The issue was caused by not setting irq_stack_size correctly, and this
patch will fix the issue by two ways:
1. if CONFIG_IKCONFIG is set, calculate the irq_stack_size according to
kernel source code
2. if CONFIG_IKCONFIG is not set, get THREAD_SHIFT value by disassembling
the tbnz instruction to calculate the irq_stack_size
Signed-off-by: Yeping.Zheng <yeping.zheng@xxxxxxx>
---
arm64.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 84 insertions(+), 2 deletions(-)
diff --git a/arm64.c b/arm64.c
index b3040d7..8347ba1 100644
--- a/arm64.c
+++ b/arm64.c
@@ -93,6 +93,7 @@ static void arm64_calc_VA_BITS(void);
static int arm64_is_uvaddr(ulong, struct task_context *);
static void arm64_calc_KERNELPACMASK(void);
static int arm64_get_vmcoreinfo(unsigned long *vaddr, const char *label,
int base);
+static ulong arm64_set_irq_stack_size(struct machine_specific *ms);
struct kernel_range {
unsigned long modules_vaddr, modules_end;
@@ -2223,8 +2224,10 @@ arm64_irq_stack_init(void)
if (MEMBER_EXISTS("thread_union", "stack")) {
if ((sz =3D MEMBER_SIZE("thread_union", "stack")) > 0)
ms->irq_stack_size =3D sz;
- } else
- ms->irq_stack_size =3D ARM64_IRQ_STACK_SIZE;
+ } else {
+ ulong res =3D arm64_set_irq_stack_size(ms);
+ ms->irq_stack_size =3D (res > 0) ? res : ARM64_IRQ_STACK_SIZE;
+ }
machdep->flags |=3D IRQ_STACKS;
@@ -4921,6 +4924,85 @@ static void arm64_calc_KERNELPACMASK(void)
}
}
+static ulong arm64_set_irq_stack_size(struct machine_specific *ms)
+{
+ char *string;
+ int ret;
+ int kasan_thread_shift =3D 0;
+ int min_thread_shift;
+ ulong arm64_page_shift;
+ ulong thread_shift =3D 0;
+ ulong thread_size;
+ struct syment *sp;
+ const char* tbnz_str =3D "tbnz";
+
+ if (kt->ikconfig_flags & IKCONFIG_AVAIL) {
+ if ((ret =3D get_kernel_config("CONFIG_KASAN_GENERIC", NULL) =3D=3D IKCON=
FIG_Y)
||
+ (ret =3D get_kernel_config("CONFIG_KASAN_SW_TAGS", NULL) =3D=3D IKCONFIG_=
Y)) {
+ kasan_thread_shift =3D 1;
+ }
+ min_thread_shift =3D 14 + kasan_thread_shift;
+
+ if ((ret =3D get_kernel_config("CONFIG_VMAP_STACK", NULL)) =3D=3D IKCONFI=
G_Y){
+ if ((ret =3D get_kernel_config("CONFIG_ARM64_PAGE_SHIFT", &string)) =3D=
=3D
IKCONFIG_STR){
+ arm64_page_shift =3D atol(string);
+ }
+ if (min_thread_shift < arm64_page_shift){
+ thread_shift =3D arm64_page_shift;
+ } else {
+ thread_shift =3D min_thread_shift;
+ }
+ }
+ } else {
+
+ if (!(sp =3D symbol_search("vectors"))) {
+ return -1;
+ }
+
+ const char* tbnz_str =3D "tbnz";
+ struct gnu_request *req;
+ req =3D (struct gnu_request *)GETBUF(sizeof(struct gnu_request));
+ req->command =3D GNU_PASS_THROUGH;
+ req->buf =3D GETBUF(BUFSIZE);
+ strcat(req->buf, "x/1024i ");
+
+ char tmp[100];
+ sprintf(tmp, "0x%lx", sp->value);
+ strcat(req->buf, tmp);
+ req->flags =3D (GNU_RETURN_ON_ERROR);
+ open_tmpfile();
+ req->fp =3D pc->tmpfile;
+ gdb_interface(req);
+
+
+ rewind(pc->tmpfile);
+ char line[BUFSIZE];
+ while (fgets(line, BUFSIZE, pc->tmpfile) !=3D NULL) {
+ // printf("the buffer is not null\n");
+ char* tbnz_pos =3D strstr(line, tbnz_str);
+ if (tbnz_pos !=3D NULL) {
+ char* thread_shift_pos =3D strstr(tbnz_pos, "#");
+ if (sscanf(thread_shift_pos + 1, "%ld", &thread_shift) =3D=3D 1) {
+ if (CRASHDEBUG(1)){
+ error(INFO, "Detect thread shift via tbnz %ld\n", thread_shift);
+ }
+ break;
+ }
+ }
+ }
+ close_tmpfile();
+ FREEBUF(req->buf);
+ FREEBUF(req);
+ }
+
+ if (thread_shift =3D=3D 0) {
+ return -1;
+ }
+
+ thread_size =3D ((1UL) << thread_shift);
+ return thread_size;
+}
+
#endif /* ARM64 */
--=20
2.25.1
Tao Liu <ltao@xxxxxxxxxx> =E4=BA=8E2024=E5=B9=B47=E6=9C=8816=E6=97=A5=E5=91=
=A8=E4=BA=8C 16:22=E5=86=99=E9=81=93=EF=BC=9A
> Hi Yeping,
>
> Thanks for the fix.
>
> On Thu, Jul 11, 2024 at 1:38=E2=80=AFPM <wonderzyp@xxxxxxxxx> wrote:
> >
> > When using the crash tool to parse the ARM64 dump file with KASAN
> enabled, I found that using the bt -a command will cause this tool to
> crash, the following is the backtrace infomation.
> >
> > (gdb) bt
> > #0 0x00005635ac2b166b in arm64_unwind_frame (frame=3D0x7ffdaf35cb70,
> bt=3D0x7ffdaf35d430)
> > at arm64.c:2821
> > #1 arm64_back_trace_cmd (bt=3D0x7ffdaf35d430) at arm64.c:3306
> > #2 0x00005635ac27b108 in back_trace (bt=3Dbt@entry=3D0x7ffdaf35d430) a=
t
> kernel.c:3239
> > #3 0x00005635ac2880ae in cmd_bt () at kernel.c:2863
> > #4 0x00005635ac1f16dc in exec_command () at main.c:893
> > #5 0x00005635ac1f192a in main_loop () at main.c:840
> > #6 0x00005635ac50df81 in captured_main (data=3D<optimized out>) at
> main.c:1284
> > #7 gdb_main (args=3D<optimized out>) at main.c:1313
> > #8 0x00005635ac50e000 in gdb_main_entry (argc=3D<optimized out>,
> argv=3D<optimized out>)
> > at main.c:1338
> > #9 0x00005635ac1ea2a5 in main (argc=3D5, argv=3D0x7ffdaf35dde8) at
> main.c:721
> > Eventually, I found that it was may caused by not setting irq_stack_siz=
e
> properly, and provide this patch to solve it.
> >
>
> Could you please re-draft your commit message? The original one looks
> informal. E.g:
>
> A segfault issue was observed on KASAN enabled arm64 kernel due to the
> incorrect irq_stack_size, see the following stack trace:
> ...
> The issue was caused by ...., and this patch will fix the issue by ....
>
> >
> > From 34b28aa8c11e77d20adec4f7705a14d239c8a55f Mon Sep 17 00:00:00 2001
> > From: wonderzyp <wonderzyp@xxxxxx>
> > Date: Mon, 8 Jul 2024 20:11:38 +0800
> > Subject: [PATCH 1131/1131] set_arm64_irq_stack_size
> >
> > Signed-off-by: Yeping Zheng <wonderzyp@xxxxxxxxx>
> > ---
> > arm64.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++--
> > 1 file changed, 47 insertions(+), 2 deletions(-)
> >
> > diff --git a/arm64.c b/arm64.c
> > index b3040d7..39d891b 100644
> > --- a/arm64.c
> > +++ b/arm64.c
> > @@ -93,6 +93,7 @@ static void arm64_calc_VA_BITS(void);
> > static int arm64_is_uvaddr(ulong, struct task_context *);
> > static void arm64_calc_KERNELPACMASK(void);
> > static int arm64_get_vmcoreinfo(unsigned long *vaddr, const char
> *label, int base);
> > +static ulong arm64_set_irq_stack_size(struct machine_specific *ms);
> >
> > struct kernel_range {
> > unsigned long modules_vaddr, modules_end;
> > @@ -2223,8 +2224,14 @@ arm64_irq_stack_init(void)
> > if (MEMBER_EXISTS("thread_union", "stack")) {
> > if ((sz =3D MEMBER_SIZE("thread_union", "stack"=
))
> > 0)
> > ms->irq_stack_size =3D sz;
> > - } else
> > - ms->irq_stack_size =3D ARM64_IRQ_STACK_SIZE;
> > + } else {
> > + ulong res =3D arm64_set_irq_stack_size(ms);
> > + if (res > 0){
> > + ms->irq_stack_size =3D res;
> > + } else {
> > + ms->irq_stack_size =3D
> ARM64_IRQ_STACK_SIZE;
> > + }
> > + }
> >
> > machdep->flags |=3D IRQ_STACKS;
> >
> > @@ -4921,6 +4928,44 @@ static void arm64_calc_KERNELPACMASK(void)
> > }
> > }
> >
> > +static ulong arm64_set_irq_stack_size(struct machine_specific *ms)
> > +{
> > + char *string;
> > + int ret;
> > + int KASAN_THREAD_SHIFT =3D 0;
> > + int MIN_THREAD_SHIFT;
> > + ulong ARM64_PAGE_SHIFT;
> > + ulong THREAD_SHIFT =3D 0;
> > + ulong THREAD_SIZE;
>
> I guess the upper case of variable names is not encouraged, though it
> is the variable that comes from kernel config file.
>
> > + if (kt->ikconfig_flags & IKCONFIG_AVAIL) {
> > + if ((ret =3D get_kernel_config("CONFIG_KASAN_GENERIC",
> NULL) =3D=3D IKCONFIG_Y) ||
> > + (ret =3D get_kernel_config("CONFIG_KASAN_SW_TAG=
S",
> NULL) =3D=3D IKCONFIG_Y)) {
> > + KASAN_THREAD_SHIFT =3D 1;
> > + }
> > + }
> > + MIN_THREAD_SHIFT =3D 14 + KASAN_THREAD_SHIFT;
> > +
> > + if (kt->ikconfig_flags & IKCONFIG_AVAIL) {
>
> Could the if condition be merged with the prior one?
>
> > + if ((ret =3D get_kernel_config("CONFIG_VMAP_STACK", NUL=
L))
> =3D=3D IKCONFIG_Y){
> > + if ((ret =3D
> get_kernel_config("CONFIG_ARM64_PAGE_SHIFT", &string)) =3D=3D IKCONFIG_ST=
R){
> > + ARM64_PAGE_SHIFT =3D atol(string);
> > + }
> > + if (MIN_THREAD_SHIFT < ARM64_PAGE_SHIFT){
> > + THREAD_SHIFT =3D ARM64_PAGE_SHIFT;
> > + } else {
> > + THREAD_SHIFT =3D MIN_THREAD_SHIFT;
> > + }
> > + }
> > + }
> > +
> > + if (THREAD_SHIFT =3D=3D 0) {
> > + return -1;
> > + }
> > +
> > + THREAD_SIZE =3D ((1UL) << THREAD_SHIFT);
> > + return THREAD_SIZE;
> > +}
>
> I'm OK with the approach above, since it directly came from the kernel
> source. However I'm not a fan of checking kernel configs, there might
> be kernels which are compiled without CONFIG_IKCONFIG.
>
> Could we add an approach here, to get the value from disassembly when
> CONFIG_IKCONFIG is negative?
>
> kernel source: arch/arm64/kernel/entry.S:
>
> .macro kernel_ventry, el:req, ht:req, regsize:req, label:req
> ....
> add sp, sp, x0 // sp' =3D sp + x0
> sub x0, sp, x0 // x0' =3D sp' - x0 =3D (sp + x0) - x0 =3D sp
> tbnz x0, #THREAD_SHIFT, 0f <<<<<<<<
>
> $ objdump -d vmlinux
> ...
> ffff800080010800 <vectors>:
> ffff800080010800: d10543ff sub sp, sp, #0x150
> ffff800080010804: 8b2063ff add sp, sp, x0
> ffff800080010808: cb2063e0 sub x0, sp, x0
> ffff80008001080c: 37800080 tbnz w0, #16,
> ffff80008001081c <vectors+0x1c> <<<<<<<<<<
>
> It is easy to get the THREAD_SHIFT value by disassembling the tbnz
> instruction. What do you think @Lianbo Jiang
>
> Thanks,
> Tao Liu
>
> > +
> > #endif /* ARM64 */
> >
> >
> > --
> > 2.25.1
> > --
> > Crash-utility mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxxxxxx
> > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxxxxxx
> > https://${domain_name}/admin/lists/devel.lists.crash-utility.osci.io/
> > Contribution Guidelines: https://github.com/crash-utility/crash/wiki
>
>
--0000000000009ba666061d6a913e
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Hi Tao,<div>=C2=A0 Thank you for your suggestions for patc=
h.=C2=A0I followed your suggestion and provided a new patch. Please help to=
review it, thanks.</div><div><br></div><div>From 831701099a7097662ddec9de4=
64131ad50c7134b Mon Sep 17 00:00:00 2001<br>From: wonderzyp <<a href=3D"=
mailto:wonderzyp@xxxxxx";>wonderzyp@xxxxxx</a>><br>Date: Wed, 17 Jul 2024=
11:02:06 +0800<br>Subject: [PATCH] A segfault issue was observed on KASAN =
enabled arm64 kernel<br>=C2=A0due to the incorrect irq_stack_size, see the =
following stack trace: > (gdb)<br>=C2=A0bt > #0 =C2=A00x00005635ac2b1=
66b in arm64_unwind_frame (frame=3D0x7ffdaf35cb70,<br>=C2=A0bt=3D0x7ffdaf35=
d430) > =C2=A0 =C2=A0 at arm64.c:2821 > #1 =C2=A0arm64_back_trace_cmd=
<br>=C2=A0(bt=3D0x7ffdaf35d430) at arm64.c:3306 > #2 =C2=A00x00005635ac2=
7b108 in back_trace<br>=C2=A0(bt=3Dbt@entry=3D0x7ffdaf35d430) at kernel.c:3=
239 > #3 =C2=A00x00005635ac2880ae in<br>=C2=A0cmd_bt () at kernel.c:2863=
> #4 =C2=A00x00005635ac1f16dc in exec_command () at<br>=C2=A0main.c:893=
> #5 =C2=A00x00005635ac1f192a in main_loop () at main.c:840 > #6 <br=
>=C2=A00x00005635ac50df81 in captured_main (data=3D<optimized out>) a=
t main.c:1284 ><br>=C2=A0#7 =C2=A0gdb_main (args=3D<optimized out>=
) at main.c:1313 > #8 =C2=A00x00005635ac50e000<br>=C2=A0in gdb_main_entr=
y (argc=3D<optimized out>, argv=3D<optimized out>) > =C2=A0 =
=C2=A0 at<br>=C2=A0main.c:1338 > #9 =C2=A00x00005635ac1ea2a5 in main (ar=
gc=3D5, argv=3D0x7ffdaf35dde8) at<br>=C2=A0main.c:721<br><br>The issue was =
caused by not setting irq_stack_size correctly, and this patch will fix the=
issue by two ways:<br>1. if CONFIG_IKCONFIG is set, calculate the irq_stac=
k_size according to kernel source code<br>2. if CONFIG_IKCONFIG is not set,=
get THREAD_SHIFT value by disassembling the tbnz instruction to calculate =
the irq_stack_size<br><br>Signed-off-by: Yeping.Zheng <<a href=3D"mailto=
:yeping.zheng@xxxxxxx">yeping.zheng@xxxxxxx</a>><br>---<br>=C2=A0arm64.c=
| 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--<br>=C2=A01 =
file changed, 84 insertions(+), 2 deletions(-)<br><br>diff --git a/arm64.c =
b/arm64.c<br>index b3040d7..8347ba1 100644<br>--- a/arm64.c<br>+++ b/arm64.=
c<br>@@ -93,6 +93,7 @@ static void arm64_calc_VA_BITS(void);<br>=C2=A0stati=
c int arm64_is_uvaddr(ulong, struct task_context *);<br>=C2=A0static void a=
rm64_calc_KERNELPACMASK(void);<br>=C2=A0static int arm64_get_vmcoreinfo(uns=
igned long *vaddr, const char *label, int base);<br>+static ulong arm64_set=
_irq_stack_size(struct machine_specific *ms);<br>=C2=A0<br>=C2=A0struct ker=
nel_range {<br>=C2=A0 unsigned long modules_vaddr, modules_end;<br>@@ -2223=
,8 +2224,10 @@ arm64_irq_stack_init(void)<br>=C2=A0 if (MEMBER_EXISTS(&quo=
t;thread_union", "stack")) { <br>=C2=A0 if ((sz =3D MEMBER=
_SIZE("thread_union", "stack")) > 0)<br>=C2=A0 ms=
->irq_stack_size =3D sz;<br>- } else<br>- ms->irq_stack_size =3D A=
RM64_IRQ_STACK_SIZE;<br>+ } else {<br>+ ulong res =3D arm64_set_irq_stac=
k_size(ms);<br>+ ms->irq_stack_size =3D (res > 0) ? res : ARM64_IRQ=
_STACK_SIZE;<br>+ }<br>=C2=A0<br>=C2=A0 machdep->flags |=3D IRQ_STACKS=
;<br>=C2=A0<br>@@ -4921,6 +4924,85 @@ static void arm64_calc_KERNELPACMASK(=
void)<br>=C2=A0 }<br>=C2=A0}<br>=C2=A0<br>+static ulong arm64_set_irq_stack=
_size(struct machine_specific *ms)<br>+{<br>+ char *string;<br>+ int ret;<b=
r>+ int kasan_thread_shift =3D 0;<br>+ int min_thread_shift;<br>+ ulong arm=
64_page_shift;<br>+ ulong thread_shift =3D 0;<br>+ ulong thread_size;<br>+ =
struct syment *sp;<br>+ const char* tbnz_str =3D "tbnz";<br>+ <br=
>+ if (kt->ikconfig_flags & IKCONFIG_AVAIL) {<br>+ if ((ret =3D get=
_kernel_config("CONFIG_KASAN_GENERIC", NULL) =3D=3D IKCONFIG_Y) |=
|<br>+ (ret =3D get_kernel_config("CONFIG_KASAN_SW_TAGS", NULL)=
=3D=3D IKCONFIG_Y)) {<br>+ kasan_thread_shift =3D 1;<br>+ }<br>+ min=
_thread_shift =3D 14 + kasan_thread_shift;<br>+<br>+ if ((ret =3D get_kern=
el_config("CONFIG_VMAP_STACK", NULL)) =3D=3D IKCONFIG_Y){<br>+ =
if ((ret =3D get_kernel_config("CONFIG_ARM64_PAGE_SHIFT", &st=
ring)) =3D=3D IKCONFIG_STR){<br>+ arm64_page_shift =3D atol(string);<br>=
+ }<br>+ if (min_thread_shift < arm64_page_shift){<br>+ thread_sh=
ift =3D arm64_page_shift;<br>+ } else {<br>+ thread_shift =3D min_thre=
ad_shift;<br>+ }<br>+ } <br>+ } else {<br>+<br>+ if (!(sp =3D symbol_se=
arch("vectors"))) {<br>+ return -1;<br>+ }<br>+<br>+ const ch=
ar* tbnz_str =3D "tbnz";<br>+ struct gnu_request *req;<br>+ req=
=3D (struct gnu_request *)GETBUF(sizeof(struct gnu_request));<br>+ req-&g=
t;command =3D GNU_PASS_THROUGH;<br>+ req->buf =3D GETBUF(BUFSIZE);<br>+=
strcat(req->buf, "x/1024i ");<br>+<br>+ char tmp[100];<br>+=
sprintf(tmp, "0x%lx", sp->value);<br>+ strcat(req->buf, =
tmp);<br>+ req->flags =3D (GNU_RETURN_ON_ERROR);<br>+ open_tmpfile();<=
br>+ req->fp =3D pc->tmpfile;<br>+ gdb_interface(req);<br>+<br>+<br=
>+ rewind(pc->tmpfile);<br>+ char line[BUFSIZE];<br>+ while (fgets(li=
ne, BUFSIZE, pc->tmpfile) !=3D NULL) {<br>+ // printf("the buffer=
is not null\n");<br>+ char* tbnz_pos =3D strstr(line, tbnz_str);<br=
>+ if (tbnz_pos !=3D NULL) {<br>+ char* thread_shift_pos =3D strstr(tb=
nz_pos, "#");<br>+ if (sscanf(thread_shift_pos + 1, "%ld&=
quot;, &thread_shift) =3D=3D 1) {<br>+ if (CRASHDEBUG(1)){<br>+ =
error(INFO, "Detect thread shift via tbnz %ld\n", thread_shift)=
;<br>+ }<br>+ break;<br>+ }<br>+ }<br>+ =C2=A0 =C2=A0 }<br>+ =
close_tmpfile();<br>+ FREEBUF(req->buf);<br>+ FREEBUF(req);<br>+ }<br>=
+<br>+ if (thread_shift =3D=3D 0) {<br>+ return -1;<br>+ }<br>+<br>+ threa=
d_size =3D ((1UL) << thread_shift);<br>+ return thread_size;<br>+}<br=
>+<br>=C2=A0#endif =C2=A0/* ARM64 */<br>=C2=A0<br>=C2=A0<br>-- <br>2.25.1<b=
r></div><div><div><div><br></div><div><br><div class=3D"gmail_quote"><div d=
ir=3D"ltr" class=3D"gmail_attr">Tao Liu <<a href=3D"mailto:ltao@redhat.c=
om" target=3D"_blank">ltao@xxxxxxxxxx</a>> =E4=BA=8E2024=E5=B9=B47=E6=9C=
=8816=E6=97=A5=E5=91=A8=E4=BA=8C 16:22=E5=86=99=E9=81=93=EF=BC=9A<br></div>=
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left:1px solid rgb(204,204,204);padding-left:1ex">Hi Yeping,<br>
<br>
Thanks for the fix.<br>
<br>
On Thu, Jul 11, 2024 at 1:38=E2=80=AFPM <<a href=3D"mailto:wonderzyp@gma=
il.com" target=3D"_blank">wonderzyp@xxxxxxxxx</a>> wrote:<br>
><br>
> When using the crash tool to parse the ARM64 dump file with KASAN enab=
led, I found that using the bt -a command will cause this tool to crash, th=
e following is the backtrace infomation.<br>
><br>
> (gdb) bt<br>
> #0=C2=A0 0x00005635ac2b166b in arm64_unwind_frame (frame=3D0x7ffdaf35c=
b70, bt=3D0x7ffdaf35d430)<br>
>=C2=A0 =C2=A0 =C2=A0at arm64.c:2821<br>
> #1=C2=A0 arm64_back_trace_cmd (bt=3D0x7ffdaf35d430) at arm64.c:3306<br=
>
> #2=C2=A0 0x00005635ac27b108 in back_trace (bt=3Dbt@entry=3D0x7ffdaf35d=
430) at kernel.c:3239<br>
> #3=C2=A0 0x00005635ac2880ae in cmd_bt () at kernel.c:2863<br>
> #4=C2=A0 0x00005635ac1f16dc in exec_command () at main.c:893<br>
> #5=C2=A0 0x00005635ac1f192a in main_loop () at main.c:840<br>
> #6=C2=A0 0x00005635ac50df81 in captured_main (data=3D<optimized out=
>) at main.c:1284<br>
> #7=C2=A0 gdb_main (args=3D<optimized out>) at main.c:1313<br>
> #8=C2=A0 0x00005635ac50e000 in gdb_main_entry (argc=3D<optimized ou=
t>, argv=3D<optimized out>)<br>
>=C2=A0 =C2=A0 =C2=A0at main.c:1338<br>
> #9=C2=A0 0x00005635ac1ea2a5 in main (argc=3D5, argv=3D0x7ffdaf35dde8) =
at main.c:721<br>
> Eventually, I found that it was may caused by not setting irq_stack_si=
ze properly, and provide this patch to solve it.<br>
><br>
<br>
Could you please re-draft your commit message? The original one looks<br>
informal. E.g:<br>
<br>
A segfault issue was observed on KASAN enabled arm64 kernel due to the<br>
incorrect irq_stack_size, see the following stack trace:<br>
...<br>
The issue was caused by ...., and this patch will fix the issue by ....<br>
<br>
><br>
> From 34b28aa8c11e77d20adec4f7705a14d239c8a55f Mon Sep 17 00:00:00 2001=
<br>
> From: wonderzyp <<a href=3D"mailto:wonderzyp@xxxxxx"; target=3D"_bla=
nk">wonderzyp@xxxxxx</a>><br>
> Date: Mon, 8 Jul 2024 20:11:38 +0800<br>
> Subject: [PATCH 1131/1131] set_arm64_irq_stack_size<br>
><br>
> Signed-off-by: Yeping Zheng <<a href=3D"mailto:wonderzyp@xxxxxxxxx"=
target=3D"_blank">wonderzyp@xxxxxxxxx</a>><br>
> ---<br>
>=C2=A0 arm64.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++--<b=
r>
>=C2=A0 1 file changed, 47 insertions(+), 2 deletions(-)<br>
><br>
> diff --git a/arm64.c b/arm64.c<br>
> index b3040d7..39d891b 100644<br>
> --- a/arm64.c<br>
> +++ b/arm64.c<br>
> @@ -93,6 +93,7 @@ static void arm64_calc_VA_BITS(void);<br>
>=C2=A0 static int arm64_is_uvaddr(ulong, struct task_context *);<br>
>=C2=A0 static void arm64_calc_KERNELPACMASK(void);<br>
>=C2=A0 static int arm64_get_vmcoreinfo(unsigned long *vaddr, const char=
*label, int base);<br>
> +static ulong arm64_set_irq_stack_size(struct machine_specific *ms);<b=
r>
><br>
>=C2=A0 struct kernel_range {<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0unsigned long modules_vaddr, modules_=
end;<br>
> @@ -2223,8 +2224,14 @@ arm64_irq_stack_init(void)<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (MEMBE=
R_EXISTS("thread_union", "stack")) {<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0if ((sz =3D MEMBER_SIZE("thread_union", "=
;stack")) > 0)<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ms->irq_stack_size =3D s=
z;<br>
> -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0} else<br>
> -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0ms->irq_stack_size =3D ARM64_IRQ_STACK_SIZE;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0} else {<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0ulong res =3D arm64_set_irq_stack_size(ms);<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0if (res > 0){<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ms->irq_stack_size =3D res;<br=
>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0} else {<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ms->irq_stack_size =3D ARM64_I=
RQ_STACK_SIZE;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0}<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
><br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0machdep-&=
gt;flags |=3D IRQ_STACKS;<br>
><br>
> @@ -4921,6 +4928,44 @@ static void arm64_calc_KERNELPACMASK(void)<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
>=C2=A0 }<br>
><br>
> +static ulong arm64_set_irq_stack_size(struct machine_specific *ms)<br=
>
> +{<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0char *string;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0int ret;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0int KASAN_THREAD_SHIFT =3D 0;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0int MIN_THREAD_SHIFT;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0ulong ARM64_PAGE_SHIFT;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0ulong THREAD_SHIFT =3D 0;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0ulong THREAD_SIZE;<br>
<br>
I guess the upper case of variable names is not encouraged, though it<br>
is the variable that comes from kernel config file.<br>
<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0if (kt->ikconfig_flags & IKCONFIG_A=
VAIL) {<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if ((ret =3D g=
et_kernel_config("CONFIG_KASAN_GENERIC", NULL) =3D=3D IKCONFIG_Y)=
||<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0(ret =3D get_kernel_config("CONFIG_KASAN_SW_TAGS", =
NULL) =3D=3D IKCONFIG_Y)) {<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0KASAN_THREAD_SHIFT =3D 1;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0}<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0MIN_THREAD_SHIFT =3D 14 + KASAN_THREAD_SHI=
FT;<br>
> +<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0if (kt->ikconfig_flags & IKCONFIG_A=
VAIL) {<br>
<br>
Could the if condition be merged with the prior one?<br>
<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if ((ret =3D g=
et_kernel_config("CONFIG_VMAP_STACK", NULL)) =3D=3D IKCONFIG_Y){<=
br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0if ((ret =3D get_kernel_config("CONFIG_ARM64_PAGE_SHIFT&=
quot;, &string)) =3D=3D IKCONFIG_STR){<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ARM64_PAGE_SHIFT =3D atol(string)=
;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0}<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0if (MIN_THREAD_SHIFT < ARM64_PAGE_SHIFT){<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0THREAD_SHIFT =3D ARM64_PAGE_SHIFT=
;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0} else {<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0THREAD_SHIFT =3D MIN_THREAD_SHIFT=
;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0}<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
> +<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0if (THREAD_SHIFT =3D=3D 0) {<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0return -1;<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0}<br>
> +<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0THREAD_SIZE =3D ((1UL) << THREAD_SHI=
FT);<br>
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0return THREAD_SIZE;<br>
> +}<br>
<br>
I'm OK with the approach above, since it directly came from the kernel<=
br>
source. However I'm not a fan of checking kernel configs, there might<b=
r>
be kernels which are compiled without CONFIG_IKCONFIG.<br>
<br>
Could we add an approach here, to get the value from disassembly when<br>
CONFIG_IKCONFIG is negative?<br>
<br>
kernel source: arch/arm64/kernel/entry.S:<br>
<br>
.macro kernel_ventry, el:req, ht:req, regsize:req, label:req<br>
....<br>
add sp, sp, x0 // sp' =3D sp + x0<br>
sub x0, sp, x0 // x0' =3D sp' - x0 =3D (sp + x0) - x0 =3D sp<br>
tbnz x0, #THREAD_SHIFT, 0f <<<<<<<<<br>
<br>
$ objdump -d vmlinux<br>
...<br>
ffff800080010800 <vectors>:<br>
ffff800080010800:=C2=A0 =C2=A0 =C2=A0 =C2=A0d10543ff=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 sub=C2=A0 =C2=A0 =C2=A0sp, sp, #0x150<br>
ffff800080010804:=C2=A0 =C2=A0 =C2=A0 =C2=A08b2063ff=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 add=C2=A0 =C2=A0 =C2=A0sp, sp, x0<br>
ffff800080010808:=C2=A0 =C2=A0 =C2=A0 =C2=A0cb2063e0=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 sub=C2=A0 =C2=A0 =C2=A0x0, sp, x0<br>
ffff80008001080c:=C2=A0 =C2=A0 =C2=A0 =C2=A037800080=C2=A0 =C2=A0 =C2=A0 =
=C2=A0 tbnz=C2=A0 =C2=A0 w0, #16,<br>
ffff80008001081c <vectors+0x1c> <<<<<<<<<&=
lt;<br>
<br>
It is easy to get the THREAD_SHIFT value by disassembling the tbnz<br>
instruction. What do you think @Lianbo Jiang<br>
<br>
Thanks,<br>
Tao Liu<br>
<br>
> +<br>
>=C2=A0 #endif=C2=A0 /* ARM64 */<br>
><br>
><br>
> --<br>
> 2.25.1<br>
> --<br>
> Crash-utility mailing list -- <a href=3D"mailto:devel@lists.crash-util=
ity.osci.io" target=3D"_blank">devel@xxxxxxxxxxxxxxxxxxxxxxxxxxx</a><br>
> To unsubscribe send an email to <a href=3D"mailto:devel-leave@xxxxxxxx=
ash-utility.osci.io" target=3D"_blank">devel-leave@xxxxxxxxxxxxxxxxxxxxxxxx=
.io</a><br>
> https://${domain_name}/admin/lists/<a href=3D"http://devel.lists.crash=
-utility.osci.io/" rel=3D"noreferrer" target=3D"_blank">devel.lists.crash-u=
tility.osci.io/</a><br>
> Contribution Guidelines: <a href=3D"https://github.com/crash-utility/c=
rash/wiki" rel=3D"noreferrer" target=3D"_blank">https://github.com/crash-ut=
ility/crash/wiki</a><br>
<br>
</blockquote></div></div></div></div></div>
--0000000000009ba666061d6a913e--
--0000000000009ba66a061d6a9140
Content-Type: text/x-patch; charset="US-ASCII";
name="0001-A-segfault-issue-was-observed-on-KASAN-enabled-arm64.patch"
Content-Disposition: attachment;
filename="0001-A-segfault-issue-was-observed-on-KASAN-enabled-arm64.patch"
Content-Transfer-Encoding: base64
Content-ID: <f_lype30ew0>
X-Attachment-Id: f_lype30ew0
RnJvbSA4MzE3MDEwOTlhNzA5NzY2MmRkZWM5ZGU0NjQxMzFhZDUwYzcxMzRiIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiB3b25kZXJ6eXAgPHdvbmRlcnp5cEBxcS5jb20+CkRhdGU6IFdl
ZCwgMTcgSnVsIDIwMjQgMTE6MDI6MDYgKzA4MDAKU3ViamVjdDogW1BBVENIXSBBIHNlZ2ZhdWx0
IGlzc3VlIHdhcyBvYnNlcnZlZCBvbiBLQVNBTiBlbmFibGVkIGFybTY0IGtlcm5lbAogZHVlIHRv
IHRoZSBpbmNvcnJlY3QgaXJxX3N0YWNrX3NpemUsIHNlZSB0aGUgZm9sbG93aW5nIHN0YWNrIHRy
YWNlOiA+IChnZGIpCiBidCA+ICMwICAweDAwMDA1NjM1YWMyYjE2NmIgaW4gYXJtNjRfdW53aW5k
X2ZyYW1lIChmcmFtZT0weDdmZmRhZjM1Y2I3MCwKIGJ0PTB4N2ZmZGFmMzVkNDMwKSA+ICAgICBh
dCBhcm02NC5jOjI4MjEgPiAjMSAgYXJtNjRfYmFja190cmFjZV9jbWQKIChidD0weDdmZmRhZjM1
ZDQzMCkgYXQgYXJtNjQuYzozMzA2ID4gIzIgIDB4MDAwMDU2MzVhYzI3YjEwOCBpbiBiYWNrX3Ry
YWNlCiAoYnQ9YnRAZW50cnk9MHg3ZmZkYWYzNWQ0MzApIGF0IGtlcm5lbC5jOjMyMzkgPiAjMyAg
MHgwMDAwNTYzNWFjMjg4MGFlIGluCiBjbWRfYnQgKCkgYXQga2VybmVsLmM6Mjg2MyA+ICM0ICAw
eDAwMDA1NjM1YWMxZjE2ZGMgaW4gZXhlY19jb21tYW5kICgpIGF0CiBtYWluLmM6ODkzID4gIzUg
IDB4MDAwMDU2MzVhYzFmMTkyYSBpbiBtYWluX2xvb3AgKCkgYXQgbWFpbi5jOjg0MCA+ICM2IAog
MHgwMDAwNTYzNWFjNTBkZjgxIGluIGNhcHR1cmVkX21haW4gKGRhdGE9PG9wdGltaXplZCBvdXQ+
KSBhdCBtYWluLmM6MTI4NCA+CiAjNyAgZ2RiX21haW4gKGFyZ3M9PG9wdGltaXplZCBvdXQ+KSBh
dCBtYWluLmM6MTMxMyA+ICM4ICAweDAwMDA1NjM1YWM1MGUwMDAKIGluIGdkYl9tYWluX2VudHJ5
IChhcmdjPTxvcHRpbWl6ZWQgb3V0PiwgYXJndj08b3B0aW1pemVkIG91dD4pID4gICAgIGF0CiBt
YWluLmM6MTMzOCA+ICM5ICAweDAwMDA1NjM1YWMxZWEyYTUgaW4gbWFpbiAoYXJnYz01LCBhcmd2
PTB4N2ZmZGFmMzVkZGU4KSBhdAogbWFpbi5jOjcyMQoKVGhlIGlzc3VlIHdhcyBjYXVzZWQgYnkg
bm90IHNldHRpbmcgaXJxX3N0YWNrX3NpemUgY29ycmVjdGx5LCBhbmQgdGhpcyBwYXRjaCB3aWxs
IGZpeCB0aGUgaXNzdWUgYnkgdHdvIHdheXM6CjEuIGlmIENPTkZJR19JS0NPTkZJRyBpcyBzZXQs
IGNhbGN1bGF0ZSB0aGUgaXJxX3N0YWNrX3NpemUgYWNjb3JkaW5nIHRvIGtlcm5lbCBzb3VyY2Ug
Y29kZQoyLiBpZiBDT05GSUdfSUtDT05GSUcgaXMgbm90IHNldCwgZ2V0IFRIUkVBRF9TSElGVCB2
YWx1ZSBieSBkaXNhc3NlbWJsaW5nIHRoZSB0Ym56IGluc3RydWN0aW9uIHRvIGNhbGN1bGF0ZSB0
aGUgaXJxX3N0YWNrX3NpemUKClNpZ25lZC1vZmYtYnk6IFllcGluZy5aaGVuZyA8eWVwaW5nLnpo
ZW5nQG5pby5jb20+Ci0tLQogYXJtNjQuYyB8IDg2ICsrKysrKysrKysrKysrKysrKysrKysrKysr
KysrKysrKysrKysrKysrKysrKysrKysrKysrKystLQogMSBmaWxlIGNoYW5nZWQsIDg0IGluc2Vy
dGlvbnMoKyksIDIgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEvYXJtNjQuYyBiL2FybTY0LmMK
aW5kZXggYjMwNDBkNy4uODM0N2JhMSAxMDA2NDQKLS0tIGEvYXJtNjQuYworKysgYi9hcm02NC5j
CkBAIC05Myw2ICs5Myw3IEBAIHN0YXRpYyB2b2lkIGFybTY0X2NhbGNfVkFfQklUUyh2b2lkKTsK
IHN0YXRpYyBpbnQgYXJtNjRfaXNfdXZhZGRyKHVsb25nLCBzdHJ1Y3QgdGFza19jb250ZXh0ICop
Owogc3RhdGljIHZvaWQgYXJtNjRfY2FsY19LRVJORUxQQUNNQVNLKHZvaWQpOwogc3RhdGljIGlu
dCBhcm02NF9nZXRfdm1jb3JlaW5mbyh1bnNpZ25lZCBsb25nICp2YWRkciwgY29uc3QgY2hhciAq
bGFiZWwsIGludCBiYXNlKTsKK3N0YXRpYyB1bG9uZyBhcm02NF9zZXRfaXJxX3N0YWNrX3NpemUo
c3RydWN0IG1hY2hpbmVfc3BlY2lmaWMgKm1zKTsKIAogc3RydWN0IGtlcm5lbF9yYW5nZSB7CiAJ
dW5zaWduZWQgbG9uZyBtb2R1bGVzX3ZhZGRyLCBtb2R1bGVzX2VuZDsKQEAgLTIyMjMsOCArMjIy
NCwxMCBAQCBhcm02NF9pcnFfc3RhY2tfaW5pdCh2b2lkKQogCQlpZiAoTUVNQkVSX0VYSVNUUygi
dGhyZWFkX3VuaW9uIiwgInN0YWNrIikpIHsgCiAJCQlpZiAoKHN6ID0gTUVNQkVSX1NJWkUoInRo
cmVhZF91bmlvbiIsICJzdGFjayIpKSA+IDApCiAJCQkJbXMtPmlycV9zdGFja19zaXplID0gc3o7
Ci0JCX0gZWxzZQotCQkJbXMtPmlycV9zdGFja19zaXplID0gQVJNNjRfSVJRX1NUQUNLX1NJWkU7
CisJCX0gZWxzZSB7CisJCQl1bG9uZyByZXMgPSBhcm02NF9zZXRfaXJxX3N0YWNrX3NpemUobXMp
OworCQkJbXMtPmlycV9zdGFja19zaXplID0gKHJlcyA+IDApID8gcmVzIDogQVJNNjRfSVJRX1NU
QUNLX1NJWkU7CisJCX0KIAogCQltYWNoZGVwLT5mbGFncyB8PSBJUlFfU1RBQ0tTOwogCkBAIC00
OTIxLDYgKzQ5MjQsODUgQEAgc3RhdGljIHZvaWQgYXJtNjRfY2FsY19LRVJORUxQQUNNQVNLKHZv
aWQpCiAJfQogfQogCitzdGF0aWMgdWxvbmcgYXJtNjRfc2V0X2lycV9zdGFja19zaXplKHN0cnVj
dCBtYWNoaW5lX3NwZWNpZmljICptcykKK3sKKwljaGFyICpzdHJpbmc7CisJaW50IHJldDsKKwlp
bnQga2FzYW5fdGhyZWFkX3NoaWZ0ID0gMDsKKwlpbnQgbWluX3RocmVhZF9zaGlmdDsKKwl1bG9u
ZyBhcm02NF9wYWdlX3NoaWZ0OworCXVsb25nIHRocmVhZF9zaGlmdCA9IDA7CisJdWxvbmcgdGhy
ZWFkX3NpemU7CisJc3RydWN0IHN5bWVudCAqc3A7CisJY29uc3QgY2hhciogdGJuel9zdHIgPSAi
dGJueiI7CisJCisJaWYgKGt0LT5pa2NvbmZpZ19mbGFncyAmIElLQ09ORklHX0FWQUlMKSB7CisJ
CWlmICgocmV0ID0gZ2V0X2tlcm5lbF9jb25maWcoIkNPTkZJR19LQVNBTl9HRU5FUklDIiwgTlVM
TCkgPT0gSUtDT05GSUdfWSkgfHwKKwkJCShyZXQgPSBnZXRfa2VybmVsX2NvbmZpZygiQ09ORklH
X0tBU0FOX1NXX1RBR1MiLCBOVUxMKSA9PSBJS0NPTkZJR19ZKSkgeworCQkJCWthc2FuX3RocmVh
ZF9zaGlmdCA9IDE7CisJCQl9CisJCW1pbl90aHJlYWRfc2hpZnQgPSAxNCArIGthc2FuX3RocmVh
ZF9zaGlmdDsKKworCQlpZiAoKHJldCA9IGdldF9rZXJuZWxfY29uZmlnKCJDT05GSUdfVk1BUF9T
VEFDSyIsIE5VTEwpKSA9PSBJS0NPTkZJR19ZKXsKKwkJCWlmICgocmV0ID0gZ2V0X2tlcm5lbF9j
b25maWcoIkNPTkZJR19BUk02NF9QQUdFX1NISUZUIiwgJnN0cmluZykpID09IElLQ09ORklHX1NU
Uil7CisJCQkJYXJtNjRfcGFnZV9zaGlmdCA9IGF0b2woc3RyaW5nKTsKKwkJCX0KKwkJCWlmICht
aW5fdGhyZWFkX3NoaWZ0IDwgYXJtNjRfcGFnZV9zaGlmdCl7CisJCQkJdGhyZWFkX3NoaWZ0ID0g
YXJtNjRfcGFnZV9zaGlmdDsKKwkJCX0gZWxzZSB7CisJCQkJdGhyZWFkX3NoaWZ0ID0gbWluX3Ro
cmVhZF9zaGlmdDsKKwkJCX0KKwkJfQkKKwl9IGVsc2UgeworCisJCWlmICghKHNwID0gc3ltYm9s
X3NlYXJjaCgidmVjdG9ycyIpKSkgeworCQkJcmV0dXJuIC0xOworCQl9CisKKwkJY29uc3QgY2hh
ciogdGJuel9zdHIgPSAidGJueiI7CisJCXN0cnVjdCBnbnVfcmVxdWVzdCAqcmVxOworCQlyZXEg
PSAoc3RydWN0IGdudV9yZXF1ZXN0ICopR0VUQlVGKHNpemVvZihzdHJ1Y3QgZ251X3JlcXVlc3Qp
KTsKKwkJcmVxLT5jb21tYW5kID0gR05VX1BBU1NfVEhST1VHSDsKKwkJcmVxLT5idWYgPSBHRVRC
VUYoQlVGU0laRSk7CisJCXN0cmNhdChyZXEtPmJ1ZiwgIngvMTAyNGkgIik7CisKKwkJY2hhciB0
bXBbMTAwXTsKKwkJc3ByaW50Zih0bXAsICIweCVseCIsIHNwLT52YWx1ZSk7CisJCXN0cmNhdChy
ZXEtPmJ1ZiwgdG1wKTsKKwkJcmVxLT5mbGFncyA9IChHTlVfUkVUVVJOX09OX0VSUk9SKTsKKwkJ
b3Blbl90bXBmaWxlKCk7CisJCXJlcS0+ZnAgPSBwYy0+dG1wZmlsZTsKKwkJZ2RiX2ludGVyZmFj
ZShyZXEpOworCisKKwkJcmV3aW5kKHBjLT50bXBmaWxlKTsKKwkJY2hhciBsaW5lW0JVRlNJWkVd
OworCQl3aGlsZSAoZmdldHMobGluZSwgQlVGU0laRSwgcGMtPnRtcGZpbGUpICE9IE5VTEwpIHsK
KwkJCS8vIHByaW50ZigidGhlIGJ1ZmZlciBpcyBub3QgbnVsbFxuIik7CisJCQljaGFyKiB0Ym56
X3BvcyA9IHN0cnN0cihsaW5lLCB0Ym56X3N0cik7CisJCQlpZiAodGJuel9wb3MgIT0gTlVMTCkg
eworCQkJCWNoYXIqIHRocmVhZF9zaGlmdF9wb3MgPSBzdHJzdHIodGJuel9wb3MsICIjIik7CisJ
CQkJaWYgKHNzY2FuZih0aHJlYWRfc2hpZnRfcG9zICsgMSwgIiVsZCIsICZ0aHJlYWRfc2hpZnQp
ID09IDEpIHsKKwkJCQkJaWYgKENSQVNIREVCVUcoMSkpeworCQkJCQkJZXJyb3IoSU5GTywgIkRl
dGVjdCB0aHJlYWQgc2hpZnQgdmlhIHRibnogJWxkXG4iLCB0aHJlYWRfc2hpZnQpOworCQkJCQl9
CisJCQkJCWJyZWFrOworCQkJCX0KKwkJCX0KKyAgICAJfQorCQljbG9zZV90bXBmaWxlKCk7CisJ
CUZSRUVCVUYocmVxLT5idWYpOworCQlGUkVFQlVGKHJlcSk7CisJfQorCisJaWYgKHRocmVhZF9z
aGlmdCA9PSAwKSB7CisJCXJldHVybiAtMTsKKwl9CisKKwl0aHJlYWRfc2l6ZSA9ICgoMVVMKSA8
PCB0aHJlYWRfc2hpZnQpOworCXJldHVybiB0aHJlYWRfc2l6ZTsKK30KKwogI2VuZGlmICAvKiBB
Uk02NCAqLwogCiAKLS0gCjIuMjUuMQoK
--0000000000009ba66a061d6a9140
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0KQ3Jhc2gtdXRpbGl0eSBtYWlsaW5nIGxpc3QgLS0gZGV2ZWxAbGlzdHMuY3Jhc2gtdXRpbGl0
eS5vc2NpLmlvClRvIHVuc3Vic2NyaWJlIHNlbmQgYW4gZW1haWwgdG8gZGV2ZWwtbGVhdmVAbGlz
dHMuY3Jhc2gtdXRpbGl0eS5vc2NpLmlvCmh0dHBzOi8vJHtkb21haW5fbmFtZX0vYWRtaW4vbGlz
dHMvZGV2ZWwubGlzdHMuY3Jhc2gtdXRpbGl0eS5vc2NpLmlvLwpDb250cmlidXRpb24gR3VpZGVs
aW5lczogaHR0cHM6Ly9naXRodWIuY29tL2NyYXNoLXV0aWxpdHkvY3Jhc2gvd2lraQo=
--0000000000009ba66a061d6a9140--
