Stable Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 1/4] ARM: backtrace-clang: check for NULL lr
       [not found] <20200730205112.2099429-1-ndesaulniers@google.com>
@ 2020-07-30 20:51 ` Nick Desaulniers
  2020-08-07 18:07   ` Nathan Huckleberry
  2020-07-30 20:51 ` [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference Nick Desaulniers
  2020-08-06  1:24 ` [PATCH 0/4] CONFIG_UNWINDER_FRAME_POINTER fixes+cleanups Sasha Levin
  2 siblings, 1 reply; 10+ messages in thread
From: Nick Desaulniers @ 2020-07-30 20:51 UTC (permalink / raw)
  To: Nathan Huckleberry, Russell King
  Cc: Andrew Morton, Chunyan Zhang, clang-built-linux, Dmitry Safonov,
	linux-arm-kernel, linux-kernel, linux-mediatek, Lvqiang Huang,
	Matthias Brugger, Nick Desaulniers, Miles Chen, stable

If the link register was zeroed out, do not attempt to use it for
address calculations for which there are currently no fixup handlers,
which can lead to a panic during unwind. Since panicking triggers
another unwind, this can lead to an infinite loop.  If this occurs
during start_kernel(), this can prevent a kernel from booting.

commit 59b6359dd92d ("ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel()")
intentionally zeros out the link register in __mmap_switched which tail
calls into start kernel. Test for this condition so that we can stop
unwinding when initiated within start_kernel() correctly.

Cc: stable@vger.kernel.org
Fixes: commit 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang")
Reported-by: Miles Chen <miles.chen@mediatek.com>
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
---
 arch/arm/lib/backtrace-clang.S | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/arm/lib/backtrace-clang.S b/arch/arm/lib/backtrace-clang.S
index 6174c45f53a5..5388ac664c12 100644
--- a/arch/arm/lib/backtrace-clang.S
+++ b/arch/arm/lib/backtrace-clang.S
@@ -144,6 +144,8 @@ for_each_frame:	tst	frame, mask		@ Check for address exceptions
  */
 1003:		ldr	sv_lr, [sv_fp, #4]	@ get saved lr from next frame
 
+		tst	sv_lr, #0		@ If there's no previous lr,
+		beq	finished_setup		@ we're done.
 		ldr	r0, [sv_lr, #-4]	@ get call instruction
 		ldr	r3, .Lopcode+4
 		and	r2, r3, r0		@ is this a bl call
-- 
2.28.0.163.g6104cc2f0b6-goog


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
       [not found] <20200730205112.2099429-1-ndesaulniers@google.com>
  2020-07-30 20:51 ` [PATCH 1/4] ARM: backtrace-clang: check for NULL lr Nick Desaulniers
@ 2020-07-30 20:51 ` Nick Desaulniers
  2020-08-01 23:18   ` Sasha Levin
                     ` (2 more replies)
  2020-08-06  1:24 ` [PATCH 0/4] CONFIG_UNWINDER_FRAME_POINTER fixes+cleanups Sasha Levin
  2 siblings, 3 replies; 10+ messages in thread
From: Nick Desaulniers @ 2020-07-30 20:51 UTC (permalink / raw)
  To: Nathan Huckleberry, Russell King
  Cc: Andrew Morton, Chunyan Zhang, clang-built-linux, Dmitry Safonov,
	linux-arm-kernel, linux-kernel, linux-mediatek, Lvqiang Huang,
	Matthias Brugger, Nick Desaulniers, Miles Chen, stable

If the value of the link register is not correct (tail call from asm
that didn't set it, stack corruption, memory no longer mapped), then
using it for an address calculation may trigger an exception.  Without a
fixup handler, this will lead to a panic, which will unwind, which will
trigger the fault repeatedly in an infinite loop.

We don't observe such failures currently, but we have. Just to be safe,
add a fixup handler here so that at least we don't have an infinite
loop.

Cc: stable@vger.kernel.org
Fixes: commit 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang")
Reported-by: Miles Chen <miles.chen@mediatek.com>
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
---
 arch/arm/lib/backtrace-clang.S | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/arch/arm/lib/backtrace-clang.S b/arch/arm/lib/backtrace-clang.S
index 5388ac664c12..40eb2215eaf4 100644
--- a/arch/arm/lib/backtrace-clang.S
+++ b/arch/arm/lib/backtrace-clang.S
@@ -146,7 +146,7 @@ for_each_frame:	tst	frame, mask		@ Check for address exceptions
 
 		tst	sv_lr, #0		@ If there's no previous lr,
 		beq	finished_setup		@ we're done.
-		ldr	r0, [sv_lr, #-4]	@ get call instruction
+prev_call:	ldr	r0, [sv_lr, #-4]	@ get call instruction
 		ldr	r3, .Lopcode+4
 		and	r2, r3, r0		@ is this a bl call
 		teq	r2, r3
@@ -206,6 +206,13 @@ finished_setup:
 		mov	r2, frame
 		bl	printk
 no_frame:	ldmfd	sp!, {r4 - r9, fp, pc}
+/*
+ * Accessing the address pointed to by the link register triggered an
+ * exception, don't try to unwind through it.
+ */
+bad_lr:		mov	sv_fp, #0
+		mov	sv_lr, #0
+		b	finished_setup
 ENDPROC(c_backtrace)
 		.pushsection __ex_table,"a"
 		.align	3
@@ -214,6 +221,7 @@ ENDPROC(c_backtrace)
 		.long	1003b, 1006b
 		.long	1004b, 1006b
 		.long   1005b, 1006b
+		.long	prev_call, bad_lr
 		.popsection
 
 .Lbad:		.asciz	"%sBacktrace aborted due to bad frame pointer <%p>\n"
-- 
2.28.0.163.g6104cc2f0b6-goog


^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
  2020-07-30 20:51 ` [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference Nick Desaulniers
@ 2020-08-01 23:18   ` Sasha Levin
  2020-08-03 18:13     ` Nick Desaulniers
  2020-08-06  1:24   ` Sasha Levin
  2020-08-06 22:38   ` Nathan Huckleberry
  2 siblings, 1 reply; 10+ messages in thread
From: Sasha Levin @ 2020-08-01 23:18 UTC (permalink / raw)
  To: Sasha Levin, Nick Desaulniers, Nathan Huckleberry
  Cc: Andrew Morton, stable, stable

Hi

[This is an automated email]

This commit has been processed because it contains a "Fixes:" tag
fixing commit: 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang").

The bot has tested the following trees: v5.7.11, v5.4.54.

v5.7.11: Failed to apply! Possible dependencies:
    5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
    99c56f602183 ("ARM: backtrace-clang: check for NULL lr")

v5.4.54: Failed to apply! Possible dependencies:
    40ff1ddb5570 ("ARM: 8948/1: Prevent OOB access in stacktrace")
    5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
    99c56f602183 ("ARM: backtrace-clang: check for NULL lr")


NOTE: The patch will not be queued to stable trees until it is upstream.

How should we proceed with this patch?

-- 
Thanks
Sasha

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
  2020-08-01 23:18   ` Sasha Levin
@ 2020-08-03 18:13     ` Nick Desaulniers
  2020-08-04  6:27       ` Greg KH
  0 siblings, 1 reply; 10+ messages in thread
From: Nick Desaulniers @ 2020-08-03 18:13 UTC (permalink / raw)
  To: Sasha Levin, Greg KH; +Cc: Nathan Huckleberry, Andrew Morton, # 3.4.x

On Sat, Aug 1, 2020 at 4:18 PM Sasha Levin <sashal@kernel.org> wrote:
>
> Hi
>
> [This is an automated email]
>
> This commit has been processed because it contains a "Fixes:" tag
> fixing commit: 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang").
>
> The bot has tested the following trees: v5.7.11, v5.4.54.
>
> v5.7.11: Failed to apply! Possible dependencies:
>     5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
>     99c56f602183 ("ARM: backtrace-clang: check for NULL lr")
>
> v5.4.54: Failed to apply! Possible dependencies:
>     40ff1ddb5570 ("ARM: 8948/1: Prevent OOB access in stacktrace")
>     5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
>     99c56f602183 ("ARM: backtrace-clang: check for NULL lr")
>
>
> NOTE: The patch will not be queued to stable trees until it is upstream.
>
> How should we proceed with this patch?

Ah, ok, I'll provide manual backports then once this hits mainline.
In that case, should I drop the explicit `Cc: stable...` tag?

(I don't think the dependency on the loglvl should be backported,
which is the source of conflict)
-- 
Thanks,
~Nick Desaulniers

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
  2020-08-03 18:13     ` Nick Desaulniers
@ 2020-08-04  6:27       ` Greg KH
  0 siblings, 0 replies; 10+ messages in thread
From: Greg KH @ 2020-08-04  6:27 UTC (permalink / raw)
  To: Nick Desaulniers; +Cc: Sasha Levin, Nathan Huckleberry, Andrew Morton, # 3.4.x

On Mon, Aug 03, 2020 at 11:13:04AM -0700, Nick Desaulniers wrote:
> On Sat, Aug 1, 2020 at 4:18 PM Sasha Levin <sashal@kernel.org> wrote:
> >
> > Hi
> >
> > [This is an automated email]
> >
> > This commit has been processed because it contains a "Fixes:" tag
> > fixing commit: 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang").
> >
> > The bot has tested the following trees: v5.7.11, v5.4.54.
> >
> > v5.7.11: Failed to apply! Possible dependencies:
> >     5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
> >     99c56f602183 ("ARM: backtrace-clang: check for NULL lr")
> >
> > v5.4.54: Failed to apply! Possible dependencies:
> >     40ff1ddb5570 ("ARM: 8948/1: Prevent OOB access in stacktrace")
> >     5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
> >     99c56f602183 ("ARM: backtrace-clang: check for NULL lr")
> >
> >
> > NOTE: The patch will not be queued to stable trees until it is upstream.
> >
> > How should we proceed with this patch?
> 
> Ah, ok, I'll provide manual backports then once this hits mainline.
> In that case, should I drop the explicit `Cc: stable...` tag?

No, it's good to have it there as then you get the automatic email
saying it failed to apply :)

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
  2020-07-30 20:51 ` [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference Nick Desaulniers
  2020-08-01 23:18   ` Sasha Levin
@ 2020-08-06  1:24   ` Sasha Levin
  2020-08-06 22:38   ` Nathan Huckleberry
  2 siblings, 0 replies; 10+ messages in thread
From: Sasha Levin @ 2020-08-06  1:24 UTC (permalink / raw)
  To: Sasha Levin, Nick Desaulniers, Nathan Huckleberry
  Cc: Andrew Morton, stable, stable

Hi

[This is an automated email]

This commit has been processed because it contains a "Fixes:" tag
fixing commit: 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang").

The bot has tested the following trees: v5.7.11, v5.4.54.

v5.7.11: Failed to apply! Possible dependencies:
    5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
    e6902a275517 ("ARM: backtrace-clang: check for NULL lr")

v5.4.54: Failed to apply! Possible dependencies:
    40ff1ddb5570 ("ARM: 8948/1: Prevent OOB access in stacktrace")
    5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
    e6902a275517 ("ARM: backtrace-clang: check for NULL lr")


NOTE: The patch will not be queued to stable trees until it is upstream.

How should we proceed with this patch?

-- 
Thanks
Sasha

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 0/4] CONFIG_UNWINDER_FRAME_POINTER fixes+cleanups
       [not found] <20200730205112.2099429-1-ndesaulniers@google.com>
  2020-07-30 20:51 ` [PATCH 1/4] ARM: backtrace-clang: check for NULL lr Nick Desaulniers
  2020-07-30 20:51 ` [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference Nick Desaulniers
@ 2020-08-06  1:24 ` Sasha Levin
  2 siblings, 0 replies; 10+ messages in thread
From: Sasha Levin @ 2020-08-06  1:24 UTC (permalink / raw)
  To: Sasha Levin, Nick Desaulniers, Nathan Huckleberry; +Cc: Andrew Morton, stable

Hi

[This is an automated email]

This commit has been processed because it contains a "Fixes:" tag
fixing commit: 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang").

The bot has tested the following trees: v5.7.11, v5.4.54.

v5.7.11: Failed to apply! Possible dependencies:
    5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
    637ce97e7c24 ("ARM: backtrace-clang: check for NULL lr")
    7c8ef99a0b04 ("ARM: backtrace-clang: add fixup for lr dereference")

v5.4.54: Failed to apply! Possible dependencies:
    40ff1ddb5570 ("ARM: 8948/1: Prevent OOB access in stacktrace")
    5489ab50c227 ("arm/asm: add loglvl to c_backtrace()")
    637ce97e7c24 ("ARM: backtrace-clang: check for NULL lr")
    7c8ef99a0b04 ("ARM: backtrace-clang: add fixup for lr dereference")


NOTE: The patch will not be queued to stable trees until it is upstream.

How should we proceed with this patch?

-- 
Thanks
Sasha

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
  2020-07-30 20:51 ` [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference Nick Desaulniers
  2020-08-01 23:18   ` Sasha Levin
  2020-08-06  1:24   ` Sasha Levin
@ 2020-08-06 22:38   ` Nathan Huckleberry
  2020-08-10 22:33     ` Nick Desaulniers
  2 siblings, 1 reply; 10+ messages in thread
From: Nathan Huckleberry @ 2020-08-06 22:38 UTC (permalink / raw)
  To: Nick Desaulniers
  Cc: Russell King, Andrew Morton, Chunyan Zhang, clang-built-linux,
	Dmitry Safonov, linux-arm-kernel, linux-kernel, linux-mediatek,
	Lvqiang Huang, Matthias Brugger, Miles Chen, stable,
	Nathan Huckleberry

Mostly looks good to me. Just a minor nit.

On Thu, Jul 30, 2020 at 3:51 PM Nick Desaulniers
<ndesaulniers@google.com> wrote:
>
> If the value of the link register is not correct (tail call from asm
> that didn't set it, stack corruption, memory no longer mapped), then
> using it for an address calculation may trigger an exception.  Without a
> fixup handler, this will lead to a panic, which will unwind, which will
> trigger the fault repeatedly in an infinite loop.
>
> We don't observe such failures currently, but we have. Just to be safe,
> add a fixup handler here so that at least we don't have an infinite
> loop.
>
> Cc: stable@vger.kernel.org
> Fixes: commit 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang")
> Reported-by: Miles Chen <miles.chen@mediatek.com>
> Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
> ---
>  arch/arm/lib/backtrace-clang.S | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm/lib/backtrace-clang.S b/arch/arm/lib/backtrace-clang.S
> index 5388ac664c12..40eb2215eaf4 100644
> --- a/arch/arm/lib/backtrace-clang.S
> +++ b/arch/arm/lib/backtrace-clang.S
> @@ -146,7 +146,7 @@ for_each_frame:     tst     frame, mask             @ Check for address exceptions
>
>                 tst     sv_lr, #0               @ If there's no previous lr,
>                 beq     finished_setup          @ we're done.
> -               ldr     r0, [sv_lr, #-4]        @ get call instruction
> +prev_call:     ldr     r0, [sv_lr, #-4]        @ get call instruction
>                 ldr     r3, .Lopcode+4
>                 and     r2, r3, r0              @ is this a bl call
>                 teq     r2, r3
> @@ -206,6 +206,13 @@ finished_setup:
>                 mov     r2, frame
>                 bl      printk
>  no_frame:      ldmfd   sp!, {r4 - r9, fp, pc}
> +/*
> + * Accessing the address pointed to by the link register triggered an
> + * exception, don't try to unwind through it.
> + */
> +bad_lr:                mov     sv_fp, #0

It might be nice to emit a warning here since we'll
only hit this case if something fishy is going on
with the saved lr.

> +               mov     sv_lr, #0
> +               b       finished_setup
>  ENDPROC(c_backtrace)
>                 .pushsection __ex_table,"a"
>                 .align  3
> @@ -214,6 +221,7 @@ ENDPROC(c_backtrace)
>                 .long   1003b, 1006b
>                 .long   1004b, 1006b
>                 .long   1005b, 1006b
> +               .long   prev_call, bad_lr
>                 .popsection
>
>  .Lbad:         .asciz  "%sBacktrace aborted due to bad frame pointer <%p>\n"
> --
> 2.28.0.163.g6104cc2f0b6-goog
>

Thanks,
Huck

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 1/4] ARM: backtrace-clang: check for NULL lr
  2020-07-30 20:51 ` [PATCH 1/4] ARM: backtrace-clang: check for NULL lr Nick Desaulniers
@ 2020-08-07 18:07   ` Nathan Huckleberry
  0 siblings, 0 replies; 10+ messages in thread
From: Nathan Huckleberry @ 2020-08-07 18:07 UTC (permalink / raw)
  To: Nick Desaulniers
  Cc: Russell King, Andrew Morton, Chunyan Zhang, clang-built-linux,
	Dmitry Safonov, linux-arm-kernel, linux-kernel, linux-mediatek,
	Lvqiang Huang, Matthias Brugger, Miles Chen, stable

On Thu, Jul 30, 2020 at 3:51 PM Nick Desaulniers
<ndesaulniers@google.com> wrote:
>
> If the link register was zeroed out, do not attempt to use it for
> address calculations for which there are currently no fixup handlers,
> which can lead to a panic during unwind. Since panicking triggers
> another unwind, this can lead to an infinite loop.  If this occurs
> during start_kernel(), this can prevent a kernel from booting.
>
> commit 59b6359dd92d ("ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel()")
> intentionally zeros out the link register in __mmap_switched which tail
> calls into start kernel. Test for this condition so that we can stop
> unwinding when initiated within start_kernel() correctly.
>
> Cc: stable@vger.kernel.org
> Fixes: commit 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang")
> Reported-by: Miles Chen <miles.chen@mediatek.com>
> Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
> ---
>  arch/arm/lib/backtrace-clang.S | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/arch/arm/lib/backtrace-clang.S b/arch/arm/lib/backtrace-clang.S
> index 6174c45f53a5..5388ac664c12 100644
> --- a/arch/arm/lib/backtrace-clang.S
> +++ b/arch/arm/lib/backtrace-clang.S
> @@ -144,6 +144,8 @@ for_each_frame:     tst     frame, mask             @ Check for address exceptions
>   */
>  1003:          ldr     sv_lr, [sv_fp, #4]      @ get saved lr from next frame
>
> +               tst     sv_lr, #0               @ If there's no previous lr,
> +               beq     finished_setup          @ we're done.
>                 ldr     r0, [sv_lr, #-4]        @ get call instruction
>                 ldr     r3, .Lopcode+4
>                 and     r2, r3, r0              @ is this a bl call
> --
> 2.28.0.163.g6104cc2f0b6-goog
>

Reviewed-by: Nathan Huckleberry <nhuck15@gmail.com>

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference
  2020-08-06 22:38   ` Nathan Huckleberry
@ 2020-08-10 22:33     ` Nick Desaulniers
  0 siblings, 0 replies; 10+ messages in thread
From: Nick Desaulniers @ 2020-08-10 22:33 UTC (permalink / raw)
  To: Nathan Huckleberry
  Cc: Russell King, Andrew Morton, Chunyan Zhang, clang-built-linux,
	Dmitry Safonov, Linux ARM, LKML, linux-mediatek, Lvqiang Huang,
	Matthias Brugger, Miles Chen, # 3.4.x, Nathan Huckleberry

On Thu, Aug 6, 2020 at 3:39 PM Nathan Huckleberry <nhuck15@gmail.com> wrote:
>
> Mostly looks good to me. Just a minor nit.
>
> On Thu, Jul 30, 2020 at 3:51 PM Nick Desaulniers
> <ndesaulniers@google.com> wrote:
> >
> > If the value of the link register is not correct (tail call from asm
> > that didn't set it, stack corruption, memory no longer mapped), then
> > using it for an address calculation may trigger an exception.  Without a
> > fixup handler, this will lead to a panic, which will unwind, which will
> > trigger the fault repeatedly in an infinite loop.
> >
> > We don't observe such failures currently, but we have. Just to be safe,
> > add a fixup handler here so that at least we don't have an infinite
> > loop.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: commit 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang")
> > Reported-by: Miles Chen <miles.chen@mediatek.com>
> > Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
> > ---
> >  arch/arm/lib/backtrace-clang.S | 10 +++++++++-
> >  1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/arm/lib/backtrace-clang.S b/arch/arm/lib/backtrace-clang.S
> > index 5388ac664c12..40eb2215eaf4 100644
> > --- a/arch/arm/lib/backtrace-clang.S
> > +++ b/arch/arm/lib/backtrace-clang.S
> > @@ -146,7 +146,7 @@ for_each_frame:     tst     frame, mask             @ Check for address exceptions
> >
> >                 tst     sv_lr, #0               @ If there's no previous lr,
> >                 beq     finished_setup          @ we're done.
> > -               ldr     r0, [sv_lr, #-4]        @ get call instruction
> > +prev_call:     ldr     r0, [sv_lr, #-4]        @ get call instruction
> >                 ldr     r3, .Lopcode+4
> >                 and     r2, r3, r0              @ is this a bl call
> >                 teq     r2, r3
> > @@ -206,6 +206,13 @@ finished_setup:
> >                 mov     r2, frame
> >                 bl      printk
> >  no_frame:      ldmfd   sp!, {r4 - r9, fp, pc}
> > +/*
> > + * Accessing the address pointed to by the link register triggered an
> > + * exception, don't try to unwind through it.
> > + */
> > +bad_lr:                mov     sv_fp, #0
>
> It might be nice to emit a warning here since we'll
> only hit this case if something fishy is going on
> with the saved lr.

Yeah, something fishy is going on if that ever happens.  Let me create
a V2 with an additional print.

>
> > +               mov     sv_lr, #0
> > +               b       finished_setup
> >  ENDPROC(c_backtrace)
> >                 .pushsection __ex_table,"a"
> >                 .align  3
> > @@ -214,6 +221,7 @@ ENDPROC(c_backtrace)
> >                 .long   1003b, 1006b
> >                 .long   1004b, 1006b
> >                 .long   1005b, 1006b
> > +               .long   prev_call, bad_lr
> >                 .popsection
> >
> >  .Lbad:         .asciz  "%sBacktrace aborted due to bad frame pointer <%p>\n"
> > --
> > 2.28.0.163.g6104cc2f0b6-goog
> >
>
> Thanks,
> Huck



-- 
Thanks,
~Nick Desaulniers

^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, back to index

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20200730205112.2099429-1-ndesaulniers@google.com>
2020-07-30 20:51 ` [PATCH 1/4] ARM: backtrace-clang: check for NULL lr Nick Desaulniers
2020-08-07 18:07   ` Nathan Huckleberry
2020-07-30 20:51 ` [PATCH 2/4] ARM: backtrace-clang: add fixup for lr dereference Nick Desaulniers
2020-08-01 23:18   ` Sasha Levin
2020-08-03 18:13     ` Nick Desaulniers
2020-08-04  6:27       ` Greg KH
2020-08-06  1:24   ` Sasha Levin
2020-08-06 22:38   ` Nathan Huckleberry
2020-08-10 22:33     ` Nick Desaulniers
2020-08-06  1:24 ` [PATCH 0/4] CONFIG_UNWINDER_FRAME_POINTER fixes+cleanups Sasha Levin

Stable Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/stable/0 stable/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 stable stable/ https://lore.kernel.org/stable \
		stable@vger.kernel.org
	public-inbox-index stable

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.stable


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git