Ticket #2425 (closed bug: fixed)

Opened 7 months ago

Last modified 7 months ago

KDL when using poll function, test case included

Reported by: kaliber Owned by: mmlr
Priority: high Milestone: R1/alpha1
Component: System/Kernel Version: R1 development
Cc: Blocked By:
Platform: All Blocking:

Description

During glib configure, checking for broken poll... I get KDL 

PANIC: vm_page_fault: unhandled page fault in kernel space at 0x0, ip 0x0

Welcome to Kernel Debugging Land...
Running on CPU 0
kdebug> bt
stack trace for thread 8044 "conftest"
    kernel stack: 0x90b30000 to 0x90b34000
      user stack: 0x7efe7000 to 0x7ffe7000
frame            caller     <image>:function + offset
90b339ec (+  48) 8004b9d9   <kernel>:invoke_debugger_command + 0x00ed
90b33a1c (+  64) 8004b7d1   <kernel>:invoke_pipe_segment__FP21debugger_command_pipelPc + 0x0079
90b33a5c (+  64) 8004bb19   <kernel>:invoke_debugger_command_pipe + 0x009d
90b33a9c (+  48) 8004c9f4   <kernel>:_ParseCommandPipe__16ExpressionParserRi + 0x0234
90b33acc (+  48) 8004c3aa   <kernel>:EvaluateCommand__16ExpressionParserPCcRi + 0x01de
90b33afc (+ 224) 8004ddc0   <kernel>:evaluate_debug_command + 0x0088
90b33bdc (+  64) 80049fea   <kernel>:kernel_debugger_loop__Fv + 0x017a
90b33c1c (+  48) 8004aa1b   <kernel>:kernel_debugger + 0x0117
90b33c4c (+ 192) 8004a8f9   <kernel>:panic + 0x0029
90b33d0c (+  64) 800969c9   <kernel>:vm_page_fault + 0x00b1
90b33d4c (+  64) 800a0e55   <kernel>:page_fault_exception + 0x00b1
90b33d8c (+  12) 800a454a   <kernel>:int_bottom + 0x002a (nearest)
iframe at 0x90b33d98 (end = 0x90b33df0)
 eax 0x0            ebx 0x91347501      ecx 0x0          edx 0x801ca740
 esi 0x90cd3660     edi 0x91347530      ebp 0x90b33e04   esp 0x90b33dcc
 eip 0x0         eflags 0x10246    
 vector: 0xe, error code: 0x0
90b33d98 (+ 108) 00000000
90b33e04 (+  48) 800586c1   <kernel>:devfs_select__FP9fs_volumeP8fs_vnodePvUcP10selectsync + 0x0055
90b33e34 (+  64) 8007c9c4   <kernel>:file_select__FP15file_descriptorUcP10selectsync + 0x0038
90b33e74 (+  80) 8006ce00   <kernel>:select_fd + 0x0180
90b33ec4 (+  64) 80047a21   <kernel>:common_poll__FP6pollfdUlxb + 0x0085
90b33f04 (+  64) 800485e9   <kernel>:_user_poll + 0x00c1
90b33f44 (+ 100) 800a4722   <kernel>:pre_syscall_debug_done + 0x0002 (nearest)
iframe at 0x90b33fa8 (end = 0x90b34000)
 eax 0x6c           ebx 0x2fae08        ecx 0x7ffe6f10   edx 0xffff0104
 esi 0x7ffe6f74     edi 0x7ffe7100      ebp 0x7ffe6f3c   esp 0x90b33fdc
 eip 0xffff0104  eflags 0x212      
 vector: 0x63, error code: 0x0
90b33fa8 (+   0) ffff0104
7ffe6f3c (+  64) 002008a7   <conftest>:main + 0x0047
7ffe6f7c (+  48) 0020072f   <conftest>:_start + 0x005b
7ffe6fac (+  48) 0010084a   183368:runtime_loader_seg0ro@0x00100000 + 0x84a
7ffe6fdc (+   0) 7ffe6fec   183367:conftest_main_stack@0x7efe7000 + 0xffffec

Test case: 

#include <stdlib.h>
#include <fcntl.h>
#include <sys/poll.h>
int main(void) {
  struct pollfd fds[1];
  int fd;
  fd = open("/dev/null", 1);
  fds[0].fd = fd;
  fds[0].events = POLLIN;
  fds[0].revents = 0;
  if (poll(fds, 1, 0) < 0 || (fds[0].revents & POLLNVAL) != 0) {
        exit(1);  /* Does not work for devices -- fail */
  }
  exit(0);
}

Change History

Changed 7 months ago by bonefish

  • priority changed from normal to high
  • milestone changed from R1 to R1/alpha1

Closed #2371 as dup.

Changed 7 months ago by mmlr

  • owner changed from axeld to mmlr
  • status changed from new to assigned

Tested that and the select hook seems to be set to 0xffffffff. Investigating.

Changed 7 months ago by mmlr

  • status changed from assigned to closed
  • resolution set to fixed

That it is set to ~0 is in fact intended. But it shouldn't be set if the legacy driver didn't return a select hook at all. Fixed in r26079.

Note: See TracTickets for help on using tickets.