Skip to content

ARC: tests/kernel/mem_protect/mem_protect/kernel.memory_protection fails on nsim_sem #14643

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
andrewboie opened this issue Mar 18, 2019 · 2 comments
Closed

ARC: tests/kernel/mem_protect/mem_protect/kernel.memory_protection fails on nsim_sem #14643

andrewboie opened this issue Mar 18, 2019 · 2 comments
Assignees
@andrewboie
Labels
area: ARC ARC Architecture bug The issue is a bug, or the PR is fixing a bug priority: medium Medium impact/importance bug

Comments

@andrewboie
Copy link
Contributor

One of the sub-tests fails and then the case hangs. Seen only on nsim_sem:

***** Booting Zephyr OS v1.14.0-rc1-1250-g4e097b4d541f *****
Running test suite memory_protection_test_suite
===================================================================
starting test - test_permission_inheritance
PASS - test_permission_inheritance
===================================================================
starting test - test_mem_domain_valid_access
PASS - test_mem_domain_valid_access
===================================================================
starting test - test_mem_domain_invalid_access
Exception vector: 0x6, cause code: 0x2, parameter 0x4
Address 0x80000300
Current thread ID = 0x80000dc0
Faulting instruction address = 0x199e
Caught system error -- reason 0 1
PASS - test_mem_domain_invalid_access
===================================================================
starting test - test_mem_domain_partitions_user_rw
PASS - test_mem_domain_partitions_user_rw
===================================================================
starting test - test_mem_domain_partitions_supervisor_rw
PASS - test_mem_domain_partitions_supervisor_rw
===================================================================
starting test - test_mem_domain_partitions_user_ro
Exception vector: 0x6, cause code: 0x2, parameter 0x4
Address 0x80000320
Current thread ID = 0x80001154
Faulting instruction address = 0x18fe
Caught system error -- reason 0 1
PASS - test_mem_domain_partitions_user_ro
===================================================================
starting test - test_mem_domain_add_partitions_invalid
Exception vector: 0x6, cause code: 0x1, parameter 0x4
Address 0x80006a28
Current thread ID = 0x80001154
Faulting instruction address = 0x18d8
Caught system error -- reason 0 1
PASS - test_mem_domain_add_partitions_invalid
===================================================================
starting test - test_mem_domain_add_partitions_simple
PASS - test_mem_domain_add_partitions_simple
===================================================================
starting test - test_mem_domain_remove_partitions_simple
Exception vector: 0x6, cause code: 0x2, parameter 0x4
Address 0x80000340
Current thread ID = 0x80001154
Faulting instruction address = 0x185a
Caught system error -- reason 0 1
PASS - test_mem_domain_remove_partitions_simple
===================================================================
starting test - test_mem_domain_remove_partitions
Exception vector: 0x6, cause code: 0x2, parameter 0x4
Address 0x80000360
Current thread ID = 0x80000e34
Faulting instruction address = 0x181a
Caught system error -- reason 0 1
PASS - test_mem_domain_remove_partitions
===================================================================
starting test - test_mem_domain_remove_thread
Exception vector: 0x6, cause code: 0x2, parameter 0x4
Address 0x800003a0
Current thread ID = 0x80001154
Faulting instruction address = 0x17da
Caught system error -- reason 0 1
PASS - test_mem_domain_remove_thread
===================================================================
starting test - test_mem_domain_destroy
PASS - test_mem_domain_destroy
===================================================================
starting test - test_kobject_access_grant
Exception vector: 0x6, cause code: 0x1, parameter 0x4
Address 0x80000c7c
Current thread ID = 0x80001154
Faulting instruction address = 0xd26
Caught system error -- reason 0 1
PASS - test_kobject_access_grant
===================================================================
starting test - test_syscall_invalid_kobject
0x80006bb8 is not a valid k_sem
syscall hdlr_k_sem_take failed check: access denied
Caught system error -- reason 4 1
PASS - test_syscall_invalid_kobject
===================================================================
starting test - test_thread_without_kobject_permission
thread 0x80001154 (19) does not have permission on k_sem 0x80006b94 [00000000]
syscall hdlr_k_sem_give failed check: access denied
Caught system error -- reason 4 1
PASS - test_thread_without_kobject_permission
===================================================================
starting test - test_kobject_revoke_access
thread 0x8000070c (1) does not have permission on k_sem 0x80006b94 [00000000]
syscall hdlr_k_sem_give failed check: access denied
Caught system error -- reason 4 1
PASS - test_kobject_revoke_access
===================================================================
starting test - test_kobject_grant_access_kobj
PASS - test_kobject_grant_access_kobj
===================================================================
starting test - test_kobject_grant_access_kobj_invalid
thread 0x80000780 (2) does not have permission on k_thread 0x80000950 [00000000]
syscall hdlr_k_object_access_grant failed check: access denied
Caught system error -- reason 4 1
PASS - test_kobject_grant_access_kobj_invalid
===================================================================
starting test - test_kobject_release_from_user
thread 0x800007f4 (3) does not have permission on k_sem 0x80006b94 [00080000]
syscall hdlr_k_sem_give failed check: access denied
Caught system error -- reason 4 1
PASS - test_kobject_release_from_user
===================================================================
starting test - test_kobject_access_all_grant
PASS - test_kobject_access_all_grant
===================================================================
starting test - test_thread_has_residual_permissions
thread 0x80000868 (4) does not have permission on k_sem 0x80006b94 [00080000]
syscall hdlr_k_sem_take failed check: access denied
Caught system error -- reason 4 1
PASS - test_thread_has_residual_permissions
===================================================================
starting test - test_kobject_access_grant_to_invalid_thread
thread 0x80001154 (19) does not have permission on k_thread 0x800005b0 [00000000]
syscall test_kobject_access_grant_to_invalid_thread failed check: access denied
PASS - test_kobject_access_grant_to_invalid_thread
===================================================================
starting test - test_kobject_access_invalid_kobject
thread 0x80001154 (19) does not have permission on k_sem 0x800005a0 [00000000]
syscall hdlr_k_sem_take failed check: access denied
Caught system error -- reason 4 1
PASS - test_kobject_access_invalid_kobject
===================================================================
starting test - test_access_kobject_without_init_access
thread 0x80001154 (19) does not have permission on k_sem 0x80000590 [00000000]
syscall hdlr_k_sem_take failed check: access denied
Caught system error -- reason 4 1
PASS - test_access_kobject_without_init_access
===================================================================
starting test - test_access_kobject_without_init_with_access
0x80000580 used before initialization
syscall hdlr_k_sem_take failed check: access denied
Caught system error -- reason 4 1
PASS - test_access_kobject_without_init_with_access
===================================================================
starting test - test_kobject_reinitialize_thread_kobj
0x80000698 k_thread in use
syscall hdlr_k_thread_create failed check: access denied
Caught system error -- reason 4 1
PASS - test_kobject_reinitialize_thread_kobj
===================================================================
starting test - test_create_new_thread_from_user
PASS - test_create_new_thread_from_user
===================================================================
starting test - test_create_new_thread_from_user_no_access_stack
thread 0x80000aac (11) does not have permission on _k_thread_stack_element 0x80001f40 [00000000]
syscall hdlr_k_thread_create failed check: bad stack object
Caught system error -- reason 4 1
PASS - test_create_new_thread_from_user_no_access_stack
===================================================================
starting test - test_create_new_thread_from_user_invalid_stacksize
thread 0x800008dc (7) does not have permission on _k_thread_stack_element 0x80002b40 [00000000]
syscall hdlr_k_thread_create failed check: bad stack object
Caught system error -- reason 4 1
PASS - test_create_new_thread_from_user_invalid_stacksize
===================================================================
starting test - test_create_new_thread_from_user_huge_stacksize

    Assertion failed at /home/apboie/projects/zephyr3/zephyr/tests/kernel/mem_protect/mem_protect/src/kobject.c:731: kobject_test_user_1_18: (Reached unreachable code)
k_object validation failure in k thread create
FAIL - test_create_new_thread_from_user_huge_stacksize
===================================================================
starting test - test_create_new_supervisor_thread_from_user
@andrewboie andrewboie added bug The issue is a bug, or the PR is fixing a bug priority: medium Medium impact/importance bug area: ARC ARC Architecture labels Mar 18, 2019
@andrewboie andrewboie changed the title tests/kernel/mem_protect/mem_protect/kernel.memory_protection fails on nsim_sem ARC: tests/kernel/mem_protect/mem_protect/kernel.memory_protection fails on nsim_sem Mar 18, 2019
@andrewboie andrewboie added priority: low Low impact/importance bug priority: medium Medium impact/importance bug and removed priority: medium Medium impact/importance bug priority: low Low impact/importance bug labels Mar 18, 2019
@andrewboie
Copy link
Contributor Author

andrewboie commented Mar 18, 2019
edited
Loading

The problem here is that the validation code in the syscall handler for k_thread_create() isn't checking the size properly on ARC as the privilege stack buffer is after the thread stack buffer and not before it.

@andrewboie andrewboie assigned andrewboie and unassigned vonhust Mar 18, 2019
@andrewboie
Copy link
Contributor Author

More detail:

  • A thread stack is defined with size 512 (KOBJECT_STACK_SIZE in the test)
  • The test that is failing is trying to call k_thread_create() using that stack object, but with a size of 513 (KOBJECT_STACK_SIZE + 1).
  • This is succeeding, even though there should be only 512 bytes available for thread data in the buffer.

The root of the problem seems to be that in memory, the stack object is laid out like this:

| stack guard | user thread stack buffer | privileged stack |

The privileged stack comes after the stack buffer and not before it.

Inside k_thread_create(), the validation code assumes that the user thread stack buffer comes last; it's not possible to just call K_THREAD_STACK_SIZEOF() on the passed in stack parameter as it's passed as a pointer.

@andrewboie andrewboie mentioned this issue Mar 19, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewboie andrewboie

Labels
area: ARC ARC Architecture bug The issue is a bug, or the PR is fixing a bug priority: medium Medium impact/importance bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andrewboie @vonhust