> Am I missing something ? Apologies for that, I made a mistake. The board is based off T1040, with e5500. Previous report affected two of our products, the one from the previous report and the one I am reporting now.
Since I wrote the email I was able to also reproduce a crash when stepping 3 times and then continuing, but in that case the problematic address always comes from r2. Tomas Alvarez Vanoli R&D Embedded Software Developer -----Original Message----- From: Christophe Leroy <christophe.le...@csgroup.eu> Sent: Wednesday, 30 April 2025 14:52 To: Tomas Alvarez Vanoli <tomas.alvarez-van...@hitachienergy.com>; linuxppc-dev@lists.ozlabs.org Subject: Re: segmentation fault when stepping multi-threaded application [You don't often get email from christophe.le...@csgroup.eu. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] Warning This email comes from outside of Hitachi Energy. Make sure you verify the sender before clicking any links or downloading/opening attachments. If this email looks suspicious, report it by clicking 'Report Phishing' button in Outlook. See the SecureWay group in Yammer for more security information. Le 28/04/2025 à 13:16, Tomas Alvarez Vanoli a écrit : > [Vous ne recevez pas souvent de courriers de > tomas.alvarez-van...@hitachienergy.com. Découvrez pourquoi ceci est > important à https://aka.ms/LearnAboutSenderIdentification ] > > Hello, I am writing because I have a segmentation fault when remote-debugging > a PPC 32-bit target with gdbserver. > This is the same platform described in > 'https://eur04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flor > e.kernel.org%2Flinuxppc-dev%2Fdc38afe9-6b78-f3f5-666b-986939e40fc6%40k > eymile.com%2F&data=05%7C02%7Ctomas.alvarez-vanoli%40hitachienergy.com% > 7Cd48fefc550ab4077b24508dd87e5be03%7C7831e6d9dc6c4cd19ec61dc2b4133195% > 7C0%7C0%7C638816142997141092%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiO > nRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ% > 3D%3D%7C60000%7C%7C%7C&sdata=InfI5W80oeLQMPkx9yc8zDgYvGdazTUUW5hwP8%2B > o6UM%3D&reserved=0', although the bug does not seem to be the same and > the position of the thread struct does not affect it. > > The segmentation fault message is the following: > > tomcli[135]: User access of kernel address (dffbdf10) - exploit > attempt? (uid: 0) > > > gdbserver is sometimes unresponsive, although sometimes I am able to kill it > with CTRL+C. > The code I use to reproduce this (tomcli) is the same as my colleague sent > back in 2016: > > > > This can be reproduced always by starting the debug session, stepping 5 times > and then issuing a continue. > Sometimes just a continue will do. > This error is also happening sporadically when running our main application > under gdbserver, we get a segmentation fault in dl_fixup. > It never happens during normal runtime. > > The address that the kernel complains about is coming from pt_regs->gpr[3]. > This value is put in the register in a call to PTRACE_SINGLESTEP (value 9). > > I poked around the ptrace code a bit, seeing if there were any possible > overflows but I could not find anything, so maybe I'm barking up the wrong > tree, although it does seem to be related to ptrace. > > I also added a dump_stack before the "exploit attempt" message: > > CPU: 3 PID: 135 Comm: tomcli Not tainted > 6.1.133-00564-g0c302b26a2c4-dirty #0 Hardware name: name,prodname > e5500 0x80241021 CoreNet Generic In the begining you say it is the same platform as the other report. When I follow the link I understand that platform is a 83xx. Here it is a e5500. Am I missing something ? Christophe
