Hello Qiwu,
I will be out of the office until Monday September 16th. I'll
review your 2 patches at that time.
Thanks,
Dave
>
> Hi Anderson,
> I want to introduce a patch to your crash tool project. Itâ??s a bugfix
> for a segfault in setup_ikconfig.
> We add an ikconfig entry only if ent[0] != '#', it is not an advisable
> condition because there is a potential segfault risk if ent is gibberish.
> I explain the reproducing steps about this segfault case:
> I try to apply the following patch to crash 7.2.6++ code for a test.
> --- a/arm64.c
> +++ b/arm64.c
> @@ -32,6 +32,7 @@ static int verify_kimage_voffset(void);
> static void arm64_calc_kimage_voffset(void);
> static void arm64_calc_phys_offset(void);
> static void arm64_calc_virtual_memory_ranges(void);
> +static void arm64_get_section_size_bits(void);
> static int arm64_kdump_phys_base(ulong *);
> static ulong arm64_processor_speed(void);
> static void arm64_init_kernel_pgd(void);
> @@ -375,7 +376,11 @@ arm64_init(int when)
>
> case POST_GDB:
> arm64_calc_virtual_memory_ranges();
> - machdep->section_size_bits = _SECTION_SIZE_BITS;
> + arm64_get_section_size_bits();
> + if (CRASHDEBUG(1)) {
> + fprintf(fp, "SECTION_SIZE_BITS: %ld\n",
> machdep->section_size_bits);
> + }
> +
> if (!machdep->max_physmem_bits) {
> if ((string =
> pc->read_vmcoreinfo("NUMBER(MAX_PHYSMEM_BITS)")))
> {
> machdep->max_physmem_bits = atol(string);
> @@ -1055,6 +1060,32 @@ arm64_calc_phys_offset(void)
> fprintf(fp, "using %lx as phys_offset\n",
> ms->phys_offset);
> }
>
> +/*
> + * Determine SECTION_SIZE_BITS either by reading VMCOREINFO or the
> kernel
> + * config, otherwise borrow the 64-bit ARM default definiton.
> + */
> +static void
> +arm64_get_section_size_bits(void)
> +{
> + int ret;
> + char *string;
> +
> + if ((string = pc->read_vmcoreinfo("NUMBER(SECTION_SIZE_BITS)")))
> {
> + machdep->section_size_bits = atol(string);
> + free(string);
> + return;
> + }
> +
> + if ((ret = get_kernel_config("CONFIG_MEMORY_HOTPLUG", NULL)) ==
> IKCONFIG_Y) {
> + if ((ret = get_kernel_config("CONFIG_HOTPLUG_SIZE_BITS",
> &string)) == IKCONFIG_STR) {
> + machdep->section_size_bits = atol(string);
> + free(string);
> + return;
> + }
> + } else {
> + machdep->section_size_bits = _SECTION_SIZE_BITS;
> + }
> +}
>
> Then I make and load the dumpfiles by crash, it occurs a segment fault as
> below:
> crash[31000]: segfault at 0 ip 00007f0fb24d98d1 sp 00007fff1703f7e8 error
> 4 in libc-2.26.so[7f0fb235b000+1d6000]
>
> So I add debug to find out the segfault reason, It occurred in
> setup_ikconfig-> add_ikconfig_entry.
> add_ikconfig_entry: â??â??â??U //The last ent is a
> gibberish, lead to segfault
>
> I think the most advisable judgement is if an ikconfig entry start with
> "CONFIG_". I debug by the following patch and never reproduce segfault
> again.
> diff --git a/kernel.c b/kernel.c
> index 7804aef..d023c87 100644
> --- a/kernel.c
> +++ b/kernel.c
> @@ -10144,7 +10144,7 @@ static int setup_ikconfig(char *config)
> while (whitespace(*ent))
> ent++;
>
> - if (ent[0] != '#') {
> + if (!strncmp(ent, "CONFIG_", strlen("CONFIG_"))) {
> add_ikconfig_entry(ent,
> &ikconfig_all[kt->ikconfig_ents++]);
> if (kt->ikconfig_ents == IKCONFIG_MAX) {
>
> Thanks for your review. Iâ??m looking forward to your favourable reply!
>
> Best regards,
> Qiwu
>
>
>
>
> #/******æ?¬é?®ä»¶å??å?¶é??件å?«æ??å°?ç±³å?¬å?¸ç??ä¿?å¯?ä¿¡æ?¯ï¼?ä»?é??äº?å??é??ç»?ä¸?é?¢å?°å??ä¸å??å?ºç??个人æ??群ç»?ã??ç¦?æ¢ä»»ä½?å?¶ä»?人以任ä½?å½¢å¼?使ç?¨ï¼?å??æ?¬ä½?ä¸?é??äº?å?¨é?¨æ??é?¨å??å?°æ³?é?²ã??å¤?å?¶ã??æ??æ?£å??ï¼?æ?¬é?®ä»¶ä¸ç??ä¿¡æ?¯ã??å¦?æ??æ?¨é??æ?¶äº?æ?¬é?®ä»¶ï¼?请æ?¨ç«?å?³ç?µè¯?æ??é?®ä»¶é??ç?¥å??件人并å? é?¤æ?¬é?®ä»¶ï¼?
> This e-mail and its attachments contain confidential information from
> XIAOMI, which is intended only for the person or entity whose address is
> listed above. Any use of the information contained herein in any way
> (including, but not limited to, total or partial disclosure, reproduction,
> or dissemination) by persons other than the intended recipient(s) is
> prohibited. If you receive this e-mail in error, please notify the sender
> by phone or email immediately and delete it!******/#
> --
> Crash-utility mailing list
> Crash-utility@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/crash-utility
--
Crash-utility mailing list
Crash-utility@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/crash-utility
