04-07  00000014 8c1fe860 8c1fe828 8eb7d030
>> r08-11  105ee890 00000040 0001264a 000d3b60
>> r12-15  00000000 000d3b5c 000dde68 000b0000
>> r16-19  8eb7d250 000b0000 ffffffff 000127ec
>> r20-23  ffffe040 00000000 101205d4 00000000
>> r24-27  00012800 101205cc 5f578288 1062ff10
>> r28-31  00000000 000002ee 5f578640 10120630
>> sr00-03  00000000 000013a7 00000000 000013a7
>> sr04-07  00000000 00000000 00000000 00000000
>>
>> IASQ: 00000000 00000000 IAOQ: 1011ed04 1011ed08
>>  IIR: 0e601093    ISR: 00000000  IOR: 000127ec
>>  CPU:        0   CR30: 5f578000 CR31: ffffffff
>>  ORIG_R28: 40400000
>>  IAOQ[0]: unwind_frame_regs+0x214/0x244
>>  IAOQ[1]: unwind_frame_regs+0x218/0x244
>>  RP(r2): unwind_once+0x10/0x48
>> Backtrace:
>>  [<1011ee68>] unwind_once+0x10/0x48
>>  [<10112bbc>] do_show_stack+0x28/0xac
>>  [<10112cd0>] parisc_show_stack+0x90/0xa8
>>  [<10111258>] do_page_fault+0x174/0x294
>>  [<10113824>] handle_interruption+0x570/0x58c
>>  [<10117078>] intr_check_sig+0x0/0x34
>>
>> Kernel panic - not syncing: Kernel Fault

[-- Attachment #2: diff --]
[-- Type: text/plain, Size: 672 bytes --]

diff --git a/arch/parisc/kernel/unwind.c b/arch/parisc/kernel/unwind.c
index 701b2d2..8b4708d 100644
--- a/arch/parisc/kernel/unwind.c
+++ b/arch/parisc/kernel/unwind.c
@@ -341,8 +341,15 @@ static void unwind_frame_regs(struct unwind_frame_info *info)
 			info->prev_sp = info->sp - frame_size;
 			if (e->Millicode)
 				info->rp = info->r31;
-			else if (rpoffset)
-				info->rp = *(unsigned long *)(info->prev_sp - rpoffset);
+			else if (rpoffset) {
+				unsigned long tmp;
+
+				if (get_user(tmp,
+				       (unsigned long *)(info->prev_sp - rpoffset)))
+					info->rp = 0;
+				else
+					info->rp = tmp;
+			}
 			info->prev_ip = info->rp;
 			info->rp = 0;
 		}

next prev parent reply	other threads:[~2008-07-29 20:31 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-07-20 16:46 2.6.26 kernel crash Helge Deller
2008-07-20 17:07 ` Helge Deller
2008-07-20 17:38   ` John David Anglin
2008-07-29 20:31   ` Helge Deller [this message]
2008-08-01 22:15     ` [PATCH] fix unwind crash - was: " Helge Deller
2008-08-03 14:26     ` Randolph Chung
2008-08-06 19:41       ` Kyle McMartin
2008-08-07  1:48         ` Carlos O'Donell
2008-08-08 12:56         ` Carlos O'Donell

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:701b2d2 dfblob:8b4708d )
 OR (
bs:"[PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=488F7E32.4070204@gmx.de \
    --to=deller@gmx.de \
    --cc=kyle@mcmartin.ca \
    --cc=linux-parisc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.