Graphical desktop, l4con, mag
Leslie Zhai
lesliezhai at llvm.org.cn
Mon Jun 5 08:42:31 CEST 2017
instead of the on purpose null ptr dereference patch, I just use printf
to debug: I have no idea how to set breakpoint for jdb by running
l4re/fiasco qemu.
Index: pkg/l4re-core/ned/server/src/main.cc
===================================================================
--- pkg/l4re-core/ned/server/src/main.cc (revision 72)
+++ pkg/l4re-core/ned/server/src/main.cc (working copy)
@@ -57,9 +57,11 @@
Ned::Server svr;
Ned::server = &svr;
+ printf("DEBUG: %s, %s, line %d\n", __FILE__, __PRETTY_FUNCTION__,
__LINE__);
lua(argc, argv);
+ printf("DEBUG: %s, %s, line %d\n", __FILE__, __PRETTY_FUNCTION__,
__LINE__);
while (1)
l4_sleep_forever();
Index: pkg/l4re-core/lua/lib/contrib/src/lauxlib.c
===================================================================
--- pkg/l4re-core/lua/lib/contrib/src/lauxlib.c (revision 72)
+++ pkg/l4re-core/lua/lib/contrib/src/lauxlib.c (working copy)
@@ -968,7 +968,9 @@
lua_pop(L, 1); /* remove field */
lua_pushcfunction(L, openf);
lua_pushstring(L, modname); /* argument to open function */
+ printf("DEBUG: %s, %s, line %d: %s\n", __FILE__, __func__,
__LINE__, modname);
lua_call(L, 1, 1); /* call 'openf' to open module */
+ printf("DEBUG: %s, %s, line %d: %s\n", __FILE__, __func__,
__LINE__, modname);
lua_pushvalue(L, -1); /* make copy of module (call result) */
lua_setfield(L, -3, modname); /* _LOADED[modname] = module */
}
perhaps lua_call -> lua_callk -> luaD_callnoyield -> luaD_call ->
luaD_precall is not able to work
https://pbs.twimg.com/media/DBiZeRPU0AEs6xo.png
but I did not find out the root cause whether or not luaopen_package
func lead such issue:
61 static const luaL_Reg libs[] =
62 {
63 { "_G", luaopen_base },
64 {LUA_LOADLIBNAME, luaopen_package},
...
104 int lua(int argc, char const *const *argv)
105 {
106 printf("Ned says: Hi World!\n");
107
108 bool interactive = false;
109 bool noexit = false;
110
111 if (argc < 2)
112 interactive = true;
113
114 lua_State *L;
115 L = luaL_newstate();
116
117 if (!L)
118 return 1;
119
120 for (int i = 0; libs[i].func; ++i)
121 {
122 luaL_requiref(L, libs[i].name, libs[i].func, 1);
...
because luaL_requiref -> lua_call, when name is LUA_LOADLIBNAME
(package) and func is luaopen_package.
在 2017年06月05日 12:00, Leslie Zhai 写道:
>
>
>
> 在 2017年06月03日 04:56, Jean Wolter 写道:
>> Hello Leslie,
>>
>> On 02/06/17 11:33, Jean Wolter wrote:
>>> I replaced my "ned" binary with yours and the system boots up fine.
>>>
>>> Now I wonder how I could reproduce your problem. It looks like I
>>>
>>> * either need all binaries or
>>> * need to build them the same way you are building them. I used a
>>> fresh checkout from the svn repositories and use gcc version
>>> 4.9.2 (Debian 4.9.2-10) to build the components.
>>>
>>
>> Since I neither have your binaries nor know how you build them I
>> thought about how you could diagnose the problem further. To
>> demonstrate how to do this I intentionally added a null pointer
>> dereference to ned and would like to discuss how I would diagnose this.
>>
>> --- ned/server/src/main.cc (revision 72)
>> +++ ned/server/src/main.cc (working copy)
>> @@ -35,6 +35,8 @@
>> Dbg::set_level(Dbg::Warn);
>> info.printf("Hello from Ned\n");
>>
>> + *(int *)0 = 0;
>> +
>> boot_info.printf("cmdline: ");
>> for (int i = 0; i < argc; ++i)
>> boot_info.cprintf("%s ", argv[i]);
>>
>> 1. Add -serial_esc -wait to kernel options in conf/modules.list
>>
>> --- modules.list (revision 72)
>> +++ modules.list (working copy)
>> @@ -80,6 +80,7 @@
>> module libuc_c.so
>>
>> entry framebuffer-example-x86
>> +kernel fiasco -serial_esc -wait
>> roottask moe rom/x86-fb.cfg
>> module x86-fb.cfg
>> module l4re
>>
>> If you boot this the kernel will enter the kernel debugger before
>> doing anything else. Enter the following commands:
>>
>> * P+ /* show every pagefault before forwarding it to the pager */
>> * Prx0<space>100<space> /* restrict pagefault logging to
>> pagefaults between [0-100] */.
>> * g /* go */
>>
>> The kernel should stop when the access to 0x18 happens, then you can
>> enter the kernel debugger using 'i' and can check who is responsible
>> and maybe get a correct instruction pointer. If I do this here it
>> looks like follows (I added -serial stdio to the qemu options):
>>
>> qemu-system-x86_64 -kernel
>> /home/jw5/build/tmp/l4re/bin/amd64_K8/bootstrap -append "bootstrap
>> -modaddr 0x01100000" -serial stdio -initrd
>> "/home/jw5/build/tmp/fiasco//fiasco -serial_esc
>> -wait,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/sigma0
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/moe
>> rom/x86-fb.cfg,/home/jw5/src/l4resvn/src/l4/conf/examples//x86-fb.cfg
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/l4re
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/ned
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/io
>> ,/home/jw5/src/l4resvn/src/l4/pkg/io/io/config//x86-legacy.devs
>> ,/home/jw5/src/l4resvn/src/l4/conf/examples//x86-fb.io
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/fb-drv
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/mag
>> ,/home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/ex_fb_spectrum_cc "
>> ...
>> Freeing init code/data: 49152 bytes (12 pages)
>>
>> Calibrating timer loop... done.
>>
>> ---------------------------------------------------------------------
>> CPU 0 [fffffffff003df99]: Wait
>> jdb: P+
>> PF logging enabled
>> jdb: Pr restrict to addr in [0-100] /* pressed
>> Prx0<space>100<space> */
>> PF logging enabled, restricted to 0000000000000000 <= pfa <=
>> 0000000000000100
>> jdb: g /* g does no show up in output */
>> ...
>> MOE: cmdline: /home/jw5/build/tmp/l4re/bin/amd64_K8/l4f/moe
>> rom/x86-fb.cfg
>> MOE: Starting: rom/ned rom/x86-fb.cfg
>> MOE: loading 'rom/ned'
>> pf: 0022 pfa=0000000000000000 ip=00000000010038a2 (w-)
>> spc=0xffffffff807c3dd8
>> /* press i */
>> ---------------------------------------------------------------------
>> CPU 0 [fffffffff0062116]: LOG
>> jdb:
>>
>> Now you can use the kernel debugger to inspect the current state of
>> the system. Here I simply use addr2line to find the error:
>>
>> addr2line -p -i -e bin/amd64_K8/l4f/ned -a 10038a2
>> 0x00000000010038a2:
>> /home/jw5/src/l4resvn/src/l4/pkg/l4re-core/ned/server/src/main.cc:38
>> (inlined by)
>> /home/jw5/src/l4resvn/src/l4/pkg/l4re-core/ned/server/src/main.cc:77
>>
>>
>> Line 38 is the line with the null pointer dereference.
> Thanks for your help! worked :)
> addr2line -p -i -e bin/amd64_K8/l4f/ned -a 100398d
> 0x000000000100398d:
> /home/zhaixiang/project/l4re/l4/pkg/l4re-core/ned/server/src/main.cc:38
> (inlined by)
> /home/zhaixiang/project/l4re/l4/pkg/l4re-core/ned/server/src/main.cc:77
> and I need to carefully read JDB manual.
>
>
>>
>> I hope this helps,
>> Jean
>>
>>
>>
>
> --
> Regards,
> Leslie Zhai - a LLVM hackerhttps://reviews.llvm.org/p/xiangzhai/
--
Regards,
Leslie Zhai - a LLVM hacker https://reviews.llvm.org/p/xiangzhai/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://os.inf.tu-dresden.de/pipermail/l4-hackers/attachments/20170605/8e4fd79e/attachment.htm>
More information about the l4-hackers
mailing list