From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 2EAB1385EC54; Fri, 27 Nov 2020 04:08:32 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2EAB1385EC54 From: "dinghui at sangfor dot com.cn" To: systemtap@sourceware.org Subject: [Bug runtime/26958] New: kernel crash when staprun ko which build id not matched Date: Fri, 27 Nov 2020 04:08:31 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: systemtap X-Bugzilla-Component: runtime X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: critical X-Bugzilla-Who: dinghui at sangfor dot com.cn X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: systemtap at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: systemtap@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Systemtap mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Nov 2020 04:08:32 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D26958 Bug ID: 26958 Summary: kernel crash when staprun ko which build id not matched Product: systemtap Version: unspecified Status: UNCONFIRMED Severity: critical Priority: P2 Component: runtime Assignee: systemtap at sourceware dot org Reporter: dinghui at sangfor dot com.cn Target Milestone: --- We build a ko by stap (systemtap-4.3), which build id not matching runtime kernel When we staprun the ko, kernel crash [ 2818.337276] BUG: unable to handle kernel NULL pointer dereference at 00000000000004a8 [ 2818.337566] IP: [] _stp_build_id_check.constprop.35+0x1ea/0x350 [mem] [ 2818.337772] PGD 0 [ 2818.337951] Oops: 0000 [#1] SMP [ 2818.338221] Modules linked in: mem(O) mpt3sas(O) raid_class scsi_transport_sas iptable_nat nf_nat_ipv4 nf_nat rpcsec_gss_krb5 nfsv4 dns_resolver fuse nfsd auth_rpcgss nfs_acl nfs lockd grace fscache sunrpc ip6table_filter ip6_tables ib_iser(O) rdma_cm(O) iw_cm(O) ib_cm(O) iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi vfio_iommu_type1 vfio_pci vfio s= w(O) rte_kni(O) mlx5_ib(O) mlx5_core(O) ib_uverbs(O) ib_core(O) mlx_compat(O) nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack libcrc32c iptable_fi= lter ip_tables dm_multipath tipc tun nbd skx_edac edac_core k10temp coretemp bri= dge stp llc watch_reboot(O) kvm_intel kvm irqbypass igb(O) i2c_algo_bit ixgbe(O) dca i40e(O) loop dm_mod sg sd_mod crct10dif_generic crct10dif_pclmul crc_t1= 0dif crct10dif_common iTCO_wdt [ 2818.346457] iTCO_vendor_support pcspkr megaraid_sas(O) i2c_i801 ahci i2c_core libahci lpc_ich shpchp mfd_core libata wmi ipmi_si ipmi_msghandler acpi_cpufreq acpi_power_meter [last unloaded: hello] [ 2818.348573] CPU: 11 PID: 202163 Comm: stapio Tainted: G U O=20=20 ------------ 3.10.0 #1 [ 2818.349029] Hardware name: R-2105, BIOS 4.1.13 08/18/2020 [ 2818.349477] task: ffff88181700f000 ti: ffff88167b6d4000 task.ti: ffff88167b6d4000 [ 2818.349927] RIP: 0010:[] [] _stp_build_id_check.constprop.35+0x1ea/0x350 [mem] [ 2818.350474] RSP: 0018:ffff88167b6d7d38 EFLAGS: 00010202 [ 2818.350748] RAX: ffffffffa0770060 RBX: 0000000000000028 RCX: 0000000000000001 [ 2818.351027] RDX: 0000000000000001 RSI: ffff88167b6d7d67 RDI: ffff88167b6d7da8 [ 2818.351306] RBP: ffff88167b6d7e18 R08: 000000000000006c R09: ffffffffa076e1b1 [ 2818.351586] R10: ffffffff818dca31 R11: 0000000000000002 R12: ffff88167b6d7d66 [ 2818.351865] R13: ffff88167b6d7fd8 R14: 00007ffffffff000 R15: ffffffff8177b4bc [ 2818.352146] FS: 00007f046917d720(0000) GS:ffff88183d840000(0000) knlGS:0000000000000000 [ 2818.352598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2818.352873] CR2: 00000000000004a8 CR3: 00000018184a0000 CR4: 00000000003607e0 [ 2818.353153] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2818.353432] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2818.353711] Call Trace: [ 2818.353978] [] _stp_ctl_write_cmd+0x4a6/0x930 [mem] [ 2818.354259] [] ? native_smp_send_reschedule+0x4d/0x70 [ 2818.354540] [] ? __sb_start_write+0x54/0x110 [ 2818.354817] [] vfs_write+0xc5/0x1f0 [ 2818.355091] [] SyS_write+0x79/0xd0 [ 2818.355368] [] system_call_fastpath+0x16/0x1b [ 2818.355643] Code: 49 83 c7 01 4c 3b bd 38 ff ff ff 75 84 48 8b bd 30 ff = ff ff 4c 89 e6 e8 35 84 c6 e0 89 c2 31 c0 85 d2 74 37 48 8b 85 28 ff ff ff <48= > 63 14 25 a8 04 00 00 4d 89 e0 4c 8b 8d 30 ff ff ff 48 8b 8d [ 2818.361892] RIP [] _stp_build_id_check.constprop.35+0x1ea/0x350 [mem] [ 2818.362431] RSP [ 2818.362698] CR2: 00000000000004a8 I think the commit e90530877ee2 ("PR25568 / RHBZ1857749: buildid/uprobes/in= ode rework, task_finder etc. side") cause the bug when _stp_build_id_check param tsk is NULL, and call _stp_warn("Build-id mismatch ..."), tsk->tgid make a NULL pointer dereference simple patch like this: diff --git a/runtime/sym.c b/runtime/sym.c index a51f08c9e..521aebe48 100644 --- a/runtime/sym.c +++ b/runtime/sym.c @@ -735,7 +735,7 @@ static int _stp_build_id_check (struct _stp_module *m, // we make sure below is really a warning. _stp_warn ("Build-id mismatch [man warning::buildid]: \"%s\" pid= %ld address " "%#lx, expected %s actual %s\n", - m->path, (long) tsk->tgid, + m->path, (long) (tsk ? tsk->tgid : 0), notes_addr, hexstring_theory, hexstring_practice); return 1; } --=20 You are receiving this mail because: You are the assignee for the bug.=