Re: 2.6.current Oops: strace + waitpid()?

> intrepid:~$ cat test.pl
> #!/usr/bin/perl
> 
> open my $fd, "-|", "/bin/true";
> 
> intrepid:~$ strace -f ./test.pl
> 
> Unable to handle kernel NULL pointer dereference at virtual address 00000000
>  printing eip:
> 00000000
> *pde = 00000000
> Oops: 0000 [#1]
> PREEMPT 
> Modules linked in: binfmt_misc ohci1394 ieee1394 pci200syn hdlc syncppp
> emu10k1_gp snd_cmipci gameport snd_opl3_lib snd_mpu401_uart epic100 sg
> sym53c8xx scsi_transport_spi evdev
> CPU:    0
> EIP:    0060:[<00000000>]    Not tainted VLI
> EFLAGS: 00010286   (2.6.12-rc3) 
> EIP is at 0x0
> eax: ca476000   ebx: 01200011   ecx: 00000000   edx: 00000000
> esi: cfbd3060   edi: 00000000   ebp: ca476000   esp: ca476fc4
> ds: 007b   es: 007b   ss: 0068
> Process test.pl (pid: 3168, threadinfo=ca476000 task=cfbd3060)
> Stack: 01202011 00000000 00000000 00000000 b7c9a708 bfea12cc 00000000 0000007b 
>        0000007b 00000078 ffffe410 00000073 00000282 bfea121c 0000007b 
> Call Trace:
> Code:  Bad EIP value.
> 
> 2.6.12-rc3 (current), gcc version 3.4.3 20050227 (Red Hat 3.4.3-22.fc3),
> Athlon XP.
> 
> The machine is still alive, oops is 100% reproducible.
> 
>  3174 ?        Ss     0:00 \_ xterm -rv
>  3176 pts/1    Ss     0:00     \_ bash
>  3210 pts/1    S+     0:00         \_ strace -f ./test.pl
>  3211 pts/1    T+     0:00             \_ /usr/bin/perl ./test.pl
>  3212 pts/1    Z+     0:00                 \_ [test.pl] <defunct>
> 
> Any idea?

Ok tested here, it's the ptrace scribbles the return address due to
incorrect esp0 at fork time (it's in -mm currently).

Could you please verify that this fixes it

Index: latest/arch/i386/kernel/process.c
===================================================================
--- latest.orig/arch/i386/kernel/process.c	2005-04-30 15:44:02.000000000 +0200
+++ latest/arch/i386/kernel/process.c	2005-05-03 12:54:16.000000000 +0200
@@ -400,11 +400,6 @@
 	int err;
 
 	childregs = ((struct pt_regs *) (THREAD_SIZE + (unsigned long) p->thread_info)) - 1;
-	*childregs = *regs;
-	childregs->eax = 0;
-	childregs->esp = esp;
-
-	p->thread.esp = (unsigned long) childregs;
 	/*
 	 * The below -8 is to reserve 8 bytes on top of the ring0 stack.
 	 * This is necessary to guarantee that the entire "struct pt_regs"
@@ -415,7 +410,13 @@
 	 * "struct pt_regs" is possible, but they may contain the
 	 * completely wrong values.
 	 */
-	p->thread.esp0 = (unsigned long) (childregs+1) - 8;
+	childregs = (struct pt_regs *) ((unsigned long) childregs - 8);
+	*childregs = *regs;
+	childregs->eax = 0;
+	childregs->esp = esp;
+
+	p->thread.esp = (unsigned long) childregs;
+	p->thread.esp0 = (unsigned long) (childregs+1);
 
 	p->thread.eip = (unsigned long) ret_from_fork;
 


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: 2.6.current Oops: strace + waitpid()?
  - From: Krzysztof Halasa <[email protected]>

References:
- 2.6.current Oops: strace + waitpid()?
  - From: Krzysztof Halasa <[email protected]>

Prev by Date: Re: [RFC][PATCH] update SubmittingPatches to clarify attachment policy
Next by Date: Re: [RFC][PATCH] update SubmittingPatches to clarify attachment policy
Previous by thread: 2.6.current Oops: strace + waitpid()?
Next by thread: Re: 2.6.current Oops: strace + waitpid()?
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]