On Sat, Jun 21, 2014 at 03:28:52PM +0800, Real Name wrote: > On Thu, Jun 05, 2014 at 11:49:49PM +0200, Richard Weinberger wrote: > > Am 05.06.2014 06:15, schrieb Honggang Li: > > > arch/x86/um/checksum_32.S had been copy & paste from x86. When build > > > x86 uml, csum_partial_copy_generic_i386 mess up the exception table. > > > In fact, exception table dose not work in uml kernel. > > > > Are you sure that exception tables do not work on UML? > > I said, I'm not sure. Can you please find out? > > Hi, > After traced i386 uml kernel with gdb , I'm sure exception tables > do *not* work. When csum_partial_copy_generic_i386 read user space memory, > an access error exception arises, however, the segv function always > return zero. So, the fixup nerver executed. The uml system hang (not > kernel panic).
The kernel hang because the SEGV signal handler can't modify the EIP register in signal context. Here is the summary why exception table dose not works for linux (>3.3): 1) broken exception table (706276543b699d80f546e45f8b12574e7b18d952) 2) arch_fixup modify the local copy of regs. > > thanks. > > > > > In arch/um/kernel/trap.c:segv() we have the mechanism for it: > > else if (!is_user && arch_fixup(ip, regs)) > > goto out; 0) access invalid memory address in kernel (no mm for the address. it is easy to force invalid memory acess in kernel. I cast 0x1234 as a void pointer, and pass it to csum_partial_copy_generic_i386) 1) SEGV signal arise 1.1) hard_handler (arch/um/os-Linux/signal.c) The third argument of hard_handler point to signal context. 1.2) call sig_handler 1.3) call sig_handler_common (dump the registers in signal context into local var struct uml_pt_regs r.). line 36 is the key point why exception table dose not works in UML. 34 if (sig == SIGSEGV) { 35 /* For segfaults, we want the data from the sigcontext. */ 36 get_regs_from_mc(&r, mc); 37 GET_FAULTINFO_FROM_MC(r.faultinfo, mc); 38 1.4) call segv_handler (arch/um/kernel/trap.c) 1.5) call segv 1.6) call arch_fixup (arch/x86/um/fault.c) 1.7) arch_fixup (UPT_IP(regs) = fixup->fixup;) set the EIP register of local copy uml_pt_regs 1.8) When function return to sig_handler, the EIP change lost 1.9) When hard_handler signal handler return, it restore the EIP with the address arise the SEGV in step 0. The fixup section never be executed. If exception table works, UML kernel should run fixup code in here. Then repeate step 0 to 1.9, kernel hang on. thanks > > > > The interesting question is, is this by design or was it just copy&pasted > > from x86 > > many moons ago? :) > > > > > And csum_partial_copy_generic_i386 never been called. So, delete it. > > > > I like such clean ups. :-) > > > > Thanks, > > //richard ------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user