* [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic
@ 2017-07-06 15:26 dsmith at redhat dot com
2017-07-06 20:22 ` [Bug runtime/21726] " mark at klomp dot org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: dsmith at redhat dot com @ 2017-07-06 15:26 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
Bug ID: 21726
Summary: on rawhide, the backtrace.exp test case causes a
kernel panic
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
Assignee: systemtap at sourceware dot org
Reporter: dsmith at redhat dot com
Target Milestone: ---
On rawhide (4.12.0-0.rc7.git2.1.fc27.x86_64), I'm seeing the following kernel
panic when running the backtrace.exp test case:
====
[ 388.153533] BUG: unable to handle kernel paging request at ffffffffc043307e
[ 388.154243] IP: report_bug+0x94/0x120
[ 388.154607] PGD 66e14067
[ 388.154608] P4D 66e14067
[ 388.154866] PUD 66e16067
[ 388.155123] PMD 13425d067
[ 388.155380] PTE 800000010a0c9161
[ 388.155654]
[ 388.156144] Oops: 0003 [#1] SMP
[ 388.156452] Modules linked in:
stap_e826df493357d85b1964bab4f742b8d4_2337(OE) sunrpc ppdev crct10dif_pclmul
crc32_pclmul ghash_clmulni_intel joydev virtio_net virtio_balloon tpm_tis
parport_pc i2c_piix4 tpm_tis_core parport tpm pvpanic xfs libcrc32c
virtio_console virtio_blk crc32c_intel serio_raw virtio_pci virtio_ring
ata_generic virtio pata_acpi
[ 388.159371] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G OE
4.12.0-0.rc7.git2.1.fc27.x86_64 #1
[ 388.160225] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 388.160783] task: ffffffff89e18500 task.stack: ffffffff89e00000
[ 388.161351] RIP: 0010:report_bug+0x94/0x120
[ 388.161761] RSP: 0018:ffff88c6ffc03c00 EFLAGS: 00010002
[ 388.162275] RAX: 0000000000000907 RBX: ffff88c6ffc03d68 RCX:
ffffffffc0433074
[ 388.162954] RDX: 0000000000000001 RSI: 0000000000000047 RDI:
0000000000000001
[ 388.163628] RBP: ffff88c6ffc03c20 R08: 0000006ed270b039 R09:
22bcc9f200000000
[ 388.164301] R10: 0000000000000001 R11: 0000000000000000 R12:
ffffffffc042bc79
[ 388.164986] R13: ffffffffc0432888 R14: 0000000000000004 R15:
ffff88c6ffc03d68
[ 388.165676] FS: 0000000000000000(0000) GS:ffff88c6ffc00000(0000)
knlGS:0000000000000000
[ 388.166448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 388.166995] CR2: ffffffffc043307e CR3: 00000001382bc000 CR4:
00000000001406f0
[ 388.167679] Call Trace:
[ 388.167922] <IRQ>
[ 388.168131] ? _stp_stack_kernel_get.part.39+0x3f9/0x410
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.169023] fixup_bug+0x2e/0x50
[ 388.169339] do_trap+0x119/0x150
[ 388.169657] do_error_trap+0xa3/0x160
[ 388.170023] ? _stp_stack_kernel_get.part.39+0x3f9/0x410
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.170912] ? unwind_frame.constprop.59+0x8c1/0x11b0
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.171766] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 388.172217] do_invalid_op+0x20/0x30
[ 388.172580] invalid_op+0x1e/0x30
[ 388.172904] RIP: 0010:_stp_stack_kernel_get.part.39+0x3f9/0x410
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.173853] RSP: 0018:ffff88c6ffc03e10 EFLAGS: 00010006
[ 388.174360] RAX: 0000000080010002 RBX: ffffffff89e18500 RCX:
ffffffffffffffff
[ 388.175041] RDX: ffffffffc042cda6 RSI: 00007ffffffff000 RDI:
ffff88c6ffc03e70
[ 388.175731] RBP: ffff88c6ffc03e68 R08: 0000000000000007 R09:
0000000000000008
[ 388.176416] R10: ffff88c6ffc03e08 R11: 0000000000000047 R12:
0000000000000000
[ 388.177098] R13: ffffa42380ad5a40 R14: 0000000000000001 R15:
ffffa42380ad5000
[ 388.177780] ? function___global_print_backtrace__overload_0+0xb6/0x1a0
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.178780] function___global_print_backtrace__overload_0+0xb6/0x1a0
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.179781] probe_3649+0xd9/0x150
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.180486] _stp_hrtimer_notify_function+0x284/0x490
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.181336] ? _stp_proc_read_file+0x430/0x430
[stap_e826df493357d85b1964bab4f742b8d4_2337]
[ 388.182142] __hrtimer_run_queues+0xf0/0x4e0
[ 388.182560] hrtimer_interrupt+0xb6/0x210
[ 388.182955] local_apic_timer_interrupt+0x38/0x60
[ 388.183405] smp_apic_timer_interrupt+0x38/0x50
[ 388.183846] apic_timer_interrupt+0x9d/0xb0
[ 388.184250] RIP: 0010:native_safe_halt+0x6/0x10
[ 388.184690] RSP: 0018:ffffffff89e03dd8 EFLAGS: 00000206 ORIG_RAX:
ffffffffffffff10
[ 388.185420] RAX: ffffffff89e18500 RBX: ffffffff89e18500 RCX:
0000000000000000
[ 388.186110] RDX: ffffffff89e18500 RSI: 0000000000000001 RDI:
ffffffff89e18500
[ 388.186795] RBP: ffffffff89e03dd8 R08: 0000000000000001 R09:
0000000000000000
[ 388.187480] R10: 0000000000000000 R11: 0000000000000000 R12:
0000000000000000
[ 388.188168] R13: ffffffff89e18500 R14: 0000000000000000 R15:
0000000000000000
[ 388.188852] </IRQ>
[ 388.189072] ? trace_hardirqs_on+0xd/0x10
[ 388.189463] default_idle+0x25/0x1b0
[ 388.189814] arch_cpu_idle+0xf/0x20
[ 388.190153] default_idle_call+0x23/0x40
[ 388.190536] do_idle+0x175/0x1f0
[ 388.190857] cpu_startup_entry+0x71/0x80
[ 388.191236] rest_init+0x135/0x140
[ 388.191585] start_kernel+0x47f/0x4a0
[ 388.191944] ? early_idt_handler_array+0x120/0x120
[ 388.192401] x86_64_start_reservations+0x29/0x2b
[ 388.192846] x86_64_start_kernel+0x143/0x166
[ 388.193256] secondary_startup_64+0x9f/0x9f
[ 388.193666] Code: 74 59 0f b7 41 0a 4c 63 69 04 0f b7 71 08 89 c7 49 01 cd
83 e7 01 a8 02 74 15 66 85 ff 74 10 a8 04 ba 01 00 00 00 75 26 83 c8 04 <66> 89
41 0a 66 85 ff 74 49 0f b6 49 0b 4c 89 e2 45 31 c9 49 89
[ 388.195491] RIP: report_bug+0x94/0x120 RSP: ffff88c6ffc03c00
[ 388.196028] CR2: ffffffffc043307e
[ 388.196363] ---[ end trace 4a1ee64c6d807fc5 ]---
[ 388.196809] Kernel panic - not syncing: Fatal exception in interrupt
[ 388.198342] stap_e826df493357d85b1964bab4f742b8d4_2337 trace buffer for
processor 0 sub-buffer 0:
[ 388.199221] The following may not have been sent to the display:
[ 388.199805] begin
[ 388.200001] 0xffffffffc042bb4d
[stap_e826df493357d85b1964bab4f742b8d4_2337+0x8b4d/0x0]
[ 388.200759] 0xffffffffc042cda6
[stap_e826df493357d85b1964bab4f742b8d4_2337+0x9da6/0x0]
[ 388.201525] 0xffffffffc042d278
[stap_e826df493357d85b1964bab4f742b8d4_2337+0xa278/0x0]
[ 388.202284] 0xffffffffc042e056
[stap_e826df493357d85b1964bab4f742b8d4_2337+0xb056/0x0]
[ 388.203054] 0xffffffffc042f0b5
[stap_e826df493357d85b1964bab4f742b8d4_2337+0xc0b5/0x0]
[ 388.203822] 0xffffffff893e3998
[ 388.204125] 0x0 (inexact)
[ 388.204401] Kernel Offset: 0x8000000 from 0xffffffff81000000 (relocation
range: 0xffffffff80000000-0xffffffffbfffffff)
[ 388.205428] ---[ end Kernel panic - not syncing: Fatal exception in
interrupt
====
This crash is consistent. I've seen it on real hardware and on a rawhide VM.
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug runtime/21726] on rawhide, the backtrace.exp test case causes a kernel panic
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
@ 2017-07-06 20:22 ` mark at klomp dot org
2017-07-06 20:31 ` mark at klomp dot org
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: mark at klomp dot org @ 2017-07-06 20:22 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mark at klomp dot org
--- Comment #1 from Mark Wielaard <mark at klomp dot org> ---
I could replicate with a simple:
stap -e 'probe timer.ms(100) { log(pp()) print_backtrace() exit() }'
[ 318.801763] unwind_frame:1446
[ 318.801765] returning 0 (0)
[ 318.802409] _stp_stack_unwind_one_kernel:329
[ 318.802411] ret=0 PC=0 SP=ffff8b743fc03e28
[ 318.803271] BUG: unable to handle kernel paging request at ffffffffc0675652
[ 318.803955] IP: report_bug+0x94/0x120
[ 318.804334] PGD bde14067
[ 318.804335] P4D bde14067
[ 318.804606] PUD bde16067
[ 318.804865] PMD 133894067
[ 318.805124] PTE 8000000123b12161
[ 318.805391]
[ 318.805916] Oops: 0003 [#1] SMP
[ 318.806223] Modules linked in: stap_1014(OE) sunrpc crct10dif_pclmul
crc32_pclmul ghash_clmulni_intel ppdev joydev virtio_balloon virtio_net
i2c_piix4 parport_pc pvpanic tpm_tis tpm_tis_core parport tpm xfs libcrc32c
virtio_console virtio_blk crc32c_intel serio_raw virtio_pci virtio_ring
ata_generic virtio pata_acpi
[ 318.808928] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G OE
4.12.0-0.rc7.git2.1.fc27.x86_64 #1
[ 318.809817] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 318.810389] task: ffffffffa8e18500 task.stack: ffffffffa8e00000
[ 318.810970] RIP: 0010:report_bug+0x94/0x120
[ 318.811400] RSP: 0018:ffff8b743fc03c10 EFLAGS: 00010002
[ 318.811934] RAX: 0000000000000907 RBX: ffff8b743fc03d78 RCX:
ffffffffc0675648
[ 318.812616] RDX: 0000000000000001 RSI: 0000000000000047 RDI:
0000000000000001
[ 318.813317] RBP: ffff8b743fc03c30 R08: 0000006b835ef6b3 R09:
22bcc9f200000000
[ 318.814001] R10: 0000000000000001 R11: 0000000000000000 R12:
ffffffffc0669db0
[ 318.814705] R13: ffffffffc0674f90 R14: 0000000000000004 R15:
ffff8b743fc03d78
[ 318.815384] FS: 0000000000000000(0000) GS:ffff8b743fc00000(0000)
knlGS:0000000000000000
[ 318.816140] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 318.816692] CR2: ffffffffc0675652 CR3: 000000011a421000 CR4:
00000000001406f0
[ 318.817371] Call Trace:
[ 318.817616] <IRQ>
[ 318.817845] ? _stp_stack_kernel_get+0x550/0x680 [stap_1014]
[ 318.818389] fixup_bug+0x2e/0x50
[ 318.818712] do_trap+0x119/0x150
[ 318.819029] do_error_trap+0xa3/0x160
[ 318.819419] ? _stp_stack_kernel_get+0x550/0x680 [stap_1014]
[ 318.819971] ? wake_up_klogd+0x3b/0x50
[ 318.820345] ? console_unlock+0x327/0x560
[ 318.820746] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 318.821204] do_invalid_op+0x20/0x30
[ 318.821566] invalid_op+0x1e/0x30
[ 318.821928] RIP: 0010:_stp_stack_kernel_get+0x550/0x680 [stap_1014]
[ 318.822535] RSP: 0018:ffff8b743fc03e28 EFLAGS: 00010006
[ 318.823043] RAX: 0000000080010002 RBX: ffff987640ad5000 RCX:
ffffffffffffffff
[ 318.823734] RDX: 0000000000000000 RSI: 0000000000000000 RDI:
ffff8b743fdce380
[ 318.824457] RBP: ffff8b743fc03e88 R08: 0000000000000001 R09:
0000000000000001
[ 318.825147] R10: ffff8b743fc03e20 R11: 00007ffffffff000 R12:
0000000000000001
[ 318.825832] R13: ffffffffa8e18500 R14: ffffffffa8e18500 R15:
ffffffffa8e18500
[ 318.826537] ? _stp_stack_kernel_get+0x393/0x680 [stap_1014]
[ 318.827080] probe_3643+0x21a/0x2a0 [stap_1014]
[ 318.827526] _stp_hrtimer_notify_function+0x284/0x490 [stap_1014]
[ 318.828109] ? probe_3643+0x2a0/0x2a0 [stap_1014]
[ 318.828566] __hrtimer_run_queues+0xf0/0x4e0
[ 318.828979] hrtimer_interrupt+0xb6/0x210
[ 318.829368] local_apic_timer_interrupt+0x38/0x60
[ 318.829825] smp_apic_timer_interrupt+0x38/0x50
[ 318.830260] apic_timer_interrupt+0x9d/0xb0
[ 318.830671] RIP: 0010:native_safe_halt+0x6/0x10
[ 318.831105] RSP: 0018:ffffffffa8e03dd8 EFLAGS: 00000202 ORIG_RAX:
ffffffffffffff10
[ 318.831840] RAX: ffffffffa8e18500 RBX: ffffffffa8e18500 RCX:
0000000000000000
[ 318.832524] RDX: ffffffffa8e18500 RSI: 0000000000000001 RDI:
ffffffffa8e18500
[ 318.833199] RBP: ffffffffa8e03dd8 R08: 0000000000000001 R09:
0000000000000000
[ 318.833879] R10: 0000000000000000 R11: 0000000000000000 R12:
0000000000000000
[ 318.834611] R13: ffffffffa8e18500 R14: 0000000000000000 R15:
0000000000000000
[ 318.835328] </IRQ>
[ 318.835549] ? trace_hardirqs_on+0xd/0x10
[ 318.835936] default_idle+0x25/0x1b0
[ 318.836284] arch_cpu_idle+0xf/0x20
[ 318.836649] default_idle_call+0x23/0x40
[ 318.837041] do_idle+0x175/0x1f0
[ 318.837345] cpu_startup_entry+0x71/0x80
[ 318.837749] rest_init+0x135/0x140
[ 318.838069] start_kernel+0x47f/0x4a0
[ 318.838419] ? early_idt_handler_array+0x120/0x120
[ 318.838892] x86_64_start_reservations+0x29/0x2b
[ 318.839365] x86_64_start_kernel+0x143/0x166
[ 318.839790] secondary_startup_64+0x9f/0x9f
[ 318.840198] Code: 74 59 0f b7 41 0a 4c 63 69 04 0f b7 71 08 89 c7 49 01 cd
83 e7 01 a8 02 74 15 66 85 ff 74 10 a8 04 ba 01 00 00 00 75 26 83 c8 04 <66> 89
41 0a 66 85 ff 74 49 0f b6 49 0b 4c 89 e2 45 31 c9 49 89
[ 318.842078] RIP: report_bug+0x94/0x120 RSP: ffff8b743fc03c10
[ 318.842650] CR2: ffffffffc0675652
[ 318.842979] ---[ end trace 26b2cf785e6a8968 ]---
[ 318.843481] Kernel panic - not syncing: Fatal exception in interrupt
[ 318.844964] Kernel Offset: 0x27000000 from 0xffffffff81000000 (relocation
range: 0xffffffff80000000-0xffffffffbfffffff)
[ 318.846000] ---[ end Kernel panic - not syncing: Fatal exception in
interrupt
Disassemble around _stp_stack_kernel_get+0x393/0x680:
373 c->uwcache_kernel.depth ++;
0x00000000000049eb <+347>: mov %r8d,0x31c(%rbx)
374 if (pc == 0 || pc == _stp_kretprobe_trampoline) {
0x00000000000049f2 <+354>: je 0x4d69 <_stp_stack_kernel_get+1241>
0x00000000000049f8 <+360>: mov 0x0(%rip),%rax # 0x49ff
<_stp_stack_kernel_get+367>
0x00000000000049ff <+367>: mov -0x48(%rbp),%r11
0x0000000000004a03 <+371>: cmp %r9,%rax
0x0000000000004a06 <+374>: je 0x4d57 <_stp_stack_kernel_get+1223>
368 while (c->uwcache_kernel.depth <= depth) {
0x0000000000004a0c <+380>: cmp %r12d,%r8d
0x0000000000004a0f <+383>: jbe 0x492f <_stp_stack_kernel_get+159>
0x0000000000004a15 <+389>: mov %r9,%r15
378 /* XXX: is there a way to unwind across
kretprobe trampolines? PR9999 */
379 }
380 }
381
382 /* Return the program counter at the current depth. */
383
384 printk(KERN_ERR "%s:%d returning %lx\n", __FUNCTION__,
__LINE__, pc);
0x0000000000004a18 <+392>: mov %r15,%rcx
0x0000000000004a1b <+395>: mov $0x180,%edx
0x0000000000004a20 <+400>: mov $0x0,%rsi
0x0000000000004a27 <+407>: mov $0x0,%rdi
0x0000000000004a2e <+414>: callq 0x4a33 <_stp_stack_kernel_get+419>
385 return pc;
386 }
0x0000000000004a33 <+419>: mov -0x30(%rbp),%rdx
0x0000000000004a37 <+423>: xor %gs:0x28,%rdx
0x0000000000004a40 <+432>: mov %r15,%rax
0x0000000000004a43 <+435>: jne 0x4cb4 <_stp_stack_kernel_get+1060>
0x0000000000004a49 <+441>: lea -0x28(%rbp),%rsp
0x0000000000004a4d <+445>: pop %rbx
0x0000000000004a4e <+446>: pop %r12
0x0000000000004a50 <+448>: pop %r13
0x0000000000004a52 <+450>: pop %r14
0x0000000000004a54 <+452>: pop %r15
0x0000000000004a56 <+454>: pop %rbp
0x0000000000004a57 <+455>: retq
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug runtime/21726] on rawhide, the backtrace.exp test case causes a kernel panic
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
2017-07-06 20:22 ` [Bug runtime/21726] " mark at klomp dot org
@ 2017-07-06 20:31 ` mark at klomp dot org
2017-07-07 15:28 ` mark at klomp dot org
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: mark at klomp dot org @ 2017-07-06 20:31 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
--- Comment #2 from Mark Wielaard <mark at klomp dot org> ---
Disassembly was of the wrong part. It should be around:
[ 318.821928] RIP: 0010:_stp_stack_kernel_get+0x550/0x680 [stap_1014]
364 return 0; /* unwind does not reach this far */
0x0000000000004a8c <+508>: xor %r15d,%r15d
0x0000000000004a8f <+511>: jmp 0x4a33 <_stp_stack_kernel_get+419>
353 printk(KERN_ERR "%s:%d depth >= MAXBACKTRACE, returning
0\n", __FUNCTION__, __LINE__);
0x0000000000004a91 <+513>: mov $0x161,%edx
0x0000000000004a96 <+518>: mov $0x0,%rsi
0x0000000000004a9d <+525>: mov $0x0,%rdi
0x0000000000004aa4 <+532>: callq 0x4aa9 <_stp_stack_kernel_get+537>
354 return 0;
0x0000000000004aa9 <+537>: xor %r15d,%r15d
0x0000000000004aac <+540>: jmp 0x4a33 <_stp_stack_kernel_get+419>
307 regs = c->kregs;
0x0000000000004aae <+542>: mov 0x238(%rbx),%rax
310
311 dbug_unwind(1, "CONTINUING kernel unwind to depth %d\n",
depth);
0x0000000000004ab5 <+549>: mov $0x137,%edx
0x0000000000004aba <+554>: mov $0x0,%rsi
0x0000000000004ac1 <+561>: mov $0x0,%rdi
0x0000000000004ac8 <+568>: mov %r11,-0x50(%rbp)
307 regs = c->kregs;
0x0000000000004acc <+572>: mov %rax,-0x48(%rbp)
308
309 info = &c->uwcontext_kernel.info;
0x0000000000004ad0 <+576>: lea 0xa40(%rbx),%rax
0x0000000000004ad7 <+583>: mov %rax,-0x58(%rbp)
310
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug runtime/21726] on rawhide, the backtrace.exp test case causes a kernel panic
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
2017-07-06 20:22 ` [Bug runtime/21726] " mark at klomp dot org
2017-07-06 20:31 ` mark at klomp dot org
@ 2017-07-07 15:28 ` mark at klomp dot org
2017-07-07 15:36 ` mark at klomp dot org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: mark at klomp dot org @ 2017-07-07 15:28 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
--- Comment #3 from Mark Wielaard <mark at klomp dot org> ---
The actual crash is in:
static int _stp_valid_pc_addr(unsigned long addr, struct task_struct *tsk)
{
/* Just a simple check of whether the the address can be accessed
as a user space address. Zero is always bad. */
/* FIXME for s390x PR13350. */
#if defined (__s390__) || defined (__s390x__)
return addr != 0L;
#else
int ok;
mm_segment_t oldfs = get_fs();
set_fs(USER_DS);
ok = access_ok(VERIFY_READ, (long *) (intptr_t) addr, sizeof(long));
set_fs(oldfs);
return addr != 0L && tsk != NULL ? ok : ! ok;
#endif
}
Changing the first #if 1 || ... so that the check simply becomes teturn addr !=
0L makes the crash go away.
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug runtime/21726] on rawhide, the backtrace.exp test case causes a kernel panic
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
` (2 preceding siblings ...)
2017-07-07 15:28 ` mark at klomp dot org
@ 2017-07-07 15:36 ` mark at klomp dot org
2017-07-14 14:15 ` dsmith at redhat dot com
2017-07-20 14:49 ` dsmith at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: mark at klomp dot org @ 2017-07-07 15:36 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
--- Comment #4 from Mark Wielaard <mark at klomp dot org> ---
It actually seems to be just the access_ok() call. Replacing that with ok = 1
also makes the crash go away.
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug runtime/21726] on rawhide, the backtrace.exp test case causes a kernel panic
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
` (3 preceding siblings ...)
2017-07-07 15:36 ` mark at klomp dot org
@ 2017-07-14 14:15 ` dsmith at redhat dot com
2017-07-20 14:49 ` dsmith at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: dsmith at redhat dot com @ 2017-07-14 14:15 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
--- Comment #5 from David Smith <dsmith at redhat dot com> ---
Commit 109e4e7 adds a workaround that avoids the kernel panic (by not calling
access_ok() in hard IRQ context).
For a longer term fix, we should remove uses of access_ok() in favor of our
uderef() / kderef() macros. There are other access_ok() uses in
runtime/linux/addr-map.c and tapset/linux/nfs.stp. These should all be replaced
if possible.
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug runtime/21726] on rawhide, the backtrace.exp test case causes a kernel panic
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
` (4 preceding siblings ...)
2017-07-14 14:15 ` dsmith at redhat dot com
@ 2017-07-20 14:49 ` dsmith at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: dsmith at redhat dot com @ 2017-07-20 14:49 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=21726
David Smith <dsmith at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from David Smith <dsmith at redhat dot com> ---
Commit f493740 fixes this problem by replacing calls to access_ok() with calls
to systemtap's _stp_lookup_bad_addr() (which actually safely calls access_ok()
when needed).
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2017-07-20 14:49 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-07-06 15:26 [Bug runtime/21726] New: on rawhide, the backtrace.exp test case causes a kernel panic dsmith at redhat dot com
2017-07-06 20:22 ` [Bug runtime/21726] " mark at klomp dot org
2017-07-06 20:31 ` mark at klomp dot org
2017-07-07 15:28 ` mark at klomp dot org
2017-07-07 15:36 ` mark at klomp dot org
2017-07-14 14:15 ` dsmith at redhat dot com
2017-07-20 14:49 ` dsmith at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).