* [Bug runtime/26958] New: kernel crash when staprun ko which build id not matched
@ 2020-11-27 4:08 dinghui at sangfor dot com.cn
2020-11-27 4:10 ` [Bug runtime/26958] " dinghui at sangfor dot com.cn
2020-11-27 18:29 ` fche at redhat dot com
0 siblings, 2 replies; 3+ messages in thread
From: dinghui at sangfor dot com.cn @ 2020-11-27 4:08 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=26958
Bug ID: 26958
Summary: kernel crash when staprun ko which build id not
matched
Product: systemtap
Version: unspecified
Status: UNCONFIRMED
Severity: critical
Priority: P2
Component: runtime
Assignee: systemtap at sourceware dot org
Reporter: dinghui at sangfor dot com.cn
Target Milestone: ---
We build a ko by stap (systemtap-4.3), which build id not matching runtime
kernel
When we staprun the ko, kernel crash
[ 2818.337276] BUG: unable to handle kernel NULL pointer dereference at
00000000000004a8
[ 2818.337566] IP: [<ffffffffa076c68a>]
_stp_build_id_check.constprop.35+0x1ea/0x350 [mem]
[ 2818.337772] PGD 0
[ 2818.337951] Oops: 0000 [#1] SMP
[ 2818.338221] Modules linked in: mem(O) mpt3sas(O) raid_class
scsi_transport_sas iptable_nat nf_nat_ipv4 nf_nat rpcsec_gss_krb5 nfsv4
dns_resolver fuse nfsd auth_rpcgss nfs_acl nfs lockd grace fscache sunrpc
ip6table_filter ip6_tables ib_iser(O) rdma_cm(O) iw_cm(O) ib_cm(O) iscsi_tcp
libiscsi_tcp libiscsi scsi_transport_iscsi vfio_iommu_type1 vfio_pci vfio sw(O)
rte_kni(O) mlx5_ib(O) mlx5_core(O) ib_uverbs(O) ib_core(O) mlx_compat(O)
nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack libcrc32c iptable_filter
ip_tables dm_multipath tipc tun nbd skx_edac edac_core k10temp coretemp bridge
stp llc watch_reboot(O) kvm_intel kvm irqbypass igb(O) i2c_algo_bit ixgbe(O)
dca i40e(O) loop dm_mod sg sd_mod crct10dif_generic crct10dif_pclmul crc_t10dif
crct10dif_common iTCO_wdt
[ 2818.346457] iTCO_vendor_support pcspkr megaraid_sas(O) i2c_i801 ahci
i2c_core libahci lpc_ich shpchp mfd_core libata wmi ipmi_si ipmi_msghandler
acpi_cpufreq acpi_power_meter [last unloaded: hello]
[ 2818.348573] CPU: 11 PID: 202163 Comm: stapio Tainted: G U O
------------ 3.10.0 #1
[ 2818.349029] Hardware name: R-2105, BIOS 4.1.13 08/18/2020
[ 2818.349477] task: ffff88181700f000 ti: ffff88167b6d4000 task.ti:
ffff88167b6d4000
[ 2818.349927] RIP: 0010:[<ffffffffa076c68a>] [<ffffffffa076c68a>]
_stp_build_id_check.constprop.35+0x1ea/0x350 [mem]
[ 2818.350474] RSP: 0018:ffff88167b6d7d38 EFLAGS: 00010202
[ 2818.350748] RAX: ffffffffa0770060 RBX: 0000000000000028 RCX:
0000000000000001
[ 2818.351027] RDX: 0000000000000001 RSI: ffff88167b6d7d67 RDI:
ffff88167b6d7da8
[ 2818.351306] RBP: ffff88167b6d7e18 R08: 000000000000006c R09:
ffffffffa076e1b1
[ 2818.351586] R10: ffffffff818dca31 R11: 0000000000000002 R12:
ffff88167b6d7d66
[ 2818.351865] R13: ffff88167b6d7fd8 R14: 00007ffffffff000 R15:
ffffffff8177b4bc
[ 2818.352146] FS: 00007f046917d720(0000) GS:ffff88183d840000(0000)
knlGS:0000000000000000
[ 2818.352598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2818.352873] CR2: 00000000000004a8 CR3: 00000018184a0000 CR4:
00000000003607e0
[ 2818.353153] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 2818.353432] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 2818.353711] Call Trace:
[ 2818.353978] [<ffffffffa076cc96>] _stp_ctl_write_cmd+0x4a6/0x930 [mem]
[ 2818.354259] [<ffffffff8105131d>] ? native_smp_send_reschedule+0x4d/0x70
[ 2818.354540] [<ffffffff811f3a44>] ? __sb_start_write+0x54/0x110
[ 2818.354817] [<ffffffff811f06f5>] vfs_write+0xc5/0x1f0
[ 2818.355091] [<ffffffff811f0c39>] SyS_write+0x79/0xd0
[ 2818.355368] [<ffffffff8177420f>] system_call_fastpath+0x16/0x1b
[ 2818.355643] Code: 49 83 c7 01 4c 3b bd 38 ff ff ff 75 84 48 8b bd 30 ff ff
ff 4c 89 e6 e8 35 84 c6 e0 89 c2 31 c0 85 d2 74 37 48 8b 85 28 ff ff ff <48> 63
14 25 a8 04 00 00 4d 89 e0 4c 8b 8d 30 ff ff ff 48 8b 8d
[ 2818.361892] RIP [<ffffffffa076c68a>]
_stp_build_id_check.constprop.35+0x1ea/0x350 [mem]
[ 2818.362431] RSP <ffff88167b6d7d38>
[ 2818.362698] CR2: 00000000000004a8
I think the commit e90530877ee2 ("PR25568 / RHBZ1857749: buildid/uprobes/inode
rework, task_finder etc. side") cause the bug
when _stp_build_id_check param tsk is NULL, and call _stp_warn("Build-id
mismatch ..."), tsk->tgid make a NULL pointer dereference
simple patch like this:
diff --git a/runtime/sym.c b/runtime/sym.c
index a51f08c9e..521aebe48 100644
--- a/runtime/sym.c
+++ b/runtime/sym.c
@@ -735,7 +735,7 @@ static int _stp_build_id_check (struct _stp_module *m,
// we make sure below is really a warning.
_stp_warn ("Build-id mismatch [man warning::buildid]: \"%s\" pid %ld
address "
"%#lx, expected %s actual %s\n",
- m->path, (long) tsk->tgid,
+ m->path, (long) (tsk ? tsk->tgid : 0),
notes_addr, hexstring_theory, hexstring_practice);
return 1;
}
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug runtime/26958] kernel crash when staprun ko which build id not matched
2020-11-27 4:08 [Bug runtime/26958] New: kernel crash when staprun ko which build id not matched dinghui at sangfor dot com.cn
@ 2020-11-27 4:10 ` dinghui at sangfor dot com.cn
2020-11-27 18:29 ` fche at redhat dot com
1 sibling, 0 replies; 3+ messages in thread
From: dinghui at sangfor dot com.cn @ 2020-11-27 4:10 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=26958
Ding Hui <dinghui at sangfor dot com.cn> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dinghui at sangfor dot com.cn
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug runtime/26958] kernel crash when staprun ko which build id not matched
2020-11-27 4:08 [Bug runtime/26958] New: kernel crash when staprun ko which build id not matched dinghui at sangfor dot com.cn
2020-11-27 4:10 ` [Bug runtime/26958] " dinghui at sangfor dot com.cn
@ 2020-11-27 18:29 ` fche at redhat dot com
1 sibling, 0 replies; 3+ messages in thread
From: fche at redhat dot com @ 2020-11-27 18:29 UTC (permalink / raw)
To: systemtap
https://sourceware.org/bugzilla/show_bug.cgi?id=26958
Frank Ch. Eigler <fche at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
CC| |fche at redhat dot com
Resolution|--- |FIXED
--- Comment #1 from Frank Ch. Eigler <fche at redhat dot com> ---
Thanks, fix pushed!
--
You are receiving this mail because:
You are the assignee for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-11-27 18:29 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-27 4:08 [Bug runtime/26958] New: kernel crash when staprun ko which build id not matched dinghui at sangfor dot com.cn
2020-11-27 4:10 ` [Bug runtime/26958] " dinghui at sangfor dot com.cn
2020-11-27 18:29 ` fche at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).