search

BUPT-OS / RROS

RROS is a dual-kernel OS for satellites or other scenarios that need both real-time and general-purpose abilities. RROS = RTOS (Rust) + Linux (C).
https://bupt-os.github.io/website/
Other
567 stars 40 forks source link

There is a bug in poll.rs #38

Closed yexuanyang closed 3 months ago

yexuanyang commented 6 months ago

Hi All! Last year I contributed the poll factory code, and I made tests poll-close.c and poll-nested.c passed. But I find something goes wrong when the poll-close test runs in a loop shell. This shell just runs poll-close test 10 times and the kernel will throw an invalid address request. This error occurs in the function rros_drop_watchpoints which is written at 565 lines in poll.rs. Following is the error message:

[   79.822868] Unable to handle kernel paging request at virtual address dead0000000000d0
[   79.826177] Mem abort info:
[   79.826321]   ESR = 0x96000004
[   79.826538]   EC = 0x25: DABT (current EL), IL = 32 bits
[   79.826749]   SET = 0, FnV = 0
[   79.826858]   EA = 0, S1PTW = 0
[   79.826975] Data abort info:
[   79.827065]   ISV = 0, ISS = 0x00000004
[   79.827292]   CM = 0, WnR = 0
[   79.827458] [dead0000000000d0] address between user and kernel address ranges
[   79.833567] Internal error: Oops: 96000004 [#1] SMP
[   79.833621] Modules linked in:
[   79.833639] CPU: 0 PID: 618 Comm: new_thread_lhy0 Not tainted 5.13.19-v8+ #2
[   79.833646] Hardware name: linux,dummy-virt (DT)
[   79.833652] IRQ stage: Linux
[   79.833658] pstate: 90000005 (NzcV daif -PAN -UAO -TCO BTYPE=--)
[   79.833665] pc : _RNvMs_NtCshGpAVYOtgW1_5alloc7raw_vecINtB4_6RawVecNtNtCshGpAVYOtgW1_4init4poll17RrosPollConnectorE3ptrBP_+0x8/0x18
[   79.833673] lr : _RNvMs_NtCshGpAVYOtgW1_5alloc3vecINtB4_3VecNtNtCshGpAVYOtgW1_4init4poll17RrosPollConnectorE10as_mut_ptrBI_+0xc/0x14
[   79.833681] sp : ffffffc011bf3c00
[   79.833686] x29: ffffffc011bf3c00 x28: ffffff8006525318 x27: ffffff8006615b98
[   79.833824] x26: 0000000000000000 x25: ffffffc010ccdb80 x24: ffffffc010ccdb68
[   79.833846] x23: ffffffc010ccdb50 x22: dead0000000000c8 x21: 0000000000000038
[   79.833868] x20: dead000000000100 x19: dead0000000000d0 x18: ffffffc010cca880
[   79.833890] x17: 0000000000000000 x16: 00000000000000b4 x15: 00000000000000de
[   79.833911] x14: 0000000000000040 x13: 0000000000000000 x12: ffffff80091ca998
[   79.833933] x11: 0000000000000000 x10: ffffffc01136b000 x9 : 0000000000000000
[   79.833954] x8 : ffffffffffffffc8 x7 : 6f6e203a736f7272 x6 : ffffffc0115b52b0
[   79.833975] x5 : 000000008020001f x4 : 0000000000000080 x3 : 0000000000000001
[   79.833997] x2 : ffffff8005239e00 x1 : ffffff80052d3a80 x0 : dead0000000000d0
[   79.834018] Call trace:
[   79.834025]  _RNvMs_NtCshGpAVYOtgW1_5alloc7raw_vecINtB4_6RawVecNtNtCshGpAVYOtgW1_4init4poll17RrosPollConnectorE3ptrBP_+0x8/0x18
[   79.834033]  _RNvMs_NtCshGpAVYOtgW1_5alloc3vecINtB4_3VecNtNtCshGpAVYOtgW1_4init4poll17RrosPollConnectorE10as_mut_ptrBI_+0xc/0x14
[   79.834042]  _RNvXs9_NtCshGpAVYOtgW1_5alloc3vecINtB5_3VecNtNtCshGpAVYOtgW1_4init4poll17RrosPollConnectorENtNtNtCshGpAVYOtgW1_4core3ops5deref8DerefMut9deref_mutBJ_+0x14/0x28
[   79.834053]  _RNvMs_NtCshGpAVYOtgW1_5alloc3vecINtB4_3VecNtNtCshGpAVYOtgW1_4init4poll17RrosPollConnectorE12as_mut_sliceBI_+0xc/0x14
[   79.834061]  _RNvNtCshGpAVYOtgW1_4init4poll21rros_drop_watchpoints+0xa4/0x1e8
[   79.834068]  _RNvNtCshGpAVYOtgW1_4init4file16drop_watchpoints+0x28/0x34
[   79.834075]  rust_uninstall_inband_fd+0x58/0x74
[   79.834081]  uninstall_inband_fd+0x1c/0x40
[   79.834086]  pick_file+0xf0/0x138
[   79.834092]  close_fd+0x30/0x54
[   79.834097]  __arm64_sys_close+0x20/0x50
[   79.834103]  invoke_syscall+0x4c/0x124
[   79.834109]  el0_svc_common+0xbc/0x130
[   79.834114]  do_el0_svc+0x30/0x8c
[   79.834120]  el0_svc+0x2c/0x8c
[   79.834125]  el0_sync_handler+0x84/0xe4
[   79.834133]  el0_sync+0x198/0x1c0
[   79.834139] Code: a8c17bfd d65f03c0 a9bf7bfd 910003fd (f9400000) 
[   79.834146] ---[ end trace c17059f3ccb71b43 ]---