From: Nick Desaulniers <ndesaulniers@google.com> To: Masami Hiramatsu <mhiramat@kernel.org> Cc: Steven Rostedt <rostedt@goodmis.org>, "Naveen N . Rao" <naveen.n.rao@linux.vnet.ibm.com>, Ananth N Mavinakayanahalli <ananth@linux.ibm.com>, Ingo Molnar <mingo@kernel.org>, linux-kernel@vger.kernel.org, Sven Schnelle <svens@linux.ibm.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>, Russell King <linux@armlinux.org.uk>, Nathan Chancellor <nathan@kernel.org>, linux-arm-kernel@lists.infradead.org, Nathan Huckleberry <nhuck@google.com> Subject: Re: [PATCH 6/8] ARM: clang: Do not relay on lr register for stacktrace Date: Mon, 11 Oct 2021 11:45:22 -0700 [thread overview] Message-ID: <CAKwvOdkdPHN0Y5GwTPUeaZyjtBttWrfoeLvQJFaJrfOHAtxkHg@mail.gmail.com> (raw) In-Reply-To: <163369614818.636038.5019945597127474028.stgit@devnote2> On Fri, Oct 8, 2021 at 5:29 AM Masami Hiramatsu <mhiramat@kernel.org> wrote: > > Currently the stacktrace on clang compiled arm kernel uses the 'lr' > register to find the first frame address from pt_regs. However, that > is wrong after calling another function, because the 'lr' register > is used by 'bl' instruction and never be recovered. > > As same as gcc arm kernel, directly use the frame pointer (x11) of > the pt_regs to find the first frame address. Hi Masami, Thanks for the patch. Testing with ARCH=arm defconfig (multi_v7_defconfig) Before this patch: $ mount -t proc /proc $ echo 0 > /proc/sys/kernel/kptr_restrict $ cat /proc/self/stack [<0>] proc_single_show+0x4c/0xb8 [<0>] seq_read_iter+0x174/0x4d8 [<0>] seq_read+0x134/0x158 [<0>] vfs_read+0xcc/0x2f8 [<0>] ksys_read+0x74/0xd0 [<0>] __entry_text_start+0x14/0x14 [<0>] 0xbea38cc0 After this patch: $ mount -t proc /proc $ echo 0 > /proc/sys/kernel/kptr_restrict $ cat /proc/self/stack [<0>] proc_single_show+0x4c/0xb8 [<0>] seq_read_iter+0x174/0x4d8 [<0>] seq_read+0x134/0x158 [<0>] vfs_read+0xcc/0x2f8 [<0>] ksys_read+0x74/0xd0 [<0>] __entry_text_start+0x14/0x14 [<0>] 0xbeb55cc0 Is there a different way to test/verify this patch? (I'm pretty sure we had verified the WARN_ONCE functionality with this, too.) If I change from CONFIG_UNWINDER_ARM=y to CONFIG_UNWINDER_FRAME_POINTER=y, before: # cat /proc/self/stack [<0>] stack_trace_save_tsk+0x50/0x6c [<0>] proc_pid_stack+0xa0/0xf8 [<0>] proc_single_show+0x50/0xbc [<0>] seq_read_iter+0x178/0x4ec [<0>] seq_read+0x138/0x15c [<0>] vfs_read+0xd0/0x304 [<0>] ksys_read+0x78/0xd4 [<0>] sys_read+0xc/0x10 after: # cat /proc/self/stack [<0>] proc_pid_stack+0xa0/0xf8 [<0>] proc_single_show+0x50/0xbc [<0>] seq_read_iter+0x178/0x4ec [<0>] seq_read+0x138/0x15c [<0>] vfs_read+0xd0/0x304 [<0>] ksys_read+0x78/0xd4 [<0>] sys_read+0xc/0x10 [<0>] __entry_text_start+0x14/0x14 [<0>] 0xffffffff So I guess this helps the CONFIG_UNWINDER_FRAME_POINTER=y case? (That final frame address looks wrong, but is potentially yet another bug; perhaps for clang we need to manually store the previous frame's pc at a different offset before jumping to __entry_text_start). Also, I'm curious about CONFIG_THUMB2_KERNEL (forces CONFIG_UNWINDER_ARM=y). before: # cat /proc/self/stack [<0>] proc_single_show+0x31/0x86 [<0>] seq_read_iter+0xff/0x326 [<0>] seq_read+0xd7/0xf2 [<0>] vfs_read+0x93/0x20e [<0>] ksys_read+0x53/0x92 [<0>] ret_fast_syscall+0x1/0x52 [<0>] 0xbe9a9cc0 after: # cat /proc/self/stack [<0>] proc_single_show+0x31/0x86 [<0>] seq_read_iter+0xff/0x326 [<0>] seq_read+0xd7/0xf2 [<0>] vfs_read+0x93/0x20e [<0>] ksys_read+0x53/0x92 [<0>] ret_fast_syscall+0x1/0x52 [<0>] 0xbec08cc0 Tested-by: Nick Desaulniers <ndesaulniers@google.com> so likely this fixes/improves CONFIG_UNWINDER_FRAME_POINTER=y? Is that correct? > > Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> > --- > arch/arm/kernel/stacktrace.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/arch/arm/kernel/stacktrace.c b/arch/arm/kernel/stacktrace.c > index 76ea4178a55c..db798eac7431 100644 > --- a/arch/arm/kernel/stacktrace.c > +++ b/arch/arm/kernel/stacktrace.c > @@ -54,8 +54,7 @@ int notrace unwind_frame(struct stackframe *frame) > > frame->sp = frame->fp; > frame->fp = *(unsigned long *)(fp); > - frame->pc = frame->lr; > - frame->lr = *(unsigned long *)(fp + 4); > + frame->pc = *(unsigned long *)(fp + 4); > #else > /* check current frame pointer is within bounds */ > if (fp < low + 12 || fp > high - 4) > -- Thanks, ~Nick Desaulniers
WARNING: multiple messages have this Message-ID (diff)
From: Nick Desaulniers <ndesaulniers@google.com> To: Masami Hiramatsu <mhiramat@kernel.org> Cc: Steven Rostedt <rostedt@goodmis.org>, "Naveen N . Rao" <naveen.n.rao@linux.vnet.ibm.com>, Ananth N Mavinakayanahalli <ananth@linux.ibm.com>, Ingo Molnar <mingo@kernel.org>, linux-kernel@vger.kernel.org, Sven Schnelle <svens@linux.ibm.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>, Russell King <linux@armlinux.org.uk>, Nathan Chancellor <nathan@kernel.org>, linux-arm-kernel@lists.infradead.org, Nathan Huckleberry <nhuck@google.com> Subject: Re: [PATCH 6/8] ARM: clang: Do not relay on lr register for stacktrace Date: Mon, 11 Oct 2021 11:45:22 -0700 [thread overview] Message-ID: <CAKwvOdkdPHN0Y5GwTPUeaZyjtBttWrfoeLvQJFaJrfOHAtxkHg@mail.gmail.com> (raw) In-Reply-To: <163369614818.636038.5019945597127474028.stgit@devnote2> On Fri, Oct 8, 2021 at 5:29 AM Masami Hiramatsu <mhiramat@kernel.org> wrote: > > Currently the stacktrace on clang compiled arm kernel uses the 'lr' > register to find the first frame address from pt_regs. However, that > is wrong after calling another function, because the 'lr' register > is used by 'bl' instruction and never be recovered. > > As same as gcc arm kernel, directly use the frame pointer (x11) of > the pt_regs to find the first frame address. Hi Masami, Thanks for the patch. Testing with ARCH=arm defconfig (multi_v7_defconfig) Before this patch: $ mount -t proc /proc $ echo 0 > /proc/sys/kernel/kptr_restrict $ cat /proc/self/stack [<0>] proc_single_show+0x4c/0xb8 [<0>] seq_read_iter+0x174/0x4d8 [<0>] seq_read+0x134/0x158 [<0>] vfs_read+0xcc/0x2f8 [<0>] ksys_read+0x74/0xd0 [<0>] __entry_text_start+0x14/0x14 [<0>] 0xbea38cc0 After this patch: $ mount -t proc /proc $ echo 0 > /proc/sys/kernel/kptr_restrict $ cat /proc/self/stack [<0>] proc_single_show+0x4c/0xb8 [<0>] seq_read_iter+0x174/0x4d8 [<0>] seq_read+0x134/0x158 [<0>] vfs_read+0xcc/0x2f8 [<0>] ksys_read+0x74/0xd0 [<0>] __entry_text_start+0x14/0x14 [<0>] 0xbeb55cc0 Is there a different way to test/verify this patch? (I'm pretty sure we had verified the WARN_ONCE functionality with this, too.) If I change from CONFIG_UNWINDER_ARM=y to CONFIG_UNWINDER_FRAME_POINTER=y, before: # cat /proc/self/stack [<0>] stack_trace_save_tsk+0x50/0x6c [<0>] proc_pid_stack+0xa0/0xf8 [<0>] proc_single_show+0x50/0xbc [<0>] seq_read_iter+0x178/0x4ec [<0>] seq_read+0x138/0x15c [<0>] vfs_read+0xd0/0x304 [<0>] ksys_read+0x78/0xd4 [<0>] sys_read+0xc/0x10 after: # cat /proc/self/stack [<0>] proc_pid_stack+0xa0/0xf8 [<0>] proc_single_show+0x50/0xbc [<0>] seq_read_iter+0x178/0x4ec [<0>] seq_read+0x138/0x15c [<0>] vfs_read+0xd0/0x304 [<0>] ksys_read+0x78/0xd4 [<0>] sys_read+0xc/0x10 [<0>] __entry_text_start+0x14/0x14 [<0>] 0xffffffff So I guess this helps the CONFIG_UNWINDER_FRAME_POINTER=y case? (That final frame address looks wrong, but is potentially yet another bug; perhaps for clang we need to manually store the previous frame's pc at a different offset before jumping to __entry_text_start). Also, I'm curious about CONFIG_THUMB2_KERNEL (forces CONFIG_UNWINDER_ARM=y). before: # cat /proc/self/stack [<0>] proc_single_show+0x31/0x86 [<0>] seq_read_iter+0xff/0x326 [<0>] seq_read+0xd7/0xf2 [<0>] vfs_read+0x93/0x20e [<0>] ksys_read+0x53/0x92 [<0>] ret_fast_syscall+0x1/0x52 [<0>] 0xbe9a9cc0 after: # cat /proc/self/stack [<0>] proc_single_show+0x31/0x86 [<0>] seq_read_iter+0xff/0x326 [<0>] seq_read+0xd7/0xf2 [<0>] vfs_read+0x93/0x20e [<0>] ksys_read+0x53/0x92 [<0>] ret_fast_syscall+0x1/0x52 [<0>] 0xbec08cc0 Tested-by: Nick Desaulniers <ndesaulniers@google.com> so likely this fixes/improves CONFIG_UNWINDER_FRAME_POINTER=y? Is that correct? > > Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org> > --- > arch/arm/kernel/stacktrace.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/arch/arm/kernel/stacktrace.c b/arch/arm/kernel/stacktrace.c > index 76ea4178a55c..db798eac7431 100644 > --- a/arch/arm/kernel/stacktrace.c > +++ b/arch/arm/kernel/stacktrace.c > @@ -54,8 +54,7 @@ int notrace unwind_frame(struct stackframe *frame) > > frame->sp = frame->fp; > frame->fp = *(unsigned long *)(fp); > - frame->pc = frame->lr; > - frame->lr = *(unsigned long *)(fp + 4); > + frame->pc = *(unsigned long *)(fp + 4); > #else > /* check current frame pointer is within bounds */ > if (fp < low + 12 || fp > high - 4) > -- Thanks, ~Nick Desaulniers _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-10-11 18:45 UTC|newest] Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-10-08 12:28 [PATCH 0/8] kprobes: Make KUnit and add stacktrace on kretprobe tests Masami Hiramatsu 2021-10-08 12:28 ` Masami Hiramatsu 2021-10-08 12:28 ` [PATCH 1/8] kprobes: convert tests to kunit Masami Hiramatsu 2021-10-08 12:28 ` Masami Hiramatsu 2021-10-08 12:28 ` [PATCH 2/8] kprobes: Add a test case for stacktrace from kretprobe handler Masami Hiramatsu 2021-10-08 12:28 ` Masami Hiramatsu 2021-10-08 12:28 ` [PATCH 3/8] arm64: kprobes: Record frame pointer with kretprobe instance Masami Hiramatsu 2021-10-08 12:28 ` Masami Hiramatsu 2021-10-13 8:14 ` Will Deacon 2021-10-13 8:14 ` Will Deacon 2021-10-13 10:01 ` Mark Rutland 2021-10-13 10:01 ` Mark Rutland 2021-10-14 8:04 ` Masami Hiramatsu 2021-10-14 8:04 ` Masami Hiramatsu 2021-10-14 9:13 ` Mark Rutland 2021-10-14 9:13 ` Mark Rutland 2021-10-14 10:01 ` Masami Hiramatsu 2021-10-14 10:01 ` Masami Hiramatsu 2021-10-14 10:27 ` Mark Rutland 2021-10-14 10:27 ` Mark Rutland 2021-10-14 13:50 ` Masami Hiramatsu 2021-10-14 13:50 ` Masami Hiramatsu 2021-10-08 12:28 ` [PATCH 4/8] arm64: kprobes: Make a frame pointer on __kretprobe_trampoline Masami Hiramatsu 2021-10-08 12:28 ` Masami Hiramatsu 2021-10-13 8:14 ` Will Deacon 2021-10-13 8:14 ` Will Deacon 2021-10-08 12:28 ` [PATCH 5/8] arm64: Recover kretprobe modified return address in stacktrace Masami Hiramatsu 2021-10-08 12:28 ` Masami Hiramatsu 2021-10-13 8:14 ` Will Deacon 2021-10-13 8:14 ` Will Deacon 2021-10-14 8:05 ` Masami Hiramatsu 2021-10-14 8:05 ` Masami Hiramatsu 2021-10-13 10:13 ` Mark Rutland 2021-10-13 10:13 ` Mark Rutland 2021-10-14 9:57 ` Masami Hiramatsu 2021-10-14 9:57 ` Masami Hiramatsu 2021-10-08 12:29 ` [PATCH 6/8] ARM: clang: Do not relay on lr register for stacktrace Masami Hiramatsu 2021-10-08 12:29 ` Masami Hiramatsu 2021-10-11 18:45 ` Nick Desaulniers [this message] 2021-10-11 18:45 ` Nick Desaulniers 2021-10-12 14:18 ` Masami Hiramatsu 2021-10-12 14:18 ` Masami Hiramatsu 2021-10-13 19:54 ` Nick Desaulniers 2021-10-13 19:54 ` Nick Desaulniers 2021-10-14 16:53 ` Russell King (Oracle) 2021-10-14 16:53 ` Russell King (Oracle) 2021-10-15 0:18 ` Masami Hiramatsu 2021-10-15 0:18 ` Masami Hiramatsu 2021-10-08 12:29 ` [PATCH 7/8] ARM: kprobes: Make a frame pointer on __kretprobe_trampoline Masami Hiramatsu 2021-10-08 12:29 ` Masami Hiramatsu 2021-10-11 19:06 ` Nick Desaulniers 2021-10-11 19:06 ` Nick Desaulniers 2021-10-08 12:29 ` [PATCH 8/8] ARM: Recover kretprobe modified return address in stacktrace Masami Hiramatsu 2021-10-08 12:29 ` Masami Hiramatsu
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CAKwvOdkdPHN0Y5GwTPUeaZyjtBttWrfoeLvQJFaJrfOHAtxkHg@mail.gmail.com \ --to=ndesaulniers@google.com \ --cc=ananth@linux.ibm.com \ --cc=catalin.marinas@arm.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux@armlinux.org.uk \ --cc=mhiramat@kernel.org \ --cc=mingo@kernel.org \ --cc=nathan@kernel.org \ --cc=naveen.n.rao@linux.vnet.ibm.com \ --cc=nhuck@google.com \ --cc=rostedt@goodmis.org \ --cc=svens@linux.ibm.com \ --cc=will@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.