samples/rust/rust_ch03: Apply Options of miscdev.rs #1
Comments
gurugio
pushed a commit
that referenced
this issue
Oct 14, 2023
/ # ls /proc/rust_demo/ rust_proc_fs / # cat /proc/rust_demo/rust_proc_fs [ 43.097837] BUG: kernel NULL pointer dereference, address: 0000000000000002 [ 43.098565] #PF: supervisor instruction fetch in kernel mode [ 43.099176] #PF: error_code(0x0010) - not-present page [ 43.099832] PGD 5490067 P4D 5490067 PUD 572a067 PMD 0 [ 43.100501] Oops: 0010 [#1] PREEMPT SMP NOPTI [ 43.101051] CPU: 0 PID: 122 Comm: cat Tainted: G E 6.3.0+ Rust-for-Linux#17 [ 43.101745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 43.101745] RIP: 0010:0x2 [ 43.101745] Code: Unable to access opcode bytes at 0xffffffffffffffd8. [ 43.101745] RSP: 0018:ffff88800573fc68 EFLAGS: 00010202 [ 43.101745] RAX: ffff8880057339c0 RBX: 0000000000000001 RCX: 0000000000000000 [ 43.101745] RDX: 0000000000000000 RSI: ffff888005729700 RDI: ffff888004f5e308 [ 43.101745] RBP: ffff88800573fca0 R08: ffff88800573fc28 R09: ffff8880056b5ac8 [ 43.101745] R10: 0000000031a4a4f0 R11: 0000000000000002 R12: ffff8880056b5ac8 [ 43.101745] R13: ffff888005729700 R14: ffff888005469480 R15: ffff888004f5e308 [ 43.101745] FS: 00000000020ee3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 43.101745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.101745] CR2: ffffffffffffffd8 CR3: 000000000561e000 CR4: 00000000000006f0 [ 43.101745] Call Trace: [ 43.101745] <TASK> [ 43.101745] ? proc_reg_open+0xf1/0x1d0 [ 43.101745] ? proc_reg_mmap+0x110/0x110 [ 43.101745] do_dentry_open+0x166/0x450 [ 43.101745] vfs_open+0x2d/0x30 [ 43.101745] path_openat+0xa8b/0xc50 [ 43.101745] do_filp_open+0xa1/0x130 [ 43.101745] ? getname_flags+0x50/0x1e0 [ 43.101745] ? alloc_fd+0x146/0x190 [ 43.101745] do_sys_openat2+0x6d/0x130 [ 43.101745] __x64_sys_openat+0x71/0x80 [ 43.101745] do_syscall_64+0x35/0x50 [ 43.101745] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.101745] RIP: 0033:0x4ad15b [ 43.101745] Code: 25 00 00 41 00 3d 00 00 41 00 74 4b 64 8b 04 25 18 00 00 00 85 c0 75 67 44 89 e2 48 89 ee bf 9c ff ff ff b5 [ 43.101745] RSP: 002b:00007fffb2dcd4e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 43.101745] RAX: ffffffffffffffda RBX: 00007fffb2dcd830 RCX: 00000000004ad15b [ 43.101745] RDX: 0000000000000000 RSI: 00007fffb2dcefb2 RDI: 00000000ffffff9c [ 43.101745] RBP: 00007fffb2dcefb2 R08: 0000000000000001 R09: 0000000000000000 [ 43.101745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 43.101745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 43.101745] </TASK> [ 43.101745] Modules linked in: rust_proc(E) [ 43.101745] CR2: 0000000000000002 [ 43.101745] ---[ end trace 0000000000000000 ]--- [ 43.101745] RIP: 0010:0x2 [ 43.101745] Code: Unable to access opcode bytes at 0xffffffffffffffd8. [ 43.101745] RSP: 0018:ffff88800573fc68 EFLAGS: 00010202 [ 43.101745] RAX: ffff8880057339c0 RBX: 0000000000000001 RCX: 0000000000000000 [ 43.101745] RDX: 0000000000000000 RSI: ffff888005729700 RDI: ffff888004f5e308 [ 43.101745] RBP: ffff88800573fca0 R08: ffff88800573fc28 R09: ffff8880056b5ac8 [ 43.101745] R10: 0000000031a4a4f0 R11: 0000000000000002 R12: ffff8880056b5ac8 [ 43.101745] R13: ffff888005729700 R14: ffff888005469480 R15: ffff888004f5e308 [ 43.101745] FS: 00000000020ee3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 43.101745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.101745] CR2: ffffffffffffffd8 CR3: 000000000561e000 CR4: 00000000000006f0 [ 43.101745] note: cat[122] exited with irqs disabled Killed
gurugio
pushed a commit
that referenced
this issue
Oct 14, 2023
proc_create returns non-null pointer but open generates null-pointer panic. I checked the panic address. That is a code calling open. / # insmod share/rust_proc.ko [ 22.202776] rust_proc: module verification failed: signature and/or required key missing - tainting kernel [ 22.204453] rust_proc: rust_proc is loaded [ 22.205103] rust_proc: succeeded to create a proc entry: 0xffff8880054696c0 / # cat /proc/rust_demo/rust_proc_fs [ 26.663960] kernel tried to execute NX-protected page - exploit attempt? (uid: 0) [ 26.665132] BUG: unable to handle page fault for address: ffff888005492a00 [ 26.666141] #PF: supervisor instruction fetch in kernel mode [ 26.666674] #PF: error_code(0x0011) - permissions violation [ 26.666674] PGD 3a01067 P4D 3a01067 PUD 3a02067 PMD 80000000054001e3 [ 26.666674] Oops: 0011 [#1] PREEMPT SMP NOPTI [ 26.666674] CPU: 0 PID: 120 Comm: cat Tainted: G E 6.3.0+ Rust-for-Linux#18 [ 26.666674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 26.666674] RIP: 0010:0xffff888005492a00 [ 26.666674] Code: 00 00 60 11 e0 81 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 [ 26.666674] RSP: 0018:ffff8880056c7e00 EFLAGS: 00010286 [ 26.666674] RAX: ffff8880056c7918 RBX: 0000000000000000 RCX: ffff8880056c7ef0 [ 26.666674] RDX: 0000000000001000 RSI: 00007ffc8b3ba048 RDI: ffff888005721400 [ 26.666674] RBP: ffff8880056c7e48 R08: 00007ffc8b3ba048 R09: 0000000000000000 [ 26.666674] R10: 0000000000000000 R11: ffff888005492a00 R12: ffff8880054696c0 [ 26.666674] R13: ffff888005721400 R14: 0000000000000001 R15: 0000000000000000 [ 26.666674] FS: 000000000249a3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 26.666674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.666674] CR2: ffff888005492a00 CR3: 00000000054c6000 CR4: 00000000000006f0 [ 26.666674] Call Trace: [ 26.666674] <TASK> [ 26.666674] ? proc_reg_read+0xe8/0x150 [ 26.666674] vfs_read+0xb4/0x260 [ 26.666674] ? do_sendfile+0x1cf/0x3f0 [ 26.666674] ksys_read+0x5f/0xb0 [ 26.666674] __x64_sys_read+0x1b/0x20 [ 26.666674] do_syscall_64+0x35/0x50 [ 26.666674] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.666674] RIP: 0033:0x4ad272 [ 26.666674] Code: 31 c0 e9 b1 fe ff ff 50 48 8d 3d c1 80 17 00 e8 54 8e 00 00 0f 1f 40 00 f3 0f 1e fa 64 8b 04 25 18 00 00 04 [ 26.666674] RSP: 002b:00007ffc8b3b9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 26.666674] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004ad272 [ 26.666674] RDX: 0000000000001000 RSI: 00007ffc8b3ba048 RDI: 0000000000000003 [ 26.666674] RBP: 00007ffc8b3ba048 R08: 0000000000000001 R09: 0000000000000000 [ 26.666674] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000001000 [ 26.666674] R13: 000000000249a3a0 R14: 0000000000000000 R15: 0000000000000001 [ 26.666674] </TASK> [ 26.666674] Modules linked in: rust_proc(E) [ 26.666674] CR2: ffff888005492a00 [ 26.666674] ---[ end trace 0000000000000000 ]--- [ 26.666674] RIP: 0010:0xffff888005492a00 [ 26.666674] Code: 00 00 60 11 e0 81 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 [ 26.666674] RSP: 0018:ffff8880056c7e00 EFLAGS: 00010286 [ 26.666674] RAX: ffff8880056c7918 RBX: 0000000000000000 RCX: ffff8880056c7ef0 [ 26.666674] RDX: 0000000000001000 RSI: 00007ffc8b3ba048 RDI: ffff888005721400 [ 26.666674] RBP: ffff8880056c7e48 R08: 00007ffc8b3ba048 R09: 0000000000000000 [ 26.666674] R10: 0000000000000000 R11: ffff888005492a00 R12: ffff8880054696c0 [ 26.666674] R13: ffff888005721400 R14: 0000000000000001 R15: 0000000000000000 [ 26.666674] FS: 000000000249a3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 26.666674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.666674] CR2: ffff888005492a00 CR3: 00000000054c6000 CR4: 00000000000006f0 [ 26.666674] note: cat[120] exited with irqs disabled Killed
gurugio
pushed a commit
that referenced
this issue
Oct 14, 2023
At least it does not panic.
I checked the pointer of proc_open and proc_ops->proc_open value.
They are same. So I guess the function pointer setting is correct.
And I added messages to check if open function is crashed.
for _ in 0..10000 {
pr_err!("proc_open is invoked\n");
}
Then I found out that the read generates crash as below.
/ # insmod share/rust_proc.ko
[ 6.944654] rust_proc: module verification failed: signature and/or required key missing - tainting kernel
[ 6.946329] rust_proc: rust_proc is loaded
[ 6.946981] proc_create_data: rust_proc_fs proc_open=ffffffffc0201040
[ 6.947959] rust_proc: succeeded to create a proc entry: 0xffff888005469780 proc_open=0xffffffffc0201040
/ # cat /proc/rust_demo/rust_proc_fs
.........
.........
[ 15.546497] rust_proc: proc_open is invoked
[ 15.546836] rust_proc: proc_open is invoked
[ 15.547176] rust_proc: proc_open is invoked
[ 15.547530] rust_proc: proc_open is invoked
[ 15.547866] rust_proc: proc_open is invoked
[ 15.548204] rust_proc: proc_open is invoked
[ 15.548544] rust_proc: proc_open is invoked
[ 15.549052] BUG: kernel NULL pointer dereference, address: 0000000000000001
[ 15.549617] #PF: supervisor instruction fetch in kernel mode
[ 15.549801] #PF: error_code(0x0010) - not-present page
[ 15.549801] PGD 561e067 P4D 561e067 PUD 561c067 PMD 0
[ 15.549801] Oops: 0010 [#1] PREEMPT SMP NOPTI
[ 15.549801] CPU: 0 PID: 120 Comm: cat Tainted: G E 6.3.0+ Rust-for-Linux#22
[ 15.549801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
[ 15.549801] RIP: 0010:0x1
[ 15.549801] Code: Unable to access opcode bytes at 0xffffffffffffffd7.
[ 15.549801] RSP: 0018:ffff8880056b3e00 EFLAGS: 00010202
[ 15.549801] RAX: ffff888005733898 RBX: 0000000000000000 RCX: ffff8880056b3ef0
[ 15.549801] RDX: 0000000000001000 RSI: 00007ffc1f99b0a8 RDI: ffff888005729600
[ 15.549801] RBP: ffff8880056b3e48 R08: 00007ffc1f99b0a8 R09: 0000000000000000
[ 15.549801] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888005469f00
[ 15.549801] R13: ffff888005729600 R14: 0000000000000001 R15: 0000000000000000
[ 15.549801] FS: 0000000001e153c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000
[ 15.549801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.549801] CR2: ffffffffffffffd7 CR3: 0000000003c60000 CR4: 00000000000006f0
[ 15.549801] Call Trace:
[ 15.549801] <TASK>
[ 15.549801] ? proc_reg_read+0xe8/0x150
[ 15.549801] vfs_read+0xb4/0x260
[ 15.549801] ? do_sendfile+0x1cf/0x3f0
[ 15.549801] ksys_read+0x5f/0xb0
[ 15.549801] __x64_sys_read+0x1b/0x20
[ 15.549801] do_syscall_64+0x35/0x50
[ 15.549801] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 15.549801] RIP: 0033:0x4ad272
[ 15.549801] Code: 31 c0 e9 b1 fe ff ff 50 48 8d 3d c1 80 17 00 e8 54 8e 00 00 0f 1f 40 00 f3 0f 1e fa 64 8b 04 25 18 00 00 04
[ 15.549801] RSP: 002b:00007ffc1f99b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 15.549801] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004ad272
[ 15.549801] RDX: 0000000000001000 RSI: 00007ffc1f99b0a8 RDI: 0000000000000003
[ 15.549801] RBP: 00007ffc1f99b0a8 R08: 0000000000000001 R09: 0000000000000000
[ 15.549801] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000001000
[ 15.549801] R13: 0000000001e153a0 R14: 0000000000000000 R15: 0000000000000001
[ 15.549801] </TASK>
[ 15.549801] Modules linked in: rust_proc(E)
[ 15.549801] CR2: 0000000000000001
[ 15.549801] ---[ end trace 0000000000000000 ]---
[ 15.549801] RIP: 0010:0x1
[ 15.549801] Code: Unable to access opcode bytes at 0xffffffffffffffd7.
[ 15.549801] RSP: 0018:ffff8880056b3e00 EFLAGS: 00010202
[ 15.549801] RAX: ffff888005733898 RBX: 0000000000000000 RCX: ffff8880056b3ef0
[ 15.549801] RDX: 0000000000001000 RSI: 00007ffc1f99b0a8 RDI: ffff888005729600
[ 15.549801] RBP: ffff8880056b3e48 R08: 00007ffc1f99b0a8 R09: 0000000000000000
[ 15.549801] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888005469f00
[ 15.549801] R13: ffff888005729600 R14: 0000000000000001 R15: 0000000000000000
[ 15.549801] FS: 0000000001e153c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000
[ 15.549801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.549801] CR2: ffffffffffffffd7 CR3: 0000000003c60000 CR4: 00000000000006f0
[ 15.549801] note: cat[120] exited with irqs disabled
[ 15.572950] BUG: kernel NULL pointer dereference, address: 0000000000000001
[ 15.573491] #PF: supervisor instruction fetch in kernel mode
[ 15.573932] #PF: error_code(0x0010) - not-present page
[ 15.574335] PGD 0 P4D 0
[ 15.574535] Oops: 0010 [#2] PREEMPT SMP NOPTI
[ 15.574892] CPU: 0 PID: 120 Comm: cat Tainted: G D E 6.3.0+ Rust-for-Linux#22
[ 15.575462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
[ 15.576107] RIP: 0010:0x1
[ 15.576328] Code: Unable to access opcode bytes at 0xffffffffffffffd7.
[ 15.576842] RSP: 0018:ffff8880056b3de8 EFLAGS: 00010246
[ 15.576842] RAX: ffff888005733898 RBX: 0000000000000000 RCX: 0000000000000001
[ 15.576842] RDX: ffff8880054ec800 RSI: ffff888005729600 RDI: ffff888004f7ce08
[ 15.576842] RBP: ffff8880056b3e30 R08: ffff888003c43c00 R09: ffff888004f7ce08
[ 15.576842] R10: ffffea00000f93c0 R11: 0000000000000001 R12: ffff8880056bae10
[ 15.576842] R13: 00000000000a800d R14: ffff888005469f00 R15: ffff888005469f18
[ 15.576842] FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000
[ 15.576842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.576842] CR2: ffffffffffffffd7 CR3: 0000000002434000 CR4: 00000000000006f0
[ 15.576842] Call Trace:
[ 15.576842] <TASK>
[ 15.576842] ? close_pdeo+0x59/0x120
[ 15.576842] proc_reg_release+0x6f/0x80
[ 15.576842] __fput+0xf0/0x220
[ 15.576842] ____fput+0xe/0x10
[ 15.576842] task_work_run+0xc3/0xe0
[ 15.576842] do_exit+0x3e2/0xab0
[ 15.576842] make_task_dead+0x83/0x130
[ 15.576842] rewind_stack_and_make_dead+0x17/0x20
[ 15.576842] RIP: 0033:0x4ad272
[ 15.576842] Code: Unable to access opcode bytes at 0x4ad248.
[ 15.576842] RSP: 002b:00007ffc1f99b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 15.576842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004ad272
[ 15.576842] RDX: 0000000000001000 RSI: 00007ffc1f99b0a8 RDI: 0000000000000003
[ 15.576842] RBP: 00007ffc1f99b0a8 R08: 0000000000000001 R09: 0000000000000000
[ 15.576842] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000001000
[ 15.576842] R13: 0000000001e153a0 R14: 0000000000000000 R15: 0000000000000001
[ 15.576842] </TASK>
[ 15.576842] Modules linked in: rust_proc(E)
[ 15.576842] CR2: 0000000000000001
[ 15.576842] ---[ end trace 0000000000000000 ]---
[ 15.576842] RIP: 0010:0x1
[ 15.576842] Code: Unable to access opcode bytes at 0xffffffffffffffd7.
[ 15.576842] RSP: 0018:ffff8880056b3e00 EFLAGS: 00010202
[ 15.576842] RAX: ffff888005733898 RBX: 0000000000000000 RCX: ffff8880056b3ef0
[ 15.576842] RDX: 0000000000001000 RSI: 00007ffc1f99b0a8 RDI: ffff888005729600
[ 15.576842] RBP: ffff8880056b3e48 R08: 00007ffc1f99b0a8 R09: 0000000000000000
[ 15.576842] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888005469f00
[ 15.576842] R13: ffff888005729600 R14: 0000000000000001 R15: 0000000000000000
[ 15.576842] FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000
[ 15.576842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.576842] CR2: ffffffffffffffd7 CR3: 0000000002434000 CR4: 00000000000006f0
[ 15.576842] note: cat[120] exited with irqs disabled
[ 15.595880] Fixing recursive fault but reboot is needed!
[ 15.596287] BUG: scheduling while atomic: cat/120/0x00000000
[ 15.596720] Modules linked in: rust_proc(E)
[ 15.597039] CPU: 0 PID: 120 Comm: cat Tainted: G D E 6.3.0+ Rust-for-Linux#22
[ 15.597587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
[ 15.598226] Call Trace:
[ 15.598420] <TASK>
[ 15.598592] dump_stack_lvl+0x58/0x70
[ 15.598883] dump_stack+0x10/0x20
[ 15.599141] __schedule_bug+0x62/0x70
[ 15.599449] __schedule+0x838/0x1450
[ 15.599731] ? vprintk_default+0x1d/0x20
[ 15.599849] ? vprintk+0x60/0x80
[ 15.599849] ? _printk+0x4b/0x50
[ 15.599849] do_task_dead+0x41/0x50
[ 15.599849] make_task_dead+0x129/0x130
[ 15.599849] rewind_stack_and_make_dead+0x17/0x20
[ 15.599849] RIP: 0033:0x4ad272
[ 15.599849] Code: Unable to access opcode bytes at 0x4ad248.
[ 15.599849] RSP: 002b:00007ffc1f99b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 15.599849] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004ad272
[ 15.599849] RDX: 0000000000001000 RSI: 00007ffc1f99b0a8 RDI: 0000000000000003
[ 15.599849] RBP: 00007ffc1f99b0a8 R08: 0000000000000001 R09: 0000000000000000
[ 15.599849] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000001000
[ 15.599849] R13: 0000000001e153a0 R14: 0000000000000000 R15: 0000000000000001
[ 15.599849] </TASK>
diff --git a/fs/proc/generic.c b/fs/proc/generic.c
index 8379593fa4bb..bea879760ebc 100644
--- a/fs/proc/generic.c
+++ b/fs/proc/generic.c
@@ -573,7 +573,8 @@ struct proc_dir_entry *proc_create_data(const char *name, umode_t mode,
p = proc_create_reg(name, mode, &parent, data);
if (!p)
return NULL;
- p->proc_ops = proc_ops;
+ printk(KERN_ERR "proc_create_data: %s proc_open=%px\n", name, proc_ops->proc_open);
+ p->proc_ops = proc_ops;
pde_set_flags(p);
return proc_register(parent, p);
}
gurugio
added a commit
that referenced
this issue
Oct 28, 2023
I guess completion is not initialized correctly. The completion is initialized by Default trait. What to do more? / # mknod /dev/rust_ldd06 c 10 124 / # cat /dev/rust_ldd06 [ 38.598297] rust_completion: open is invoked [ 38.598899] rust_completion: read is invoked [ 38.599419] rust_completion: read:dummy=1 [ 38.599927] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 38.600741] #PF: supervisor write access in kernel mode [ 38.601348] #PF: error_code(0x0002) - not-present page [ 38.601948] PGD 41ac067 P4D 41ac067 PUD 42a2067 PMD 0 [ 38.602542] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 38.602880] CPU: 0 PID: 123 Comm: cat Tainted: G E 6.6.0-rc4+ Rust-for-Linux#75 [ 38.602880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 38.602880] RIP: 0010:wait_for_common+0xb5/0x170 [ 38.602880] Code: f6 81 19 0c 00 00 01 75 70 48 89 4d c0 48 8b 45 c8 4c 39 f8 75 17 48 8b 46 18 4c 89 7e 18 48 8b 7d b0 2 [ 38.602880] RSP: 0018:ffffc9000059bd70 EFLAGS: 00010046 [ 38.602880] RAX: 0000000000000000 RBX: ffff88800433d148 RCX: ffff88800438e000 [ 38.602880] RDX: 0000000000000002 RSI: ffff88800433d148 RDI: ffff88800433d158 [ 38.602880] RBP: ffffc9000059bdc8 R08: 0000000000000000 R09: 0000000000000000 [ 38.602880] R10: ffffc9000059bca8 R11: 3fffffffffffffff R12: 00007ffe6e0671b8 [ 38.602880] R13: 7fffffffffffffff R14: 0000000000000002 R15: ffffc9000059bd90 [ 38.602880] FS: 00000000020243c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 38.602880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.602880] CR2: 0000000000000000 CR3: 00000000042e6000 CR4: 00000000000006f0 [ 38.602880] Call Trace: [ 38.602880] <TASK> [ 38.602880] ? __die_body+0x6b/0xb0 [ 38.602880] ? __die+0x9b/0xb0 [ 38.602880] ? page_fault_oops+0x24c/0x370 [ 38.602880] ? prb_read_valid+0x19/0x20 [ 38.602880] ? printk_get_next_message+0x72/0x320 [ 38.602880] ? kernelmode_fixup_or_oops+0xd7/0x100 [ 38.602880] ? __bad_area_nosemaphore+0x69/0x290 [ 38.602880] ? bad_area_nosemaphore+0x16/0x20 [ 38.602880] ? do_user_addr_fault+0x55a/0x620 [ 38.602880] ? exc_page_fault+0x7c/0xf0 [ 38.602880] ? asm_exc_page_fault+0x27/0x30 [ 38.602880] ? wait_for_common+0xb5/0x170 [ 38.602880] wait_for_completion+0x1d/0x20 [ 38.602880] _RNvMs3_NtCshlmskAEPslc_6kernel4fileINtB5_16OperationsVtableINtNtB7_7miscdev12RegistrationNtCs2Jef7UYeN6f_1] [ 38.602880] ? _RNvXs4_NtNtNtCsaTHfZRq6xTQ_4core3fmt3num3impxNtB9_7Display3fmt+0x30/0x30 [ 38.602880] vfs_read+0xb4/0x280 [ 38.602880] ? do_sendfile+0x1cd/0x470 [ 38.602880] ksys_read+0x5f/0xb0 [ 38.602880] __x64_sys_read+0x1b/0x20 [ 38.602880] do_syscall_64+0x35/0x50 [ 38.602880] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 38.602880] RIP: 0033:0x4ad272 [ 38.602880] Code: 31 c0 e9 b1 fe ff ff 50 48 8d 3d c1 80 17 00 e8 54 8e 00 00 0f 1f 40 00 f3 0f 1e fa 64 8b 04 25 18 00 4 [ 38.602880] RSP: 002b:00007ffe6e067158 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 38.602880] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004ad272 [ 38.602880] RDX: 0000000000001000 RSI: 00007ffe6e0671b8 RDI: 0000000000000003 [ 38.602880] RBP: 00007ffe6e0671b8 R08: 0000000000000001 R09: 0000000000000000 [ 38.602880] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000001000 [ 38.602880] R13: 00000000020243a0 R14: 0000000000000000 R15: 0000000000000001 [ 38.602880] </TASK> [ 38.602880] Modules linked in: rust_ldd06(E) [ 38.602880] CR2: 0000000000000000 [ 38.602880] ---[ end trace 0000000000000000 ]--- [ 38.602880] RIP: 0010:wait_for_common+0xb5/0x170 [ 38.602880] Code: f6 81 19 0c 00 00 01 75 70 48 89 4d c0 48 8b 45 c8 4c 39 f8 75 17 48 8b 46 18 4c 89 7e 18 48 8b 7d b0 2 [ 38.602880] RSP: 0018:ffffc9000059bd70 EFLAGS: 00010046 [ 38.602880] RAX: 0000000000000000 RBX: ffff88800433d148 RCX: ffff88800438e000 [ 38.602880] RDX: 0000000000000002 RSI: ffff88800433d148 RDI: ffff88800433d158 [ 38.602880] RBP: ffffc9000059bdc8 R08: 0000000000000000 R09: 0000000000000000 [ 38.602880] R10: ffffc9000059bca8 R11: 3fffffffffffffff R12: 00007ffe6e0671b8 [ 38.602880] R13: 7fffffffffffffff R14: 0000000000000002 R15: ffffc9000059bd90 [ 38.602880] FS: 00000000020243c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 38.602880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.602880] CR2: 0000000000000000 CR3: 00000000042e6000 CR4: 00000000000006f0 [ 38.602880] note: cat[123] exited with irqs disabled [ 38.652903] note: cat[123] exited with preempt_count 1 [ 38.653512] rust_completion: release is invoked Signed-off-by: Gioh Kim <[email protected]>
gurugio
added a commit
that referenced
this issue
Oct 30, 2023
It uses Opaque type to get the mutable reference to an object inside of super object wrapped with Arc. Opaque::raw_get() function returns mutable pointer. But it still has a problem as below. A spinlock in the completion object might not be initialized correctly. / # insmod share/rust_ldd06.ko [ 8.838768] rust_ldd06: module verification failed: signature and/or required key missing - tal [ 8.841700] rust_completion: rust_ldd06 is loaded [ 8.842994] rust_completion: completion_dev created / # mknod /dev/rust_ldd06 c 10 124 / # cat /dev/rust_ldd06 & / # [ 28.024130] rust_completion: open is invoked [ 28.025404] rust_completion: read is invoked / # echo "asdf" > /dev/rust_ldd06 [ 34.750500] rust_completion: open is invoked [ 34.751870] rust_completion: write is invoked [ 34.753140] BUG: unable to handle page fault for address: ffffc90000594743 [ 34.754996] #PF: supervisor write access in kernel mode [ 34.756442] #PF: error_code(0x0002) - not-present page [ 34.757111] PGD 3000067 P4D 3000067 PUD 31a7067 PMD 414b067 PTE 0 [ 34.757111] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 34.757111] CPU: 0 PID: 1 Comm: sh Tainted: G E 6.6.0-rc4+ Rust-for-Linux#76 [ 34.757111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 34.757111] RIP: 0010:_raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] Code: e5 41 57 41 56 41 54 53 49 89 ff 9c 58 0f 1f 40 00 49 89 c6 fa 0f 1f 44 00 01 [ 34.757111] RSP: 0018:ffffc9000000bd30 EFLAGS: 00010046 [ 34.757111] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 34.757111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffffc90000594743 [ 34.757111] RBP: ffffc9000000bd50 R08: 0000000000000000 R09: 0000000000000000 [ 34.757111] R10: ffffc9000000bca8 R11: 3fffffffffffffff R12: 0000000000000000 [ 34.757111] R13: 0000000000000005 R14: 0000000000000097 R15: ffffc90000594743 [ 34.757111] FS: 0000000001d1c3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 34.757111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.757111] CR2: ffffc90000594743 CR3: 0000000004322000 CR4: 00000000000006f0 [ 34.757111] Call Trace: [ 34.757111] <TASK> [ 34.757111] ? __die_body+0x6b/0xb0 [ 34.757111] ? __die+0x9b/0xb0 [ 34.757111] ? page_fault_oops+0x24c/0x370 [ 34.757111] ? prb_read_valid+0x19/0x20 [ 34.757111] ? printk_get_next_message+0x72/0x320 [ 34.757111] ? kernelmode_fixup_or_oops+0xd7/0x100 [ 34.757111] ? __bad_area_nosemaphore+0x69/0x290 [ 34.757111] ? io_serial_in+0x50/0x50 [ 34.757111] ? bad_area_nosemaphore+0x16/0x20 [ 34.757111] ? do_kern_addr_fault+0x7c/0x90 [ 34.757111] ? exc_page_fault+0xcf/0xf0 [ 34.757111] ? asm_exc_page_fault+0x27/0x30 [ 34.757111] ? _raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] try_to_wake_up+0x46/0x860 [ 34.757111] ? vprintk+0x52/0x60 [ 34.757111] ? _printk+0x4b/0x50 [ 34.757111] complete+0x4c/0x80 [ 34.757111] _RNvMs3_NtCshlmskAEPslc_6kernel4fileINtB5_16OperationsVtableINtNtB7_7miscdev12Reg] [ 34.757111] vfs_write+0x111/0x3d0 [ 34.757111] ? handle_mm_fault+0x1e5/0x2e0 [ 34.757111] ksys_write+0x5f/0xb0 [ 34.757111] __x64_sys_write+0x1b/0x20 [ 34.757111] do_syscall_64+0x35/0x50 [ 34.757111] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 34.757111] RIP: 0033:0x4ad317 [ 34.757111] Code: ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 [ 34.757111] RSP: 002b:00007ffc77a92d48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 34.757111] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004ad317 [ 34.757111] RDX: 0000000000000005 RSI: 0000000001d21a50 RDI: 0000000000000001 [ 34.757111] RBP: 0000000001d21a50 R08: fefefefefefefeff R09: feff86ff65637260 [ 34.757111] R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000005 [ 34.757111] R13: 0000000001d1c3a0 R14: 00007ffc77a92f01 R15: 00007ffc77a92db0 [ 34.757111] </TASK> [ 34.757111] Modules linked in: rust_ldd06(E) [ 34.757111] CR2: ffffc90000594743 [ 34.757111] ---[ end trace 0000000000000000 ]--- [ 34.757111] RIP: 0010:_raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] Code: e5 41 57 41 56 41 54 53 49 89 ff 9c 58 0f 1f 40 00 49 89 c6 fa 0f 1f 44 00 01 [ 34.757111] RSP: 0018:ffffc9000000bd30 EFLAGS: 00010046 [ 34.757111] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 34.757111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffffc90000594743 [ 34.757111] RBP: ffffc9000000bd50 R08: 0000000000000000 R09: 0000000000000000 [ 34.757111] R10: ffffc9000000bca8 R11: 3fffffffffffffff R12: 0000000000000000 [ 34.757111] R13: 0000000000000005 R14: 0000000000000097 R15: ffffc90000594743 [ 34.757111] FS: 0000000001d1c3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 34.757111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.757111] CR2: ffffc90000594743 CR3: 0000000004322000 CR4: 00000000000006f0 [ 34.757111] note: sh[1] exited with irqs disabled [ 34.818149] note: sh[1] exited with preempt_count 3 [ 34.818663] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 [ 34.819478] Kernel Offset: disabled [ 34.819864] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 ]- QEMU 6.2.0 monitor - type 'help' for more information Signed-off-by: Gioh Kim <[email protected]>
gurugio
added a commit
that referenced
this issue
Oct 30, 2023
It uses Opaque type to get the mutable reference to an object inside of super object wrapped with Arc. Opaque::raw_get() function returns mutable pointer. But it still has a problem as below. A spinlock in the completion object might not be initialized correctly. / # insmod share/rust_ldd06.ko [ 8.838768] rust_ldd06: module verification failed: signature and/or required key missing - tal [ 8.841700] rust_completion: rust_ldd06 is loaded [ 8.842994] rust_completion: completion_dev created / # mknod /dev/rust_ldd06 c 10 124 / # cat /dev/rust_ldd06 & / # [ 28.024130] rust_completion: open is invoked [ 28.025404] rust_completion: read is invoked / # echo "asdf" > /dev/rust_ldd06 [ 34.750500] rust_completion: open is invoked [ 34.751870] rust_completion: write is invoked [ 34.753140] BUG: unable to handle page fault for address: ffffc90000594743 [ 34.754996] #PF: supervisor write access in kernel mode [ 34.756442] #PF: error_code(0x0002) - not-present page [ 34.757111] PGD 3000067 P4D 3000067 PUD 31a7067 PMD 414b067 PTE 0 [ 34.757111] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 34.757111] CPU: 0 PID: 1 Comm: sh Tainted: G E 6.6.0-rc4+ Rust-for-Linux#76 [ 34.757111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 34.757111] RIP: 0010:_raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] Code: e5 41 57 41 56 41 54 53 49 89 ff 9c 58 0f 1f 40 00 49 89 c6 fa 0f 1f 44 00 01 [ 34.757111] RSP: 0018:ffffc9000000bd30 EFLAGS: 00010046 [ 34.757111] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 34.757111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffffc90000594743 [ 34.757111] RBP: ffffc9000000bd50 R08: 0000000000000000 R09: 0000000000000000 [ 34.757111] R10: ffffc9000000bca8 R11: 3fffffffffffffff R12: 0000000000000000 [ 34.757111] R13: 0000000000000005 R14: 0000000000000097 R15: ffffc90000594743 [ 34.757111] FS: 0000000001d1c3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 34.757111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.757111] CR2: ffffc90000594743 CR3: 0000000004322000 CR4: 00000000000006f0 [ 34.757111] Call Trace: [ 34.757111] <TASK> [ 34.757111] ? __die_body+0x6b/0xb0 [ 34.757111] ? __die+0x9b/0xb0 [ 34.757111] ? page_fault_oops+0x24c/0x370 [ 34.757111] ? prb_read_valid+0x19/0x20 [ 34.757111] ? printk_get_next_message+0x72/0x320 [ 34.757111] ? kernelmode_fixup_or_oops+0xd7/0x100 [ 34.757111] ? __bad_area_nosemaphore+0x69/0x290 [ 34.757111] ? io_serial_in+0x50/0x50 [ 34.757111] ? bad_area_nosemaphore+0x16/0x20 [ 34.757111] ? do_kern_addr_fault+0x7c/0x90 [ 34.757111] ? exc_page_fault+0xcf/0xf0 [ 34.757111] ? asm_exc_page_fault+0x27/0x30 [ 34.757111] ? _raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] try_to_wake_up+0x46/0x860 [ 34.757111] ? vprintk+0x52/0x60 [ 34.757111] ? _printk+0x4b/0x50 [ 34.757111] complete+0x4c/0x80 [ 34.757111] _RNvMs3_NtCshlmskAEPslc_6kernel4fileINtB5_16OperationsVtableINtNtB7_7miscdev12Reg] [ 34.757111] vfs_write+0x111/0x3d0 [ 34.757111] ? handle_mm_fault+0x1e5/0x2e0 [ 34.757111] ksys_write+0x5f/0xb0 [ 34.757111] __x64_sys_write+0x1b/0x20 [ 34.757111] do_syscall_64+0x35/0x50 [ 34.757111] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 34.757111] RIP: 0033:0x4ad317 [ 34.757111] Code: ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 [ 34.757111] RSP: 002b:00007ffc77a92d48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 34.757111] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004ad317 [ 34.757111] RDX: 0000000000000005 RSI: 0000000001d21a50 RDI: 0000000000000001 [ 34.757111] RBP: 0000000001d21a50 R08: fefefefefefefeff R09: feff86ff65637260 [ 34.757111] R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000005 [ 34.757111] R13: 0000000001d1c3a0 R14: 00007ffc77a92f01 R15: 00007ffc77a92db0 [ 34.757111] </TASK> [ 34.757111] Modules linked in: rust_ldd06(E) [ 34.757111] CR2: ffffc90000594743 [ 34.757111] ---[ end trace 0000000000000000 ]--- [ 34.757111] RIP: 0010:_raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] Code: e5 41 57 41 56 41 54 53 49 89 ff 9c 58 0f 1f 40 00 49 89 c6 fa 0f 1f 44 00 01 [ 34.757111] RSP: 0018:ffffc9000000bd30 EFLAGS: 00010046 [ 34.757111] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 34.757111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffffc90000594743 [ 34.757111] RBP: ffffc9000000bd50 R08: 0000000000000000 R09: 0000000000000000 [ 34.757111] R10: ffffc9000000bca8 R11: 3fffffffffffffff R12: 0000000000000000 [ 34.757111] R13: 0000000000000005 R14: 0000000000000097 R15: ffffc90000594743 [ 34.757111] FS: 0000000001d1c3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 34.757111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.757111] CR2: ffffc90000594743 CR3: 0000000004322000 CR4: 00000000000006f0 [ 34.757111] note: sh[1] exited with irqs disabled [ 34.818149] note: sh[1] exited with preempt_count 3 [ 34.818663] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 [ 34.819478] Kernel Offset: disabled [ 34.819864] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 ]- QEMU 6.2.0 monitor - type 'help' for more information Signed-off-by: Gioh Kim <[email protected]>
gurugio
added a commit
that referenced
this issue
Oct 31, 2023
I guess completion is not initialized correctly. The completion is initialized by Default trait. What to do more? / # mknod /dev/rust_ldd06 c 10 124 / # cat /dev/rust_ldd06 [ 38.598297] rust_completion: open is invoked [ 38.598899] rust_completion: read is invoked [ 38.599419] rust_completion: read:dummy=1 [ 38.599927] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 38.600741] #PF: supervisor write access in kernel mode [ 38.601348] #PF: error_code(0x0002) - not-present page [ 38.601948] PGD 41ac067 P4D 41ac067 PUD 42a2067 PMD 0 [ 38.602542] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 38.602880] CPU: 0 PID: 123 Comm: cat Tainted: G E 6.6.0-rc4+ Rust-for-Linux#75 [ 38.602880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 38.602880] RIP: 0010:wait_for_common+0xb5/0x170 [ 38.602880] Code: f6 81 19 0c 00 00 01 75 70 48 89 4d c0 48 8b 45 c8 4c 39 f8 75 17 48 8b 46 18 4c 89 7e 18 48 8b 7d b0 2 [ 38.602880] RSP: 0018:ffffc9000059bd70 EFLAGS: 00010046 [ 38.602880] RAX: 0000000000000000 RBX: ffff88800433d148 RCX: ffff88800438e000 [ 38.602880] RDX: 0000000000000002 RSI: ffff88800433d148 RDI: ffff88800433d158 [ 38.602880] RBP: ffffc9000059bdc8 R08: 0000000000000000 R09: 0000000000000000 [ 38.602880] R10: ffffc9000059bca8 R11: 3fffffffffffffff R12: 00007ffe6e0671b8 [ 38.602880] R13: 7fffffffffffffff R14: 0000000000000002 R15: ffffc9000059bd90 [ 38.602880] FS: 00000000020243c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 38.602880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.602880] CR2: 0000000000000000 CR3: 00000000042e6000 CR4: 00000000000006f0 [ 38.602880] Call Trace: [ 38.602880] <TASK> [ 38.602880] ? __die_body+0x6b/0xb0 [ 38.602880] ? __die+0x9b/0xb0 [ 38.602880] ? page_fault_oops+0x24c/0x370 [ 38.602880] ? prb_read_valid+0x19/0x20 [ 38.602880] ? printk_get_next_message+0x72/0x320 [ 38.602880] ? kernelmode_fixup_or_oops+0xd7/0x100 [ 38.602880] ? __bad_area_nosemaphore+0x69/0x290 [ 38.602880] ? bad_area_nosemaphore+0x16/0x20 [ 38.602880] ? do_user_addr_fault+0x55a/0x620 [ 38.602880] ? exc_page_fault+0x7c/0xf0 [ 38.602880] ? asm_exc_page_fault+0x27/0x30 [ 38.602880] ? wait_for_common+0xb5/0x170 [ 38.602880] wait_for_completion+0x1d/0x20 [ 38.602880] _RNvMs3_NtCshlmskAEPslc_6kernel4fileINtB5_16OperationsVtableINtNtB7_7miscdev12RegistrationNtCs2Jef7UYeN6f_1] [ 38.602880] ? _RNvXs4_NtNtNtCsaTHfZRq6xTQ_4core3fmt3num3impxNtB9_7Display3fmt+0x30/0x30 [ 38.602880] vfs_read+0xb4/0x280 [ 38.602880] ? do_sendfile+0x1cd/0x470 [ 38.602880] ksys_read+0x5f/0xb0 [ 38.602880] __x64_sys_read+0x1b/0x20 [ 38.602880] do_syscall_64+0x35/0x50 [ 38.602880] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 38.602880] RIP: 0033:0x4ad272 [ 38.602880] Code: 31 c0 e9 b1 fe ff ff 50 48 8d 3d c1 80 17 00 e8 54 8e 00 00 0f 1f 40 00 f3 0f 1e fa 64 8b 04 25 18 00 4 [ 38.602880] RSP: 002b:00007ffe6e067158 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 38.602880] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004ad272 [ 38.602880] RDX: 0000000000001000 RSI: 00007ffe6e0671b8 RDI: 0000000000000003 [ 38.602880] RBP: 00007ffe6e0671b8 R08: 0000000000000001 R09: 0000000000000000 [ 38.602880] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000001000 [ 38.602880] R13: 00000000020243a0 R14: 0000000000000000 R15: 0000000000000001 [ 38.602880] </TASK> [ 38.602880] Modules linked in: rust_ldd06(E) [ 38.602880] CR2: 0000000000000000 [ 38.602880] ---[ end trace 0000000000000000 ]--- [ 38.602880] RIP: 0010:wait_for_common+0xb5/0x170 [ 38.602880] Code: f6 81 19 0c 00 00 01 75 70 48 89 4d c0 48 8b 45 c8 4c 39 f8 75 17 48 8b 46 18 4c 89 7e 18 48 8b 7d b0 2 [ 38.602880] RSP: 0018:ffffc9000059bd70 EFLAGS: 00010046 [ 38.602880] RAX: 0000000000000000 RBX: ffff88800433d148 RCX: ffff88800438e000 [ 38.602880] RDX: 0000000000000002 RSI: ffff88800433d148 RDI: ffff88800433d158 [ 38.602880] RBP: ffffc9000059bdc8 R08: 0000000000000000 R09: 0000000000000000 [ 38.602880] R10: ffffc9000059bca8 R11: 3fffffffffffffff R12: 00007ffe6e0671b8 [ 38.602880] R13: 7fffffffffffffff R14: 0000000000000002 R15: ffffc9000059bd90 [ 38.602880] FS: 00000000020243c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 38.602880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.602880] CR2: 0000000000000000 CR3: 00000000042e6000 CR4: 00000000000006f0 [ 38.602880] note: cat[123] exited with irqs disabled [ 38.652903] note: cat[123] exited with preempt_count 1 [ 38.653512] rust_completion: release is invoked Signed-off-by: Gioh Kim <[email protected]>
gurugio
added a commit
that referenced
this issue
Oct 31, 2023
It uses Opaque type to get the mutable reference to an object inside of super object wrapped with Arc. Opaque::raw_get() function returns mutable pointer. But it still has a problem as below. A spinlock in the completion object might not be initialized correctly. / # insmod share/rust_ldd06.ko [ 8.838768] rust_ldd06: module verification failed: signature and/or required key missing - tal [ 8.841700] rust_completion: rust_ldd06 is loaded [ 8.842994] rust_completion: completion_dev created / # mknod /dev/rust_ldd06 c 10 124 / # cat /dev/rust_ldd06 & / # [ 28.024130] rust_completion: open is invoked [ 28.025404] rust_completion: read is invoked / # echo "asdf" > /dev/rust_ldd06 [ 34.750500] rust_completion: open is invoked [ 34.751870] rust_completion: write is invoked [ 34.753140] BUG: unable to handle page fault for address: ffffc90000594743 [ 34.754996] #PF: supervisor write access in kernel mode [ 34.756442] #PF: error_code(0x0002) - not-present page [ 34.757111] PGD 3000067 P4D 3000067 PUD 31a7067 PMD 414b067 PTE 0 [ 34.757111] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 34.757111] CPU: 0 PID: 1 Comm: sh Tainted: G E 6.6.0-rc4+ Rust-for-Linux#76 [ 34.757111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 [ 34.757111] RIP: 0010:_raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] Code: e5 41 57 41 56 41 54 53 49 89 ff 9c 58 0f 1f 40 00 49 89 c6 fa 0f 1f 44 00 01 [ 34.757111] RSP: 0018:ffffc9000000bd30 EFLAGS: 00010046 [ 34.757111] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 34.757111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffffc90000594743 [ 34.757111] RBP: ffffc9000000bd50 R08: 0000000000000000 R09: 0000000000000000 [ 34.757111] R10: ffffc9000000bca8 R11: 3fffffffffffffff R12: 0000000000000000 [ 34.757111] R13: 0000000000000005 R14: 0000000000000097 R15: ffffc90000594743 [ 34.757111] FS: 0000000001d1c3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 34.757111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.757111] CR2: ffffc90000594743 CR3: 0000000004322000 CR4: 00000000000006f0 [ 34.757111] Call Trace: [ 34.757111] <TASK> [ 34.757111] ? __die_body+0x6b/0xb0 [ 34.757111] ? __die+0x9b/0xb0 [ 34.757111] ? page_fault_oops+0x24c/0x370 [ 34.757111] ? prb_read_valid+0x19/0x20 [ 34.757111] ? printk_get_next_message+0x72/0x320 [ 34.757111] ? kernelmode_fixup_or_oops+0xd7/0x100 [ 34.757111] ? __bad_area_nosemaphore+0x69/0x290 [ 34.757111] ? io_serial_in+0x50/0x50 [ 34.757111] ? bad_area_nosemaphore+0x16/0x20 [ 34.757111] ? do_kern_addr_fault+0x7c/0x90 [ 34.757111] ? exc_page_fault+0xcf/0xf0 [ 34.757111] ? asm_exc_page_fault+0x27/0x30 [ 34.757111] ? _raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] try_to_wake_up+0x46/0x860 [ 34.757111] ? vprintk+0x52/0x60 [ 34.757111] ? _printk+0x4b/0x50 [ 34.757111] complete+0x4c/0x80 [ 34.757111] _RNvMs3_NtCshlmskAEPslc_6kernel4fileINtB5_16OperationsVtableINtNtB7_7miscdev12Reg] [ 34.757111] vfs_write+0x111/0x3d0 [ 34.757111] ? handle_mm_fault+0x1e5/0x2e0 [ 34.757111] ksys_write+0x5f/0xb0 [ 34.757111] __x64_sys_write+0x1b/0x20 [ 34.757111] do_syscall_64+0x35/0x50 [ 34.757111] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 34.757111] RIP: 0033:0x4ad317 [ 34.757111] Code: ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 [ 34.757111] RSP: 002b:00007ffc77a92d48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 34.757111] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004ad317 [ 34.757111] RDX: 0000000000000005 RSI: 0000000001d21a50 RDI: 0000000000000001 [ 34.757111] RBP: 0000000001d21a50 R08: fefefefefefefeff R09: feff86ff65637260 [ 34.757111] R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000005 [ 34.757111] R13: 0000000001d1c3a0 R14: 00007ffc77a92f01 R15: 00007ffc77a92db0 [ 34.757111] </TASK> [ 34.757111] Modules linked in: rust_ldd06(E) [ 34.757111] CR2: ffffc90000594743 [ 34.757111] ---[ end trace 0000000000000000 ]--- [ 34.757111] RIP: 0010:_raw_spin_lock_irqsave+0x32/0xa0 [ 34.757111] Code: e5 41 57 41 56 41 54 53 49 89 ff 9c 58 0f 1f 40 00 49 89 c6 fa 0f 1f 44 00 01 [ 34.757111] RSP: 0018:ffffc9000000bd30 EFLAGS: 00010046 [ 34.757111] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 34.757111] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffffc90000594743 [ 34.757111] RBP: ffffc9000000bd50 R08: 0000000000000000 R09: 0000000000000000 [ 34.757111] R10: ffffc9000000bca8 R11: 3fffffffffffffff R12: 0000000000000000 [ 34.757111] R13: 0000000000000005 R14: 0000000000000097 R15: ffffc90000594743 [ 34.757111] FS: 0000000001d1c3c0(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000 [ 34.757111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.757111] CR2: ffffc90000594743 CR3: 0000000004322000 CR4: 00000000000006f0 [ 34.757111] note: sh[1] exited with irqs disabled [ 34.818149] note: sh[1] exited with preempt_count 3 [ 34.818663] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 [ 34.819478] Kernel Offset: disabled [ 34.819864] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 ]- QEMU 6.2.0 monitor - type 'help' for more information Signed-off-by: Gioh Kim <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
현재 rust_ch03.rs는 Options를 사용하지 않고 있다.
다음과 같이 사용하도록 수정해서 minor번호를 지정가능하도록 바꾸자.
The text was updated successfully, but these errors were encountered: