From: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
To: jingbai.ma@hp.com
Cc: kexec@lists.infradead.org, kumagai-atsushi@mxc.nes.nec.co.jp,
lisa.mitchell@hp.com
Subject: Re: [PATCH] makedumpfile: Fix a segment fault in dumping small ELF segment
Date: Mon, 31 Mar 2014 10:16:33 +0900 (JST) [thread overview]
Message-ID: <20140331.101633.456534574.d.hatayama@jp.fujitsu.com> (raw)
In-Reply-To: <20140328122633.11362.51287.stgit@k.asiapacific.hpqcorp.net>
From: Jingbai Ma <jingbai.ma@hp.com>
Subject: [PATCH] makedumpfile: Fix a segment fault in dumping small ELF segment
``small ELF segment'' is wrong. This issue occurs if the starting or
ending address of the ELF segment is not aligned to multiple of 8
pages. Could you correct the subject?
Date: Fri, 28 Mar 2014 20:26:34 +0800
> This patch fixs a bug if the size of an ELF segment less than 8 pages.
>
Could you show me /proc/iomem and an output of readelf -l of the ELF
vmcore? I'm interested in the segment.
> In function create_1st_bitmap_cyclic() and initialize_2nd_bitmap_cyclic(),
> there are the same code:
>
> pfn_start_roundup = roundup(pfn_start, BITPERBYTE);
> pfn_end_round = round(pfn_end, BITPERBYTE);
>
> for (pfn = pfn_start; pfn < pfn_start_roundup; pfn++) {
> if (set_bit_on_1st_bitmap(pfn))
> pfn_bitmap1++;
> }
>
> In case:
> pfn_start=0xe762c, pfn_start_roundup=0xe7630
> pfn_end=0xe762d, pfn_end_round=0xe7628
> This code will set incorrect bits in the bitmap.
> In function readpage_elf():
>
> if (!offset1) {
> phys_start = page_head_to_phys_start(paddr);
> offset1 = paddr_to_offset(phys_start);
> frac_head = phys_start - paddr;
> memset(bufptr, 0, frac_head);
> }
>
> The invalid paddr couldn't be found, so phys_start will be zero, and frac_head
> will be negative, then memset will cause a segment fault.
>
> Signed-off-by: Jingbai Ma <jingbai.ma@hp.com>
> ---
> makedumpfile.c | 26 +++++++++++++++-----------
> 1 files changed, 15 insertions(+), 11 deletions(-)
>
> diff --git a/makedumpfile.c b/makedumpfile.c
> index ef08d91..21330b7 100644
> --- a/makedumpfile.c
> +++ b/makedumpfile.c
> @@ -4424,8 +4424,9 @@ create_1st_bitmap_cyclic()
> if (pfn_start >= pfn_end)
> continue;
>
> - pfn_start_roundup = roundup(pfn_start, BITPERBYTE);
> - pfn_end_round = round(pfn_end, BITPERBYTE);
> + pfn_start_roundup = MIN(roundup(pfn_start, BITPERBYTE),
> + pfn_end);
Please add two more tabs in the line of the second argument of MIN()
like this for readability:
+ pfn_start_roundup = MIN(roundup(pfn_start, BITPERBYTE),
+ pfn_end);
> + pfn_end_round = MAX(round(pfn_end, BITPERBYTE), pfn_start);
>
> for (pfn = pfn_start; pfn < pfn_start_roundup; pfn++) {
> if (set_bit_on_1st_bitmap(pfn))
> @@ -4443,10 +4444,11 @@ create_1st_bitmap_cyclic()
> pfn_bitmap1 += (pfn_end_byte - pfn_start_byte) * BITPERBYTE;
> }
>
> - for (pfn = pfn_end_round; pfn < pfn_end; pfn++) {
> - if (set_bit_on_1st_bitmap(pfn))
> - pfn_bitmap1++;
> - }
> + if (pfn_end_round > pfn_start)
> + for (pfn = pfn_end_round; pfn < pfn_end; pfn++) {
> + if (set_bit_on_1st_bitmap(pfn))
> + pfn_bitmap1++;
> + }
Please add { ... } for the outer if to encolose the for statement like this:
+ if (pfn_end_round > pfn_start) {
+ for (pfn = pfn_end_round; pfn < pfn_end; pfn++) {
+ if (set_bit_on_1st_bitmap(pfn))
+ pfn_bitmap1++;
+ }
+ }
> }
> pfn_memhole -= pfn_bitmap1;
>
> @@ -4532,8 +4534,9 @@ initialize_2nd_bitmap_cyclic(void)
> if (pfn_start >= pfn_end)
> continue;
>
> - pfn_start_roundup = roundup(pfn_start, BITPERBYTE);
> - pfn_end_round = round(pfn_end, BITPERBYTE);
> + pfn_start_roundup = MIN(roundup(pfn_start, BITPERBYTE),
> + pfn_end);
Similr.
> + pfn_end_round = MAX(round(pfn_end, BITPERBYTE), pfn_start);
>
> for (pfn = pfn_start; pfn < pfn_start_roundup; ++pfn)
> if (!set_bit_on_2nd_bitmap_for_kernel(pfn))
> @@ -4548,9 +4551,10 @@ initialize_2nd_bitmap_cyclic(void)
> pfn_end_byte - pfn_start_byte);
> }
>
> - for (pfn = pfn_end_round; pfn < pfn_end; ++pfn)
> - if (!set_bit_on_2nd_bitmap_for_kernel(pfn))
> - return FALSE;
> + if (pfn_end_round > pfn_start)
> + for (pfn = pfn_end_round; pfn < pfn_end; ++pfn)
> + if (!set_bit_on_2nd_bitmap_for_kernel(pfn))
> + return FALSE;
Similar.
> }
>
> return TRUE;
>
==
Thanks.
HATAYAMA, Daisuke
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2014-03-31 1:17 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-28 12:26 [PATCH] makedumpfile: Fix a segment fault in dumping small ELF segment Jingbai Ma
2014-03-31 1:16 ` HATAYAMA Daisuke [this message]
2014-03-31 4:21 ` Jingbai Ma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140331.101633.456534574.d.hatayama@jp.fujitsu.com \
--to=d.hatayama@jp.fujitsu.com \
--cc=jingbai.ma@hp.com \
--cc=kexec@lists.infradead.org \
--cc=kumagai-atsushi@mxc.nes.nec.co.jp \
--cc=lisa.mitchell@hp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox