From: Nick Desaulniers <ndesaulniers@google.com>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Steven Rostedt <rostedt@goodmis.org>,
"Naveen N . Rao" <naveen.n.rao@linux.vnet.ibm.com>,
Ananth N Mavinakayanahalli <ananth@linux.ibm.com>,
Ingo Molnar <mingo@kernel.org>,
linux-kernel@vger.kernel.org, Sven Schnelle <svens@linux.ibm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Russell King <linux@armlinux.org.uk>,
Nathan Chancellor <nathan@kernel.org>,
linux-arm-kernel@lists.infradead.org,
Nathan Huckleberry <nhuck@google.com>
Subject: Re: [PATCH 6/8] ARM: clang: Do not relay on lr register for stacktrace
Date: Mon, 11 Oct 2021 11:45:22 -0700 [thread overview]
Message-ID: <CAKwvOdkdPHN0Y5GwTPUeaZyjtBttWrfoeLvQJFaJrfOHAtxkHg@mail.gmail.com> (raw)
In-Reply-To: <163369614818.636038.5019945597127474028.stgit@devnote2>
On Fri, Oct 8, 2021 at 5:29 AM Masami Hiramatsu <mhiramat@kernel.org> wrote:
>
> Currently the stacktrace on clang compiled arm kernel uses the 'lr'
> register to find the first frame address from pt_regs. However, that
> is wrong after calling another function, because the 'lr' register
> is used by 'bl' instruction and never be recovered.
>
> As same as gcc arm kernel, directly use the frame pointer (x11) of
> the pt_regs to find the first frame address.
Hi Masami,
Thanks for the patch. Testing with ARCH=arm defconfig (multi_v7_defconfig)
Before this patch:
$ mount -t proc /proc
$ echo 0 > /proc/sys/kernel/kptr_restrict
$ cat /proc/self/stack
[<0>] proc_single_show+0x4c/0xb8
[<0>] seq_read_iter+0x174/0x4d8
[<0>] seq_read+0x134/0x158
[<0>] vfs_read+0xcc/0x2f8
[<0>] ksys_read+0x74/0xd0
[<0>] __entry_text_start+0x14/0x14
[<0>] 0xbea38cc0
After this patch:
$ mount -t proc /proc
$ echo 0 > /proc/sys/kernel/kptr_restrict
$ cat /proc/self/stack
[<0>] proc_single_show+0x4c/0xb8
[<0>] seq_read_iter+0x174/0x4d8
[<0>] seq_read+0x134/0x158
[<0>] vfs_read+0xcc/0x2f8
[<0>] ksys_read+0x74/0xd0
[<0>] __entry_text_start+0x14/0x14
[<0>] 0xbeb55cc0
Is there a different way to test/verify this patch? (I'm pretty sure
we had verified the WARN_ONCE functionality with this, too.)
If I change from CONFIG_UNWINDER_ARM=y to
CONFIG_UNWINDER_FRAME_POINTER=y, before:
# cat /proc/self/stack
[<0>] stack_trace_save_tsk+0x50/0x6c
[<0>] proc_pid_stack+0xa0/0xf8
[<0>] proc_single_show+0x50/0xbc
[<0>] seq_read_iter+0x178/0x4ec
[<0>] seq_read+0x138/0x15c
[<0>] vfs_read+0xd0/0x304
[<0>] ksys_read+0x78/0xd4
[<0>] sys_read+0xc/0x10
after:
# cat /proc/self/stack
[<0>] proc_pid_stack+0xa0/0xf8
[<0>] proc_single_show+0x50/0xbc
[<0>] seq_read_iter+0x178/0x4ec
[<0>] seq_read+0x138/0x15c
[<0>] vfs_read+0xd0/0x304
[<0>] ksys_read+0x78/0xd4
[<0>] sys_read+0xc/0x10
[<0>] __entry_text_start+0x14/0x14
[<0>] 0xffffffff
So I guess this helps the CONFIG_UNWINDER_FRAME_POINTER=y case? (That
final frame address looks wrong, but is potentially yet another bug;
perhaps for clang we need to manually store the previous frame's pc at
a different offset before jumping to __entry_text_start).
Also, I'm curious about CONFIG_THUMB2_KERNEL (forces CONFIG_UNWINDER_ARM=y).
before:
# cat /proc/self/stack
[<0>] proc_single_show+0x31/0x86
[<0>] seq_read_iter+0xff/0x326
[<0>] seq_read+0xd7/0xf2
[<0>] vfs_read+0x93/0x20e
[<0>] ksys_read+0x53/0x92
[<0>] ret_fast_syscall+0x1/0x52
[<0>] 0xbe9a9cc0
after:
# cat /proc/self/stack
[<0>] proc_single_show+0x31/0x86
[<0>] seq_read_iter+0xff/0x326
[<0>] seq_read+0xd7/0xf2
[<0>] vfs_read+0x93/0x20e
[<0>] ksys_read+0x53/0x92
[<0>] ret_fast_syscall+0x1/0x52
[<0>] 0xbec08cc0
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
so likely this fixes/improves CONFIG_UNWINDER_FRAME_POINTER=y? Is that correct?
>
> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
> ---
> arch/arm/kernel/stacktrace.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/arch/arm/kernel/stacktrace.c b/arch/arm/kernel/stacktrace.c
> index 76ea4178a55c..db798eac7431 100644
> --- a/arch/arm/kernel/stacktrace.c
> +++ b/arch/arm/kernel/stacktrace.c
> @@ -54,8 +54,7 @@ int notrace unwind_frame(struct stackframe *frame)
>
> frame->sp = frame->fp;
> frame->fp = *(unsigned long *)(fp);
> - frame->pc = frame->lr;
> - frame->lr = *(unsigned long *)(fp + 4);
> + frame->pc = *(unsigned long *)(fp + 4);
> #else
> /* check current frame pointer is within bounds */
> if (fp < low + 12 || fp > high - 4)
>
--
Thanks,
~Nick Desaulniers
WARNING: multiple messages have this Message-ID (diff)
From: Nick Desaulniers <ndesaulniers@google.com>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Steven Rostedt <rostedt@goodmis.org>,
"Naveen N . Rao" <naveen.n.rao@linux.vnet.ibm.com>,
Ananth N Mavinakayanahalli <ananth@linux.ibm.com>,
Ingo Molnar <mingo@kernel.org>,
linux-kernel@vger.kernel.org,
Sven Schnelle <svens@linux.ibm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Russell King <linux@armlinux.org.uk>,
Nathan Chancellor <nathan@kernel.org>,
linux-arm-kernel@lists.infradead.org,
Nathan Huckleberry <nhuck@google.com>
Subject: Re: [PATCH 6/8] ARM: clang: Do not relay on lr register for stacktrace
Date: Mon, 11 Oct 2021 11:45:22 -0700 [thread overview]
Message-ID: <CAKwvOdkdPHN0Y5GwTPUeaZyjtBttWrfoeLvQJFaJrfOHAtxkHg@mail.gmail.com> (raw)
In-Reply-To: <163369614818.636038.5019945597127474028.stgit@devnote2>
On Fri, Oct 8, 2021 at 5:29 AM Masami Hiramatsu <mhiramat@kernel.org> wrote:
>
> Currently the stacktrace on clang compiled arm kernel uses the 'lr'
> register to find the first frame address from pt_regs. However, that
> is wrong after calling another function, because the 'lr' register
> is used by 'bl' instruction and never be recovered.
>
> As same as gcc arm kernel, directly use the frame pointer (x11) of
> the pt_regs to find the first frame address.
Hi Masami,
Thanks for the patch. Testing with ARCH=arm defconfig (multi_v7_defconfig)
Before this patch:
$ mount -t proc /proc
$ echo 0 > /proc/sys/kernel/kptr_restrict
$ cat /proc/self/stack
[<0>] proc_single_show+0x4c/0xb8
[<0>] seq_read_iter+0x174/0x4d8
[<0>] seq_read+0x134/0x158
[<0>] vfs_read+0xcc/0x2f8
[<0>] ksys_read+0x74/0xd0
[<0>] __entry_text_start+0x14/0x14
[<0>] 0xbea38cc0
After this patch:
$ mount -t proc /proc
$ echo 0 > /proc/sys/kernel/kptr_restrict
$ cat /proc/self/stack
[<0>] proc_single_show+0x4c/0xb8
[<0>] seq_read_iter+0x174/0x4d8
[<0>] seq_read+0x134/0x158
[<0>] vfs_read+0xcc/0x2f8
[<0>] ksys_read+0x74/0xd0
[<0>] __entry_text_start+0x14/0x14
[<0>] 0xbeb55cc0
Is there a different way to test/verify this patch? (I'm pretty sure
we had verified the WARN_ONCE functionality with this, too.)
If I change from CONFIG_UNWINDER_ARM=y to
CONFIG_UNWINDER_FRAME_POINTER=y, before:
# cat /proc/self/stack
[<0>] stack_trace_save_tsk+0x50/0x6c
[<0>] proc_pid_stack+0xa0/0xf8
[<0>] proc_single_show+0x50/0xbc
[<0>] seq_read_iter+0x178/0x4ec
[<0>] seq_read+0x138/0x15c
[<0>] vfs_read+0xd0/0x304
[<0>] ksys_read+0x78/0xd4
[<0>] sys_read+0xc/0x10
after:
# cat /proc/self/stack
[<0>] proc_pid_stack+0xa0/0xf8
[<0>] proc_single_show+0x50/0xbc
[<0>] seq_read_iter+0x178/0x4ec
[<0>] seq_read+0x138/0x15c
[<0>] vfs_read+0xd0/0x304
[<0>] ksys_read+0x78/0xd4
[<0>] sys_read+0xc/0x10
[<0>] __entry_text_start+0x14/0x14
[<0>] 0xffffffff
So I guess this helps the CONFIG_UNWINDER_FRAME_POINTER=y case? (That
final frame address looks wrong, but is potentially yet another bug;
perhaps for clang we need to manually store the previous frame's pc at
a different offset before jumping to __entry_text_start).
Also, I'm curious about CONFIG_THUMB2_KERNEL (forces CONFIG_UNWINDER_ARM=y).
before:
# cat /proc/self/stack
[<0>] proc_single_show+0x31/0x86
[<0>] seq_read_iter+0xff/0x326
[<0>] seq_read+0xd7/0xf2
[<0>] vfs_read+0x93/0x20e
[<0>] ksys_read+0x53/0x92
[<0>] ret_fast_syscall+0x1/0x52
[<0>] 0xbe9a9cc0
after:
# cat /proc/self/stack
[<0>] proc_single_show+0x31/0x86
[<0>] seq_read_iter+0xff/0x326
[<0>] seq_read+0xd7/0xf2
[<0>] vfs_read+0x93/0x20e
[<0>] ksys_read+0x53/0x92
[<0>] ret_fast_syscall+0x1/0x52
[<0>] 0xbec08cc0
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
so likely this fixes/improves CONFIG_UNWINDER_FRAME_POINTER=y? Is that correct?
>
> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
> ---
> arch/arm/kernel/stacktrace.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/arch/arm/kernel/stacktrace.c b/arch/arm/kernel/stacktrace.c
> index 76ea4178a55c..db798eac7431 100644
> --- a/arch/arm/kernel/stacktrace.c
> +++ b/arch/arm/kernel/stacktrace.c
> @@ -54,8 +54,7 @@ int notrace unwind_frame(struct stackframe *frame)
>
> frame->sp = frame->fp;
> frame->fp = *(unsigned long *)(fp);
> - frame->pc = frame->lr;
> - frame->lr = *(unsigned long *)(fp + 4);
> + frame->pc = *(unsigned long *)(fp + 4);
> #else
> /* check current frame pointer is within bounds */
> if (fp < low + 12 || fp > high - 4)
>
--
Thanks,
~Nick Desaulniers
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-10-11 18:45 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-08 12:28 [PATCH 0/8] kprobes: Make KUnit and add stacktrace on kretprobe tests Masami Hiramatsu
2021-10-08 12:28 ` Masami Hiramatsu
2021-10-08 12:28 ` [PATCH 1/8] kprobes: convert tests to kunit Masami Hiramatsu
2021-10-08 12:28 ` Masami Hiramatsu
2021-10-08 12:28 ` [PATCH 2/8] kprobes: Add a test case for stacktrace from kretprobe handler Masami Hiramatsu
2021-10-08 12:28 ` Masami Hiramatsu
2021-10-08 12:28 ` [PATCH 3/8] arm64: kprobes: Record frame pointer with kretprobe instance Masami Hiramatsu
2021-10-08 12:28 ` Masami Hiramatsu
2021-10-13 8:14 ` Will Deacon
2021-10-13 8:14 ` Will Deacon
2021-10-13 10:01 ` Mark Rutland
2021-10-13 10:01 ` Mark Rutland
2021-10-14 8:04 ` Masami Hiramatsu
2021-10-14 8:04 ` Masami Hiramatsu
2021-10-14 9:13 ` Mark Rutland
2021-10-14 9:13 ` Mark Rutland
2021-10-14 10:01 ` Masami Hiramatsu
2021-10-14 10:01 ` Masami Hiramatsu
2021-10-14 10:27 ` Mark Rutland
2021-10-14 10:27 ` Mark Rutland
2021-10-14 13:50 ` Masami Hiramatsu
2021-10-14 13:50 ` Masami Hiramatsu
2021-10-08 12:28 ` [PATCH 4/8] arm64: kprobes: Make a frame pointer on __kretprobe_trampoline Masami Hiramatsu
2021-10-08 12:28 ` Masami Hiramatsu
2021-10-13 8:14 ` Will Deacon
2021-10-13 8:14 ` Will Deacon
2021-10-08 12:28 ` [PATCH 5/8] arm64: Recover kretprobe modified return address in stacktrace Masami Hiramatsu
2021-10-08 12:28 ` Masami Hiramatsu
2021-10-13 8:14 ` Will Deacon
2021-10-13 8:14 ` Will Deacon
2021-10-14 8:05 ` Masami Hiramatsu
2021-10-14 8:05 ` Masami Hiramatsu
2021-10-13 10:13 ` Mark Rutland
2021-10-13 10:13 ` Mark Rutland
2021-10-14 9:57 ` Masami Hiramatsu
2021-10-14 9:57 ` Masami Hiramatsu
2021-10-08 12:29 ` [PATCH 6/8] ARM: clang: Do not relay on lr register for stacktrace Masami Hiramatsu
2021-10-08 12:29 ` Masami Hiramatsu
2021-10-11 18:45 ` Nick Desaulniers [this message]
2021-10-11 18:45 ` Nick Desaulniers
2021-10-12 14:18 ` Masami Hiramatsu
2021-10-12 14:18 ` Masami Hiramatsu
2021-10-13 19:54 ` Nick Desaulniers
2021-10-13 19:54 ` Nick Desaulniers
2021-10-14 16:53 ` Russell King (Oracle)
2021-10-14 16:53 ` Russell King (Oracle)
2021-10-15 0:18 ` Masami Hiramatsu
2021-10-15 0:18 ` Masami Hiramatsu
2021-10-08 12:29 ` [PATCH 7/8] ARM: kprobes: Make a frame pointer on __kretprobe_trampoline Masami Hiramatsu
2021-10-08 12:29 ` Masami Hiramatsu
2021-10-11 19:06 ` Nick Desaulniers
2021-10-11 19:06 ` Nick Desaulniers
2021-10-08 12:29 ` [PATCH 8/8] ARM: Recover kretprobe modified return address in stacktrace Masami Hiramatsu
2021-10-08 12:29 ` Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKwvOdkdPHN0Y5GwTPUeaZyjtBttWrfoeLvQJFaJrfOHAtxkHg@mail.gmail.com \
--to=ndesaulniers@google.com \
--cc=ananth@linux.ibm.com \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=mhiramat@kernel.org \
--cc=mingo@kernel.org \
--cc=nathan@kernel.org \
--cc=naveen.n.rao@linux.vnet.ibm.com \
--cc=nhuck@google.com \
--cc=rostedt@goodmis.org \
--cc=svens@linux.ibm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.