[BUG perf] perf_fetch_caller_regs / rewind_frame_pointer can panic

From: Eric Dumazet
Date: Thu Apr 08 2010 - 05:57:34 EST


Hello

Current linux-2.6 tree panics on my dev machine

64 bit kernel, 32bit user land
CONFIG_FRAME_POINTER=y

perf timechart record &

Instant crash

Call Trace:
perf_trace_sched_switch+0xd5/0x120
schedule+0x6b5/0x860
retint_careful+0xd/0x21

RIP ffffffff81010955 perf_arch_fetch_caller_regs+0x15/0x40
CR2: 00000000d21f1422


rewind_frame_pointer() is probably wrong.

No test performed to check frame is in current stack, or
that (!user_mode_vm(regs))


static inline unsigned long rewind_frame_pointer(int n)
{
struct stack_frame *frame;

get_bp(frame);

#ifdef CONFIG_FRAME_POINTER
while (n--)
frame = frame->next_frame;
#endif

return (unsigned long)frame;
}



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/