[PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash

Linux PARISC architecture development
 help / color / mirror / Atom feed

From: Helge Deller <deller@gmx.de>
To: linux-parisc@vger.kernel.org
Cc: Kyle McMartin <kyle@mcmartin.ca>
Subject: [PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash
Date: Tue, 29 Jul 2008 22:31:46 +0200	[thread overview]
Message-ID: <488F7E32.4070204@gmx.de> (raw)
In-Reply-To: <200807201907.59762.deller@gmx.de>

[-- Attachment #1: Type: text/plain, Size: 2180 bytes --]

I narrowed down to the problematic codepath, and I assume the attached 
patch might fix it. Problem is, that I can't test without my testcase 
which is on gsyprf10 (which is unreachable right now), so this patch 
here is currently a RFC...

Helge

Signed-off-by: Helge Deller <deller@gmx.de>


Helge Deller wrote:
> On Sunday 20 July 2008, Helge Deller wrote:
>> While debugging some user-space stuff I just faced this 32bit kernel crash (2.6.26):
>> Maybe someone has an idea?
> 
> This is reproduceable.
> Testcase and docu is here: http://gsyprf10.external.hp.com/~deller/crash.tgz
> 
> Just run:
> LD_LIBRARY_PATH=.  ./a.out
> 
> Output is:
> making contexts
> swapping contexts
> start f2
> &on_stack=0x12d88
> start f1(a0=1,a1=2,a2=3,a3=fffffffc)
> <crash>
> 
> Info:
> - test program is from glibc:
>         glibc-2.7/stdlib/tst-setcontext.c
> - the compiled libc.so.6 includes some changes for *context() functions from me.
> 
>  
>> Kernel Fault: Code=15 regs=5f578640 (Addr=000127ec)
>>
>>      YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
>> PSW: 00000000000001001111110000001111 Not tainted
>> r00-03  0004fc0f 10644f10 1011ee68 5f578288
>> r04-07  00000014 8c1fe860 8c1fe828 8eb7d030
>> r08-11  105ee890 00000040 0001264a 000d3b60
>> r12-15  00000000 000d3b5c 000dde68 000b0000
>> r16-19  8eb7d250 000b0000 ffffffff 000127ec
>> r20-23  ffffe040 00000000 101205d4 00000000
>> r24-27  00012800 101205cc 5f578288 1062ff10
>> r28-31  00000000 000002ee 5f578640 10120630
>> sr00-03  00000000 000013a7 00000000 000013a7
>> sr04-07  00000000 00000000 00000000 00000000
>>
>> IASQ: 00000000 00000000 IAOQ: 1011ed04 1011ed08
>>  IIR: 0e601093    ISR: 00000000  IOR: 000127ec
>>  CPU:        0   CR30: 5f578000 CR31: ffffffff
>>  ORIG_R28: 40400000
>>  IAOQ[0]: unwind_frame_regs+0x214/0x244
>>  IAOQ[1]: unwind_frame_regs+0x218/0x244
>>  RP(r2): unwind_once+0x10/0x48
>> Backtrace:
>>  [<1011ee68>] unwind_once+0x10/0x48
>>  [<10112bbc>] do_show_stack+0x28/0xac
>>  [<10112cd0>] parisc_show_stack+0x90/0xa8
>>  [<10111258>] do_page_fault+0x174/0x294
>>  [<10113824>] handle_interruption+0x570/0x58c
>>  [<10117078>] intr_check_sig+0x0/0x34
>>
>> Kernel panic - not syncing: Kernel Fault

[-- Attachment #2: diff --]
[-- Type: text/plain, Size: 672 bytes --]

diff --git a/arch/parisc/kernel/unwind.c b/arch/parisc/kernel/unwind.c
index 701b2d2..8b4708d 100644
--- a/arch/parisc/kernel/unwind.c
+++ b/arch/parisc/kernel/unwind.c
@@ -341,8 +341,15 @@ static void unwind_frame_regs(struct unwind_frame_info *info)
 			info->prev_sp = info->sp - frame_size;
 			if (e->Millicode)
 				info->rp = info->r31;
-			else if (rpoffset)
-				info->rp = *(unsigned long *)(info->prev_sp - rpoffset);
+			else if (rpoffset) {
+				unsigned long tmp;
+
+				if (get_user(tmp,
+				       (unsigned long *)(info->prev_sp - rpoffset)))
+					info->rp = 0;
+				else
+					info->rp = tmp;
+			}
 			info->prev_ip = info->rp;
 			info->rp = 0;
 		}

next prev parent reply	other threads:[~2008-07-29 20:31 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-07-20 16:46 2.6.26 kernel crash Helge Deller
2008-07-20 17:07 ` Helge Deller
2008-07-20 17:38   ` John David Anglin
2008-07-29 20:31   ` Helge Deller [this message]
2008-08-01 22:15     ` [PATCH] fix unwind crash - was: " Helge Deller
2008-08-03 14:26     ` Randolph Chung
2008-08-06 19:41       ` Kyle McMartin
2008-08-07  1:48         ` Carlos O'Donell
2008-08-08 12:56         ` Carlos O'Donell

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:701b2d2 dfblob:8b4708d )
 OR (
bs:"[PATCH] fix unwind crash - was: Re: 2.6.26 kernel crash" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=488F7E32.4070204@gmx.de \
    --to=deller@gmx.de \
    --cc=kyle@mcmartin.ca \
    --cc=linux-parisc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox