From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Wg8BO-0001pK-5t for user-mode-linux-devel@lists.sourceforge.net; Fri, 02 May 2014 07:46:58 +0000 Received: from b.ns.miles-group.at ([95.130.255.144] helo=radon.swed.at) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1Wg8BK-0001cL-WE for user-mode-linux-devel@lists.sourceforge.net; Fri, 02 May 2014 07:46:58 +0000 Message-ID: <53634D64.5060407@nod.at> Date: Fri, 02 May 2014 09:46:44 +0200 From: Richard Weinberger MIME-Version: 1.0 References: <53613E96.2030006@gmx.de> <536221F4.6000405@gmx.de> <53623EFE.3040603@nod.at> <5362651A.1020504@gmx.de> <5362B53E.5060601@nod.at> <5362BDD1.9070105@gmx.de> In-Reply-To: <5362BDD1.9070105@gmx.de> Content-Type: multipart/mixed; boundary="------------070301080600030809040306" List-Id: The user-mode Linux development list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: user-mode-linux-devel-bounces@lists.sourceforge.net Subject: Re: [uml-devel] trinity commit 23dc478aba breaks syscall "mremap" at a 32 bit user mode linux To: =?UTF-8?B?VG9yYWxmIEbDtnJzdGVy?= Cc: UML devel , trinity@vger.kernel.org This is a multi-part message in MIME format. --------------070301080600030809040306 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Am 01.05.2014 23:34, schrieb Toralf Förster: > On 05/01/2014 10:57 PM, Richard Weinberger wrote: >> Toralf, >> >> Yeah, this is because trinity destroys the UML stub code. >> Please test the attached patch, it should fix the root cause of the problem. >> >> Thanks, >> //richard >> > > If I do just apply fix2.patch onto latest git tree v3.15-rc3-113-gba6728f then I do get after a while : > > * Starting sshd ... [ ok ] > * Starting local > net.core.warnings = 0 [ ok ] > Kernel panic - not syncing: do_syscall_stub : PTRACE_SETREGS failed, errno = 3 > > CPU: 0 PID: 1728 Comm: trinity-c0 Not tainted 3.15.0-rc3-00113-gba6728f-dirty #5 > Stack: > BUG: soft lockup - CPU#0 stuck for 22s! [trinity-c0:1728] > > EIP: c500:[<47c6cf00>] CPU: 0 Not tainted EFLAGS: 476af700 > Not tainted > EAX: 47cfc500 EBX: 0a024d00 ECX: 086c75fc EDX: 080fff88 > ESI: 0839f4bc EDI: 47cfc500 EBP: 0839f4bc DS: c500 ES: cd62 > EXT4-fs (ubda): error count: 1 > EXT4-fs (ubda): initial error at 1398962134: ext4_mb_generate_buddy:756 > EXT4-fs (ubda): last error at 1398962134: ext4_mb_generate_buddy:756 > > > which is a big improvement because before it crashes immediately after few seconds. > > After applying both fixes the test case runs w/o a crash till now. Can you please also try fix3 (without fix1/2)? I think I've found the other hidden issue. So far trinity did not crash my kernel... Thanks, //richard --------------070301080600030809040306 Content-Type: text/x-patch; name="fix3.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="fix3.patch" diff --git a/arch/um/kernel/tlb.c b/arch/um/kernel/tlb.c index 9472079..f1b3eb1 100644 --- a/arch/um/kernel/tlb.c +++ b/arch/um/kernel/tlb.c @@ -12,6 +12,7 @@ #include #include #include +#include struct host_vm_change { struct host_vm_op { @@ -124,6 +125,9 @@ static int add_munmap(unsigned long addr, unsigned long len, struct host_vm_op *last; int ret = 0; + if ((addr >= STUB_START) && (addr < STUB_END)) + return -EINVAL; + if (hvc->index != 0) { last = &hvc->ops[hvc->index - 1]; if ((last->type == MUNMAP) && @@ -283,8 +287,11 @@ void fix_range_common(struct mm_struct *mm, unsigned long start_addr, /* This is not an else because ret is modified above */ if (ret) { printk(KERN_ERR "fix_range_common: failed, killing current " - "process\n"); + "process: %d\n", task_tgid_vnr(current)); + /* We are under mmap_sem, release it such that current can terminate */ + up_write(¤t->mm->mmap_sem); force_sig(SIGKILL, current); + do_signal(); } } diff --git a/arch/um/os-Linux/skas/process.c b/arch/um/os-Linux/skas/process.c index d531879..908579f 100644 --- a/arch/um/os-Linux/skas/process.c +++ b/arch/um/os-Linux/skas/process.c @@ -54,7 +54,7 @@ static int ptrace_dump_regs(int pid) void wait_stub_done(int pid) { - int n, status, err, bad_stop = 0; + int n, status, err; while (1) { CATCH_EINTR(n = waitpid(pid, &status, WUNTRACED | __WALL)); @@ -74,8 +74,6 @@ void wait_stub_done(int pid) if (((1 << WSTOPSIG(status)) & STUB_DONE_MASK) != 0) return; - else - bad_stop = 1; bad_wait: err = ptrace_dump_regs(pid); @@ -85,10 +83,7 @@ bad_wait: printk(UM_KERN_ERR "wait_stub_done : failed to wait for SIGTRAP, " "pid = %d, n = %d, errno = %d, status = 0x%x\n", pid, n, errno, status); - if (bad_stop) - kill(pid, SIGKILL); - else - fatal_sigsegv(); + fatal_sigsegv(); } extern unsigned long current_stub_stack(void); --------------070301080600030809040306 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available. Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs --------------070301080600030809040306 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ User-mode-linux-devel mailing list User-mode-linux-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel --------------070301080600030809040306-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Weinberger Subject: Re: [uml-devel] trinity commit 23dc478aba breaks syscall "mremap" at a 32 bit user mode linux Date: Fri, 02 May 2014 09:46:44 +0200 Message-ID: <53634D64.5060407@nod.at> References: <53613E96.2030006@gmx.de> <536221F4.6000405@gmx.de> <53623EFE.3040603@nod.at> <5362651A.1020504@gmx.de> <5362B53E.5060601@nod.at> <5362BDD1.9070105@gmx.de> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------070301080600030809040306" Return-path: In-Reply-To: <5362BDD1.9070105@gmx.de> Sender: trinity-owner@vger.kernel.org List-ID: To: =?UTF-8?B?VG9yYWxmIEbDtnJzdGVy?= Cc: trinity@vger.kernel.org, UML devel This is a multi-part message in MIME format. --------------070301080600030809040306 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Am 01.05.2014 23:34, schrieb Toralf Förster: > On 05/01/2014 10:57 PM, Richard Weinberger wrote: >> Toralf, >> >> Yeah, this is because trinity destroys the UML stub code. >> Please test the attached patch, it should fix the root cause of the problem. >> >> Thanks, >> //richard >> > > If I do just apply fix2.patch onto latest git tree v3.15-rc3-113-gba6728f then I do get after a while : > > * Starting sshd ... [ ok ] > * Starting local > net.core.warnings = 0 [ ok ] > Kernel panic - not syncing: do_syscall_stub : PTRACE_SETREGS failed, errno = 3 > > CPU: 0 PID: 1728 Comm: trinity-c0 Not tainted 3.15.0-rc3-00113-gba6728f-dirty #5 > Stack: > BUG: soft lockup - CPU#0 stuck for 22s! [trinity-c0:1728] > > EIP: c500:[<47c6cf00>] CPU: 0 Not tainted EFLAGS: 476af700 > Not tainted > EAX: 47cfc500 EBX: 0a024d00 ECX: 086c75fc EDX: 080fff88 > ESI: 0839f4bc EDI: 47cfc500 EBP: 0839f4bc DS: c500 ES: cd62 > EXT4-fs (ubda): error count: 1 > EXT4-fs (ubda): initial error at 1398962134: ext4_mb_generate_buddy:756 > EXT4-fs (ubda): last error at 1398962134: ext4_mb_generate_buddy:756 > > > which is a big improvement because before it crashes immediately after few seconds. > > After applying both fixes the test case runs w/o a crash till now. Can you please also try fix3 (without fix1/2)? I think I've found the other hidden issue. So far trinity did not crash my kernel... Thanks, //richard --------------070301080600030809040306 Content-Type: text/x-patch; name="fix3.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="fix3.patch" diff --git a/arch/um/kernel/tlb.c b/arch/um/kernel/tlb.c index 9472079..f1b3eb1 100644 --- a/arch/um/kernel/tlb.c +++ b/arch/um/kernel/tlb.c @@ -12,6 +12,7 @@ #include #include #include +#include struct host_vm_change { struct host_vm_op { @@ -124,6 +125,9 @@ static int add_munmap(unsigned long addr, unsigned long len, struct host_vm_op *last; int ret = 0; + if ((addr >= STUB_START) && (addr < STUB_END)) + return -EINVAL; + if (hvc->index != 0) { last = &hvc->ops[hvc->index - 1]; if ((last->type == MUNMAP) && @@ -283,8 +287,11 @@ void fix_range_common(struct mm_struct *mm, unsigned long start_addr, /* This is not an else because ret is modified above */ if (ret) { printk(KERN_ERR "fix_range_common: failed, killing current " - "process\n"); + "process: %d\n", task_tgid_vnr(current)); + /* We are under mmap_sem, release it such that current can terminate */ + up_write(¤t->mm->mmap_sem); force_sig(SIGKILL, current); + do_signal(); } } diff --git a/arch/um/os-Linux/skas/process.c b/arch/um/os-Linux/skas/process.c index d531879..908579f 100644 --- a/arch/um/os-Linux/skas/process.c +++ b/arch/um/os-Linux/skas/process.c @@ -54,7 +54,7 @@ static int ptrace_dump_regs(int pid) void wait_stub_done(int pid) { - int n, status, err, bad_stop = 0; + int n, status, err; while (1) { CATCH_EINTR(n = waitpid(pid, &status, WUNTRACED | __WALL)); @@ -74,8 +74,6 @@ void wait_stub_done(int pid) if (((1 << WSTOPSIG(status)) & STUB_DONE_MASK) != 0) return; - else - bad_stop = 1; bad_wait: err = ptrace_dump_regs(pid); @@ -85,10 +83,7 @@ bad_wait: printk(UM_KERN_ERR "wait_stub_done : failed to wait for SIGTRAP, " "pid = %d, n = %d, errno = %d, status = 0x%x\n", pid, n, errno, status); - if (bad_stop) - kill(pid, SIGKILL); - else - fatal_sigsegv(); + fatal_sigsegv(); } extern unsigned long current_stub_stack(void); --------------070301080600030809040306--