Closed Bug 1176456 Opened 10 years ago Closed 10 years ago

Incorrect restore of ARM_ip in syscall_trace()

Categories

(Firefox OS Graveyard :: GonkIntegration, defect)

Product:
Firefox OS Graveyard
Component:
GonkIntegration
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: tedd, Assigned: tedd)

Details

Attachments

(9 files)

PR codeaurora_kernel_msm - b2g-msm-hammerhead-3.4-lollipop-release branch
60 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR codeaurora_kernel_msm - b2g-msm-hammerhead-3.4-lollipop-mr1 branch
60 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR codeaurora_kernel_msm - b2g-msm-hammerhead-3.4-kitkat-mr1 branch
60 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR codeaurora_kernel_msm - t2m-flame-3.4-jb branch
60 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR codeaurora_kernel_msm - t2m-flame-3.4-kk branch
60 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR codeaurora_kernel_msm - foxfone-one-lollipop branch
60 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR device_lge_hammerhead-kernel - b2g-4.4.2_r1 branch
66 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR device_lge_hammerhead-kernel - b2g-5.0.0_r6 branch
66 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
PR device_lge_hammerhead-kernel - b2g-5.1.0_r1 branch
66 bytes, text/x-github-pull-request
seinlin
: review+
kang
: review+
jld
: review+
Details | Review
When a process is traced and resumed with ptrace(PTRACE_SYSCALL,...), the tracee process will crash with a segmentation fault because the instruction pointer is set to zero. This is due to a bug inside the arm implementation of the syscall_trace function of the kernel. It is not present in the mainstream kernel, it was introduced during a backport (e.g. Linux 3.4 for nexus-5[1]) This bug prevents strace from working correctly and might affect other functionality that uses the syscall_trace function. The fix is fairly simple, but multiple branches inside the forked[2] repository of the msm repo from codeaurora[3] and msm repo itself is affected. I will create pull requests to fix this issue as soon as I can. [1] https://github.com/mozilla-b2g/codeaurora_kernel_msm/commit/475fc662ece6570851f3f3a3879145a0a7159a54 [2] https://github.com/mozilla-b2g/codeaurora_kernel_msm [3] git://codeaurora.org/kernel/msm.git
Attachment #8625076 - Flags: review?(seinlin.maung+bugs)
Attachment #8625077 - Flags: review?(seinlin.maung+bugs)
Attachment #8625242 - Flags: review?(seinlin.maung+bugs)
Comment on attachment 8625073 [details] [review] PR codeaurora_kernel_msm - b2g-msm-hammerhead-3.4-lollipop-release branch Good catch. Thanks!
Attachment #8625073 - Flags: review?(seinlin.maung+bugs) → review+
Attachment #8625074 - Flags: review?(seinlin.maung+bugs) → review+
Attachment #8625075 - Flags: review?(seinlin.maung+bugs) → review+
Attachment #8625076 - Flags: review?(seinlin.maung+bugs) → review+
Attachment #8625077 - Flags: review?(seinlin.maung+bugs) → review+
Attachment #8625242 - Flags: review?(seinlin.maung+bugs) → review+
Some devices use prebuilt kernel, such as Nexux 5 [1], the prebuilt one need to be updated accordingly. [1] https://github.com/mozilla-b2g/device_lge_hammerhead-kernel/commit/8141110f671de1c399ab11d3f37a967c31930ac8
precompiled hammerhead kernel that includes fix from b2g-msm-hammerhead-3.4-kitkat-mr1 branch
Attachment #8627445 - Flags: review?(seinlin.maung+bugs)
precompiled hammerhead kernel that includes fix from b2g-msm-hammerhead-3.4-lollipop-release branch
Attachment #8627446 - Flags: review?(seinlin.maung+bugs)
precompiled hammerhead kernel that includes fix from b2g-msm-hammerhead-3.4-lollipop-mr1 branch
Attachment #8627447 - Flags: review?(seinlin.maung+bugs)
(In reply to Kai-Zhen Li [:kli][:seinlin] from comment #8) > Some devices use prebuilt kernel, such as Nexux 5 [1], the prebuilt one need > to be updated accordingly. > > [1] > https://github.com/mozilla-b2g/device_lge_hammerhead-kernel/commit/ > 8141110f671de1c399ab11d3f37a967c31930ac8 I created some pull requests with an updated kernel image that was compiled with the fix from the other pull requests.
Summary: Incorrect saving of the instruction pointer in the syscall_trace function in arch/arm/kernel/ptrace.c → Incorrect restore of ARM_ip in syscall_trace()
hi diego, how can I upstream this fix to codeaurora? As far as I can tell it doesn't have a direct impact on regular users, but it would allow developers to use strace on devices that are affected.
Flags: needinfo?(dwilson)
Attachment #8627445 - Flags: review?(seinlin.maung+bugs) → review+
Attachment #8627446 - Flags: review?(seinlin.maung+bugs) → review+
Comment on attachment 8627447 [details] [review] PR device_lge_hammerhead-kernel - b2g-5.1.0_r1 branch Thanks for the update.
Attachment #8627447 - Flags: review?(seinlin.maung+bugs) → review+
Flags: needinfo?(dwilson) → needinfo?(ikumar)
Attachment #8625073 - Flags: review?(jld)
Attachment #8625073 - Flags: review?(gdestuynder)
Attachment #8625074 - Flags: review?(jld)
Attachment #8625074 - Flags: review?(gdestuynder)
Attachment #8625075 - Flags: review?(jld)
Attachment #8625075 - Flags: review?(gdestuynder)
Attachment #8625076 - Flags: review?(jld)
Attachment #8625076 - Flags: review?(gdestuynder)
Attachment #8625077 - Flags: review?(jld)
Attachment #8625077 - Flags: review?(gdestuynder)
Attachment #8625242 - Flags: review?(jld)
Attachment #8625242 - Flags: review?(gdestuynder)
Attachment #8627445 - Flags: review?(jld)
Attachment #8627445 - Flags: review?(gdestuynder)
Attachment #8627446 - Flags: review?(jld)
Attachment #8627446 - Flags: review?(gdestuynder)
Attachment #8627447 - Flags: review?(jld)
Attachment #8627447 - Flags: review?(gdestuynder)
hey :kang, :jld can you give it a review please so that the patches can be merged? I don't know if it makes sense for a review on a pre-built kernel, but if someone else should rather rebuild them with the gives changes, just mark them as obsolete.
Attachment #8625073 - Flags: review?(gdestuynder) → review+
Attachment #8625074 - Flags: review?(gdestuynder) → review+
Attachment #8625075 - Flags: review?(gdestuynder) → review+
Attachment #8625076 - Flags: review?(gdestuynder) → review+
Attachment #8625077 - Flags: review?(gdestuynder) → review+
Attachment #8625242 - Flags: review?(gdestuynder) → review+
Comment on attachment 8627445 [details] [review] PR device_lge_hammerhead-kernel - b2g-4.4.2_r1 branch Cant reproduce/verify binary easily but otherwise looks good
Attachment #8627445 - Flags: review?(gdestuynder) → review+
Comment on attachment 8627446 [details] [review] PR device_lge_hammerhead-kernel - b2g-5.0.0_r6 branch same comment as previous attachment (binary)
Attachment #8627446 - Flags: review?(gdestuynder) → review+
Comment on attachment 8627447 [details] [review] PR device_lge_hammerhead-kernel - b2g-5.1.0_r1 branch same comment as previous attachment (binary)
Attachment #8627447 - Flags: review?(gdestuynder) → review+
Attachment #8625073 - Flags: review?(jld) → review+
Attachment #8625074 - Flags: review?(jld) → review+
Attachment #8625075 - Flags: review?(jld) → review+
Attachment #8625076 - Flags: review?(jld) → review+
Attachment #8625077 - Flags: review?(jld) → review+
Attachment #8625242 - Flags: review?(jld) → review+
Comment on attachment 8627445 [details] [review] PR device_lge_hammerhead-kernel - b2g-4.4.2_r1 branch I also haven't tried to inspect the binaries, but the commit looks good otherwise.
Attachment #8627445 - Flags: review?(jld) → review+
Comment on attachment 8627446 [details] [review] PR device_lge_hammerhead-kernel - b2g-5.0.0_r6 branch (See above.)
Attachment #8627446 - Flags: review?(jld) → review+
Comment on attachment 8627447 [details] [review] PR device_lge_hammerhead-kernel - b2g-5.1.0_r1 branch (See above.)
Attachment #8627447 - Flags: review?(jld) → review+
clearing the needinfo
Flags: needinfo?(ikumar)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: