From: Jisheng Zhang <jszhang3@mail.ustc.edu.cn> To: tongtiangen <tongtiangen@huawei.com> Cc: Andreas Schwab <schwab@linux-m68k.org>, Atish Patra <atishp@atishpatra.org>, Palmer Dabbelt <palmer@dabbelt.com>, Paul Walmsley <paul.walmsley@sifive.com>, Albert Ou <aou@eecs.berkeley.edu>, linux-riscv <linux-riscv@lists.infradead.org>, "linux-kernel@vger.kernel.org List" <linux-kernel@vger.kernel.org> Subject: Re: [PATCH -next v2] riscv: add VMAP_STACK overflow detection Date: Fri, 23 Jul 2021 12:40:25 +0800 [thread overview] Message-ID: <20210723124025.669cb4ec@xhacker> (raw) In-Reply-To: <20210723122925.67a14562@xhacker> On Fri, 23 Jul 2021 12:29:25 +0800 Jisheng Zhang <jszhang3@mail.ustc.edu.cn> wrote: > On Fri, 23 Jul 2021 09:36:47 +0800 > tongtiangen <tongtiangen@huawei.com> wrote: > > > On 2021/7/23 7:54, Jisheng Zhang wrote: > > > On Thu, 22 Jul 2021 17:42:52 +0200 > > > Andreas Schwab <schwab@linux-m68k.org> wrote: > > > > > >> On Jul 22 2021, Jisheng Zhang wrote: > > >> > > >>> I think we need to pin the stack before calling get_wchan(), could you please > > >>> try below patch? > > >> > > >> Thanks, this fixes the crash for me. > > >> > > >> Andreas. > > >> > > > > > > Thanks for testing. I will send out formal patch later > > > > > > Thanks > > > > > > . > > > > > > > Hi all: > > I tried to reproduced this crash in openSUSE code repo( > > https://github.com/opensuse/kernel ), but not reproduced successfully. > > > > From the patch of problem repair, the crash is due to task->stack is > > released before calling get_wchan, the task state of maybe TASK_DEAD. > > > > VMAP_STACK is used to detect kernel stack overflow, there is no > > connection between the two, it makes me a little confused. > > I believe the bug exists from the first day of riscv mainlined. > > Since THREAD_INFO_IN_TASK=y in riscv, so when task stack can be freed > before being destroyed. typo: task stack can be freed before task is destroyed > > When VMAP_STACK=n, task's stack is allocated from linear mapping. When > task stack is freed, the corresponding mapping still exists, and since > get_wchan() only read, no harm is observed so far. > > When VMAP_STACK=y, task's stack is allocated from vmalloc area. When > task stack is freed, the corresponding mapping may not exist, so I expect > MMU fault here, thus the kernel panic. > > In summary, the bug isn't related with VMAP_STACK, but VMAP_STACK makes > the bug observable. > > Thanks > > > > _______________________________________________ > linux-riscv mailing list > linux-riscv@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-riscv
WARNING: multiple messages have this Message-ID (diff)
From: Jisheng Zhang <jszhang3@mail.ustc.edu.cn> To: tongtiangen <tongtiangen@huawei.com> Cc: Andreas Schwab <schwab@linux-m68k.org>, Atish Patra <atishp@atishpatra.org>, Palmer Dabbelt <palmer@dabbelt.com>, Paul Walmsley <paul.walmsley@sifive.com>, Albert Ou <aou@eecs.berkeley.edu>, linux-riscv <linux-riscv@lists.infradead.org>, "linux-kernel@vger.kernel.org List" <linux-kernel@vger.kernel.org> Subject: Re: [PATCH -next v2] riscv: add VMAP_STACK overflow detection Date: Fri, 23 Jul 2021 12:40:25 +0800 [thread overview] Message-ID: <20210723124025.669cb4ec@xhacker> (raw) In-Reply-To: <20210723122925.67a14562@xhacker> On Fri, 23 Jul 2021 12:29:25 +0800 Jisheng Zhang <jszhang3@mail.ustc.edu.cn> wrote: > On Fri, 23 Jul 2021 09:36:47 +0800 > tongtiangen <tongtiangen@huawei.com> wrote: > > > On 2021/7/23 7:54, Jisheng Zhang wrote: > > > On Thu, 22 Jul 2021 17:42:52 +0200 > > > Andreas Schwab <schwab@linux-m68k.org> wrote: > > > > > >> On Jul 22 2021, Jisheng Zhang wrote: > > >> > > >>> I think we need to pin the stack before calling get_wchan(), could you please > > >>> try below patch? > > >> > > >> Thanks, this fixes the crash for me. > > >> > > >> Andreas. > > >> > > > > > > Thanks for testing. I will send out formal patch later > > > > > > Thanks > > > > > > . > > > > > > > Hi all: > > I tried to reproduced this crash in openSUSE code repo( > > https://github.com/opensuse/kernel ), but not reproduced successfully. > > > > From the patch of problem repair, the crash is due to task->stack is > > released before calling get_wchan, the task state of maybe TASK_DEAD. > > > > VMAP_STACK is used to detect kernel stack overflow, there is no > > connection between the two, it makes me a little confused. > > I believe the bug exists from the first day of riscv mainlined. > > Since THREAD_INFO_IN_TASK=y in riscv, so when task stack can be freed > before being destroyed. typo: task stack can be freed before task is destroyed > > When VMAP_STACK=n, task's stack is allocated from linear mapping. When > task stack is freed, the corresponding mapping still exists, and since > get_wchan() only read, no harm is observed so far. > > When VMAP_STACK=y, task's stack is allocated from vmalloc area. When > task stack is freed, the corresponding mapping may not exist, so I expect > MMU fault here, thus the kernel panic. > > In summary, the bug isn't related with VMAP_STACK, but VMAP_STACK makes > the bug observable. > > Thanks > > > > _______________________________________________ > linux-riscv mailing list > linux-riscv@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-riscv _______________________________________________ linux-riscv mailing list linux-riscv@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2021-07-23 4:47 UTC|newest] Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-06-21 3:28 [PATCH -next v2] riscv: add VMAP_STACK overflow detection Tong Tiangen 2021-06-21 3:28 ` Tong Tiangen 2021-07-06 20:24 ` Palmer Dabbelt 2021-07-06 20:24 ` Palmer Dabbelt 2021-07-15 16:22 ` Andreas Schwab 2021-07-15 16:22 ` Andreas Schwab 2021-07-16 12:53 ` Jisheng Zhang 2021-07-16 12:53 ` Jisheng Zhang 2021-07-16 15:53 ` Andreas Schwab 2021-07-16 15:53 ` Andreas Schwab 2021-07-17 2:18 ` Jisheng Zhang 2021-07-17 2:18 ` Jisheng Zhang 2021-07-17 6:55 ` Andreas Schwab 2021-07-17 6:55 ` Andreas Schwab 2021-07-19 3:27 ` tongtiangen 2021-07-19 3:27 ` tongtiangen 2021-07-19 7:23 ` Andreas Schwab 2021-07-19 7:23 ` Andreas Schwab 2021-07-22 6:12 ` Palmer Dabbelt 2021-07-22 6:12 ` Palmer Dabbelt 2021-07-22 8:35 ` Atish Patra 2021-07-22 8:35 ` Atish Patra 2021-07-22 13:37 ` Jisheng Zhang 2021-07-22 13:37 ` Jisheng Zhang 2021-07-22 14:24 ` Jisheng Zhang 2021-07-22 14:24 ` Jisheng Zhang 2021-07-22 15:42 ` Andreas Schwab 2021-07-22 15:42 ` Andreas Schwab 2021-07-22 23:54 ` Jisheng Zhang 2021-07-22 23:54 ` Jisheng Zhang 2021-07-23 1:36 ` tongtiangen 2021-07-23 1:36 ` tongtiangen 2021-07-23 4:29 ` Jisheng Zhang 2021-07-23 4:29 ` Jisheng Zhang 2021-07-23 4:40 ` Jisheng Zhang [this message] 2021-07-23 4:40 ` Jisheng Zhang 2021-07-23 6:49 ` tongtiangen 2021-07-22 9:02 ` Andreas Schwab 2021-07-22 9:02 ` Andreas Schwab
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210723124025.669cb4ec@xhacker \ --to=jszhang3@mail.ustc.edu.cn \ --cc=aou@eecs.berkeley.edu \ --cc=atishp@atishpatra.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-riscv@lists.infradead.org \ --cc=palmer@dabbelt.com \ --cc=paul.walmsley@sifive.com \ --cc=schwab@linux-m68k.org \ --cc=tongtiangen@huawei.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.