From: Josh Poimboeuf <jpoimboe@redhat.com>
To: x86@kernel.org
Cc: Borislav Petkov <bp@alien8.de>,
Peter Zijlstra <peterz@infradead.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
kbuild test robot <fengguang.wu@intel.com>,
Ingo Molnar <mingo@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org,
Arjan van de Ven <arjan@linux.intel.com>
Subject: [PATCH 1/2] objtool: Fix seg fault in ignore_unreachable_insn()
Date: Thu, 8 Feb 2018 17:09:25 -0600 [thread overview]
Message-ID: <bace77a60d5af9b45eddb8f8fb9c776c8de657ef.1518130694.git.jpoimboe@redhat.com> (raw)
In-Reply-To: <cover.1518130694.git.jpoimboe@redhat.com>
Peter Zijlstra's patch for converting WARN() to use UD2 triggered a
bunch of false "unreachable instruction" warnings, which then triggered
a seg fault in ignore_unreachable_insn().
The seg fault happened when it tried to dereference a NULL 'insn->func'
pointer. Thanks to static_cpu_has(), some functions can jump to a
non-function area in the .altinstr_aux section. That breaks
ignore_unreachable_insn()'s assumption that it's always inside the
original function.
Make sure ignore_unreachable_insn() only follows jumps within the
current function.
Reported-by: Borislav Petkov <bp@alien8.de>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
---
tools/objtool/check.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index b00b1896547e..4ec1a3bf7bf2 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -1899,13 +1899,19 @@ static bool ignore_unreachable_insn(struct instruction *insn)
if (is_kasan_insn(insn) || is_ubsan_insn(insn))
return true;
- if (insn->type == INSN_JUMP_UNCONDITIONAL && insn->jump_dest) {
- insn = insn->jump_dest;
- continue;
+ if (insn->type == INSN_JUMP_UNCONDITIONAL) {
+ if (insn->jump_dest &&
+ insn->jump_dest->func == insn->func) {
+ insn = insn->jump_dest;
+ continue;
+ }
+
+ break;
}
if (insn->offset + insn->len >= insn->func->offset + insn->func->len)
break;
+
insn = list_next_entry(insn, list);
}
--
2.14.3
next prev parent reply other threads:[~2018-02-08 23:10 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-07 11:44 [linus:master] BUILD REGRESSION a2e5790d841658485d642196dbb0927303d6c22f kbuild test robot
2018-02-07 18:13 ` Linus Torvalds
2018-02-07 18:35 ` Borislav Petkov
2018-02-07 18:49 ` Peter Zijlstra
2018-02-07 19:03 ` Linus Torvalds
2018-02-07 19:14 ` Peter Zijlstra
2018-02-07 19:28 ` Borislav Petkov
2018-02-07 19:43 ` Linus Torvalds
2018-02-07 20:24 ` Borislav Petkov
2018-02-08 9:13 ` Peter Zijlstra
2018-02-08 9:35 ` Peter Zijlstra
2018-02-08 9:46 ` Borislav Petkov
2018-02-08 9:47 ` David Laight
2018-02-08 10:13 ` Peter Zijlstra
2018-02-08 17:27 ` Linus Torvalds
2018-02-08 18:03 ` Peter Zijlstra
2018-02-08 18:15 ` Linus Torvalds
2018-02-08 19:44 ` Peter Zijlstra
2018-02-08 20:02 ` Linus Torvalds
2018-02-08 20:31 ` Borislav Petkov
2018-02-08 23:09 ` [PATCH 0/2] objtool fixes on top of Peter's WARN UD2 patch Josh Poimboeuf
2018-02-08 23:09 ` Josh Poimboeuf [this message]
2018-02-13 11:29 ` [tip:x86/pti] objtool: Fix segfault in ignore_unreachable_insn() tip-bot for Josh Poimboeuf
2018-02-15 0:26 ` tip-bot for Josh Poimboeuf
2018-02-08 23:09 ` [PATCH 2/2] x86: Annotate WARN-related UD2 as reachable Josh Poimboeuf
2018-02-13 11:30 ` [tip:x86/pti] x86/debug, objtool: Annotate WARN()-related " tip-bot for Josh Poimboeuf
2018-02-15 0:26 ` tip-bot for Josh Poimboeuf
2018-02-09 8:13 ` [PATCH 0/2] objtool fixes on top of Peter's WARN UD2 patch Peter Zijlstra
2018-02-09 8:12 ` [linus:master] BUILD REGRESSION a2e5790d841658485d642196dbb0927303d6c22f Peter Zijlstra
2018-02-13 11:30 ` [tip:x86/pti] x86/debug: Use UD2 for WARN() tip-bot for Peter Zijlstra
2018-02-15 0:27 ` tip-bot for Peter Zijlstra
2018-02-07 18:38 ` [linus:master] BUILD REGRESSION a2e5790d841658485d642196dbb0927303d6c22f Randy Dunlap
2018-02-07 19:01 ` Linus Torvalds
2018-02-07 19:06 ` Peter Zijlstra
2018-02-07 19:10 ` Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bace77a60d5af9b45eddb8f8fb9c776c8de657ef.1518130694.git.jpoimboe@redhat.com \
--to=jpoimboe@redhat.com \
--cc=arjan@linux.intel.com \
--cc=bp@alien8.de \
--cc=fengguang.wu@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.