This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [WIP] uprobe tests


> > > slab error in verify_redzone_free(): cache `size-32': memory outside object was 
> > > overwritten
> > >  [<c04787f2>] cache_free_debugcheck+0xb2/0x1a6
> > >  [<c0478b5e>] kfree+0x90/0xe0
> > >  [<f098208b>] u_dbfs_cleanup+0x4b/0x4d [blink2]
> > >  [<f09820d6>] cleanup_module+0x49/0x4b [blink2]
> ...

I was also able to reproduce this with Frank's Kernel Hacking options.


> 
> I rebuilt kernels with Frank's debugging options enabled.  Here's a
> simple fix that yields clean test runs for me.  In the test suite, in
> include/udbgfs.c, in the line
> 	print_buf = kmalloc(sizeof(print_buf),GFP_KERNEL);
> change
> 	sizeof(print_buf)
> to
> 	sizeof(*print_buf)

I have added the fix as suggested by Jim.

> 
> BTW, I don't think test_printk() handles buffer overflows correctly.
> When we reach the end of the buffer, it's possible for vsnprintf() to
> return a number greater than print_buf->bytes_left (see "Return value"
> in the man page), which means print_buf->bytes_left can underflow to a
> very big number, telling the next call to vsnprintf() that we have a
> very big buffer.  I don't see any overflows in the test suite that would
> test my hypothesis, though, so I'll leave that investigation and fix to
> Srikar.

To take care of the overflow that Jim has pointed out, I have modified 
test_printk function to check for the overflow as an interim solution. 
Once we start seeing tests failing due to overflow we can investigate at
a more feasible solution. Please do let me know if this is acceptable.

Here is the modified test_printk function.

int test_printk(const char *fmt, ...)
{
        va_list args;
        int len;

#ifdef UPROBE_DEBUGFS_DEBUG
        printk (KERN_ERR "calling test_printk\n");
#endif  
        if (print_buf->bytes_left == 0) {
                printk (KERN_ERR "test_printk: bytes left is 0\n");
                return -1;
        }

        va_start(args, fmt);

        spin_lock(&print_buf->lock);
        len = vsnprintf(print_buf->cur, print_buf->bytes_left, fmt,
args);

        print_buf->cur += len;
        print_buf->bytes_in_buf += len;
        if (len > print_buf->bytes_left)
                print_buf->bytes_left = 0;
        else
                print_buf->bytes_left -= len;
        spin_unlock(&print_buf->lock);
        va_end(args);

#ifdef UPROBE_DEBUGFS_DEBUG
        printk (KERN_ERR "exiting test_printk\n");
#endif

        return len;
}


--
Thanks and Regards
Srikar 


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]