user_access从指定地址写入数据到用户空间时kernel panic #675
Description
描述错误
内核panic(崩溃)。从日志中可以看出,崩溃发生在src/syscall/user_access.rs文件的第299行,第13列。错误信息表明,源切片的长度(4)与目标切片的长度(1)不匹配。
/// 从指定地址写入数据到用户空间
///
/// @param data 要写入的数据地址
/// @param offset 在UserBuffer中的字节偏移量
/// @return 返回写入元素的数量
///
pub fn copy_to_user<T: core::marker::Copy>(
&'a mut self,
src: &[T],
offset: usize,
) -> Result<usize, SystemError> {
let dst = Self::convert_with_offset(self.buffer, offset)?;
dst.copy_from_slice(src);
return Ok(src.len());
}这是一个典型的数组越界错误,意味着在程序中尝试将一个长度为4的切片复制到一个长度为1的切片中,这显然是不可能的,因此导致了内核panic。解决这个问题的方法可能是检查代码中负责复制切片的地方,确保源切片的索引不会超出其长度,并且目标切片的空间足够存放源切片的数据。
重现步骤
执行dog example.com --tls @dns.google或者执行dog example.com --https @https://cloudflare-dns.com/dns-query。
期望行为
正常得到返回的结果。
屏幕截图
其他上下文
dog支持
DoT (DNS-over-TLS)传输系统。 默认情况下,使用DoT的查询将通过端口853发送。通过TLS通信通道发送DNS查询的目的是防止在查询或响应在公共Internet上传输时被窃听或修改。
dog支持
DoH (DNS-over-HTTPS)传输系统。 默认情况下,使用DoH的查询将通过端口443(标准HTTPS端口)发送。像DNS-over-tls一样,通过HTTPS发送DNS查询的目的是防止在公共互联网上传输的查询或响应被窃听或修改。 通过与Web使用的HTTPS流量使用相同的端口和协议,可以实现DNS流量的融合,避免被检测到或阻断。与其他传输类型不同,HTTPS协议需要一个完整的URL,包括路径和协议,作为名称服务器。注意:查找名称服务器的IP地址是由操作系统执行的,而不是由dog执行的。
系统日志
�[41m[ ERROR ] �[0m(src/lib.rs:109) Kernel Panic Occurred.
Location:
File: src/syscall/user_access.rs
Line: 299, Column: 13
Message:
source slice length (4) does not match destination slice length (1)
Rust Panic Backtrace:
function:rust_begin_unwind() (+) 0754 address:0xffff800001043f92
function:ore::panicking::panic_fmt() (+) 0049 address:0xffff80000121b431
function:ore::slice::<impl [T]>::copy_from_slice::len_mismatch_fail() (+) 0112 address:0xffff800001219920
function:dragonos_kernel::syscall::misc::<impl dragonos_kernel::syscall::Syscall>::get_random() (+) 0679 address:0xffff800001028327
function:dragonos_kernel::syscall::Syscall::handle() (+) 6178 address:0xffff800001029da2
function:syscall_handler() (+) 0262 address:0xffff8000010ceb46
Current PCB:
ProcessControlBlock { pid: Pid(20), tgid: Pid(20), basic: RwLock { lock: 0, data: UnsafeCell { .. } }, preempt_count: 0, flags: LockFreeFlags { inner: (empty) }, worker_private: SpinLock { lock: false, data: UnsafeCell { .. } }, kernel_stack: RwLock { lock: 0, data: UnsafeCell { .. } }, syscall_stack: RwLock { lock: 0, data: UnsafeCell { .. } }, sched_info: ProcessSchedulerInfo { on_cpu: AtomicProcessorId { container: 0 }, migrate_to: AtomicProcessorId { container: 0 }, inner_locked: RwLock { lock: 0, data: UnsafeCell { .. } }, priority: SchedPriority(100), virtual_runtime: 61092, rt_time_slice: 0 }, arch_info: SpinLock { lock: false, data: UnsafeCell { .. } }, sig_info: RwLock { lock: 0, data: UnsafeCell { .. } }, sig_struct: SpinLock { lock: false, data: UnsafeCell { .. } }, exit_signal: SIGCHLD, parent_pcb: RwLock { lock: 0, data: UnsafeCell { .. } }, real_parent_pcb: RwLock { lock: 0, data: UnsafeCell { .. } }, children: RwLock { lock: 0, data: UnsafeCell { .. } }, wait_queue: WaitQueue(SpinLock { lock: false, data: UnsafeCell { .. } }), thread: RwLock { lock: 0, data: UnsafeCell { .. } } }
�[92mroot@DragonOS�[0m:�[96m/�[0m$ �[18G�[18Gdog example.com --https @https://cloudflare-dns.com/dns-query�[18Gdog banana �[28G�[18Gdog non-exist --short�[18Gdog example.com A AAAA MX TXT --json�[18Gdog example.com --https @https://cloudflare-dns.com/dns-query�[18Gdog example.com --tls @dns.google �[51G
�[1;33m[ WARN ] �[0m(src/syscall/mod.rs:794) SYS_POLL has not yet been implemented
�[1;33m[ WARN ] �[0m(src/syscall/mod.rs:804) SYS_RT_SIGPROCMASK has not yet been implemented
�[1;33m[ WARN ] �[0m(src/syscall/mod.rs:814) SYS_SIGALTSTACK has not yet been implemented
�[1;33m[ WARN ] �[0m(src/syscall/mod.rs:804) SYS_RT_SIGPROCMASK has not yet been implemented
�[1;33m[ WARN ] �[0m(src/syscall/mod.rs:804) SYS_RT_SIGPROCMASK has not yet been implemented
�[41m[ ERROR ] �[0m(src/lib.rs:109) Kernel Panic Occurred.
Location:
File: src/syscall/user_access.rs
Line: 299, Column: 13
Message:
source slice length (4) does not match destination slice length (1)
Rust Panic Backtrace:
function:rust_begin_unwind() (+) 0754 address:0xffff800001043f92
function:ore::panicking::panic_fmt() (+) 0049 address:0xffff80000121b431
function:ore::slice::<impl [T]>::copy_from_slice::len_mismatch_fail() (+) 0112 address:0xffff800001219920
function:dragonos_kernel::syscall::misc::<impl dragonos_kernel::syscall::Syscall>::get_random() (+) 0679 address:0xffff800001028327
function:dragonos_kernel::syscall::Syscall::handle() (+) 6178 address:0xffff800001029da2
function:syscall_handler() (+) 0262 address:0xffff8000010ceb46
Current PCB:
ProcessControlBlock { pid: Pid(21), tgid: Pid(21), basic: RwLock { lock: 0, data: UnsafeCell { .. } }, preempt_count: 0, flags: LockFreeFlags { inner: (empty) }, worker_private: SpinLock { lock: false, data: UnsafeCell { .. } }, kernel_stack: RwLock { lock: 0, data: UnsafeCell { .. } }, syscall_stack: RwLock { lock: 0, data: UnsafeCell { .. } }, sched_info: ProcessSchedulerInfo { on_cpu: AtomicProcessorId { container: 0 }, migrate_to: AtomicProcessorId { container: 0 }, inner_locked: RwLock { lock: 0, data: UnsafeCell { .. } }, priority: SchedPriority(100), virtual_runtime: 61700, rt_time_slice: 0 }, arch_info: SpinLock { lock: false, data: UnsafeCell { .. } }, sig_info: RwLock { lock: 0, data: UnsafeCell { .. } }, sig_struct: SpinLock { lock: false, data: UnsafeCell { .. } }, exit_signal: SIGCHLD, parent_pcb: RwLock { lock: 0, data: UnsafeCell { .. } }, real_parent_pcb: RwLock { lock: 0, data: UnsafeCell { .. } }, children: RwLock { lock: 0, data: UnsafeCell { .. } }, wait_queue: WaitQueue(SpinLock { lock: false, data: UnsafeCell { .. } }), thread: RwLock { lock: 0, data: UnsafeCell { .. } } }
�[92mroot@DragonOS�[0m:�[96m/�[0m$ �[18G