From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Miroslav Benes <mbenes@suse.cz>
Cc: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
Ingo Molnar <mingo@kernel.org>,
x86@kernel.org, Dmitry Vyukov <dvyukov@google.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>, Dave Jones <dsj@fb.com>,
Jann Horn <jannh@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Vince Weaver <vincent.weaver@maine.edu>
Subject: [PATCH] x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks
Date: Fri, 22 May 2020 08:54:39 -0500 [thread overview]
Message-ID: <20200522135435.vbxs7umku5pyrdbk@treble> (raw)
In-Reply-To: <alpine.LSU.2.21.2005220940070.18061@pobox.suse.cz>
Normally, show_trace_log_lvl() scans the stack, looking for text
addresses to print. In parallel, it unwinds the stack with
unwind_next_frame(). If the stack address matches the pointer returned
by unwind_get_return_address_ptr() for the current frame, the text
address is printed normally without a question mark. Otherwise it's
considered a breadcrumb (potentially from a previous call path) and it's
printed with a question mark to indicate that the address is unreliable
and typically can be ignored.
Since the following commit:
f1d9a2abff66 ("x86/unwind/orc: Don't skip the first frame for inactive tasks")
... for inactive tasks, show_trace_log_lvl() prints *only* unreliable
addresses (prepended with '?').
That happens because, for the first frame of an inactive task,
unwind_get_return_address_ptr() returns the wrong return address
pointer: one word *below* the task stack pointer. show_trace_log_lvl()
starts scanning at the stack pointer itself, so it never finds the first
'reliable' address, causing only guesses to being printed.
The first frame of an inactive task isn't a normal stack frame. It's
actually just an instance of 'struct inactive_task_frame' which is left
behind by __switch_to_asm(). Now that this inactive frame is actually
exposed to callers, fix unwind_get_return_address_ptr() to interpret it
properly.
Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Fixes: f1d9a2abff66 ("x86/unwind/orc: Don't skip the first frame for inactive tasks")
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
---
arch/x86/kernel/unwind_orc.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/arch/x86/kernel/unwind_orc.c b/arch/x86/kernel/unwind_orc.c
index fa79e4227d3d..7f969b2d240f 100644
--- a/arch/x86/kernel/unwind_orc.c
+++ b/arch/x86/kernel/unwind_orc.c
@@ -320,12 +320,19 @@ EXPORT_SYMBOL_GPL(unwind_get_return_address);
unsigned long *unwind_get_return_address_ptr(struct unwind_state *state)
{
+ struct task_struct *task = state->task;
+
if (unwind_done(state))
return NULL;
if (state->regs)
return &state->regs->ip;
+ if (task != current && state->sp == task->thread.sp) {
+ struct inactive_task_frame *frame = (void *)task->thread.sp;
+ return &frame->ret_addr;
+ }
+
if (state->sp)
return (unsigned long *)state->sp - 1;
--
2.21.1
next prev parent reply other threads:[~2020-05-22 13:55 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-20 20:53 INFO: task hung in locks_remove_posix syzbot
2020-05-21 14:09 ` Tetsuo Handa
2020-05-21 14:21 ` Dmitry Vyukov
2020-05-21 23:34 ` [5.7-rc5 x86 regression] ORC unwinder generates unreliable traces Tetsuo Handa
[not found] ` <54652cf1-ca04-c3ec-a2fe-d0f47484fb5f@i-love.sakura.ne.jp>
[not found] ` <20200522043037.fny37n7kjbfyrxo4@treble>
[not found] ` <alpine.LSU.2.21.2005220940070.18061@pobox.suse.cz>
2020-05-22 13:54 ` Josh Poimboeuf [this message]
2020-05-22 18:04 ` [tip: x86/urgent] x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks tip-bot2 for Josh Poimboeuf
2020-05-21 14:48 ` INFO: task hung in locks_remove_posix Jeff Layton
2020-05-21 16:27 ` Andrey Konovalov
2020-05-25 0:14 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200522135435.vbxs7umku5pyrdbk@treble \
--to=jpoimboe@redhat.com \
--cc=dsj@fb.com \
--cc=dvyukov@google.com \
--cc=jannh@google.com \
--cc=luto@kernel.org \
--cc=mbenes@suse.cz \
--cc=mingo@kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vincent.weaver@maine.edu \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).