[Crash-utility] Re: [PATCH] arm64: fix a potential segfault in arm64_unwind_frame

[qiwu.chen@xxxxxxxxxxxxx]

Hi Lianbo,

1. The current issue can be reproduced with arm64_unwind_frame_v2():
crash> bt
[Detaching after fork from child process 4778]

Thread 1 "crash" received signal SIGSEGV, Segmentation fault.
0x0000555555826dae in arm64_unwind_frame_v2 (bt=0x7fffffffd8f0, frame=0x7fffffffd060, ofp=0x555559909970) at arm64.c:3048
3048            frame->pc = GET_STACK_ULONG(fp + 8);
(gdb) bt
#0  0x0000555555826dae in arm64_unwind_frame_v2 (bt=0x7fffffffd8f0, frame=0x7fffffffd060, ofp=0x555559909970) at arm64.c:3048
#1  0x0000555555827d99 in arm64_back_trace_cmd_v2 (bt=0x7fffffffd8f0) at arm64.c:3426
#2  0x00005555557df95e in back_trace (bt=0x7fffffffd8f0) at kernel.c:3240
#3  0x00005555557dd8b8 in cmd_bt () at kernel.c:2881
#4  0x000055555573696b in exec_command () at main.c:893
#5  0x000055555573673e in main_loop () at main.c:840
#6  0x0000555555aa4a61 in captured_main (data=<optimized out>) at main.c:1284
#7  gdb_main (args=<optimized out>) at main.c:1313
#8  0x0000555555aa4ae0 in gdb_main_entry (argc=<optimized out>, argv=<optimized out>) at main.c:1338
#9  0x00005555558021df in gdb_main_loop (argc=2, argv=0x7fffffffe248) at gdb_interface.c:81
#10 0x0000555555736401 in main (argc=3, argv=0x7fffffffe248) at main.c:721
(gdb) p/x *(struct arm64_stackframe *)0x7fffffffd060
$1 = {fp = 0xffffffc008003f50, sp = 0xffffffc008003f40, pc = 0xffffffdfd669447c}
(gdb) p/x *(struct bt_info *)0x7fffffffd8f0
$2 = {task = 0xffffff8118012500, flags = 0x0, instptr = 0xffffffdfd669447c, stkptr = 0xffffffc008003f40, bptr = 0x0, stackbase = 0xffffffc01b5b0000, stacktop = 0xffffffc01b5b4000,
  stackbuf = 0x555556117a80, tc = 0x55557a3b3480, hp = 0x0, textlist = 0x0, ref = 0x0, frameptr = 0xffffffc008003f50, call_target = 0x0, machdep = 0x0, debug = 0x0, eframe_ip = 0x0, radix = 0x0,
  cpumask = 0x0}

2. The issue can be easily reproduced by "echo c > /proc/sysrq-trigger" on Andriod GKI-5.10 platform.