mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-04 00:06:36 +00:00
a2a4d4a6a0
If the load access fault occures in a leaf function (with
CONFIG_FRAME_POINTER=y), when wrong stack trace will be displayed:
[<ffffffff804853c2>] regmap_mmio_read32le+0xe/0x1c
---[ end trace 0000000000000000 ]---
Registers dump:
ra 0xffffffff80485758 <regmap_mmio_read+36>
sp 0xffffffc80200b9a0
fp 0xffffffc80200b9b0
pc 0xffffffff804853ba <regmap_mmio_read32le+6>
Stack dump:
0xffffffc80200b9a0: 0xffffffc80200b9e0 0xffffffc80200b9e0
0xffffffc80200b9b0: 0xffffffff8116d7e8 0x0000000000000100
0xffffffc80200b9c0: 0xffffffd8055b9400 0xffffffd8055b9400
0xffffffc80200b9d0: 0xffffffc80200b9f0 0xffffffff8047c526
0xffffffc80200b9e0: 0xffffffc80200ba30 0xffffffff8047fe9a
The assembler dump of the function preambula:
add sp,sp,-16
sd s0,8(sp)
add s0,sp,16
In the fist stack frame, where ra is not stored on the stack we can
observe:
0(sp) 8(sp)
.---------------------------------------------.
sp->| frame->fp | frame->ra (saved fp) |
|---------------------------------------------|
fp->| .... | .... |
|---------------------------------------------|
| | |
and in the code check is performed:
if (regs && (regs->epc == pc) && (frame->fp & 0x7))
I see no reason to check frame->fp value at all, because it is can be
uninitialized value on the stack. A better way is to check frame->ra to
be an address on the stack. After the stacktrace shows as expect:
[<ffffffff804853c2>] regmap_mmio_read32le+0xe/0x1c
[<ffffffff80485758>] regmap_mmio_read+0x24/0x52
[<ffffffff8047c526>] _regmap_bus_reg_read+0x1a/0x22
[<ffffffff8047fe9a>] _regmap_read+0x5c/0xea
[<ffffffff80480376>] _regmap_update_bits+0x76/0xc0
...
---[ end trace 0000000000000000 ]---
As pointed by Samuel Holland it is incorrect to remove check of the stackframe
entirely.
Changes since v2 [2]:
- Add accidentally forgotten curly brace
Changes since v1 [1]:
- Instead of just dropping frame->fp check, replace it with validation of
frame->ra, which should be a stack address.
- Move frame pointer validation into the separate function.
[1] https://lore.kernel.org/linux-riscv/20240426072701.6463-1-dev.mbstr@gmail.com/
[2] https://lore.kernel.org/linux-riscv/20240521131314.48895-1-dev.mbstr@gmail.com/
Fixes:
|
||
|---|---|---|
| .. | ||
| compat_vdso | ||
| pi | ||
| probes | ||
| tests | ||
| vdso | ||
| .gitignore | ||
| acpi.c | ||
| alternative.c | ||
| asm-offsets.c | ||
| cacheinfo.c | ||
| cfi.c | ||
| compat_signal.c | ||
| compat_syscall_table.c | ||
| copy-unaligned.h | ||
| copy-unaligned.S | ||
| cpu-hotplug.c | ||
| cpu.c | ||
| cpu_ops.c | ||
| cpu_ops_sbi.c | ||
| cpu_ops_spinwait.c | ||
| cpufeature.c | ||
| crash_dump.c | ||
| crash_save_regs.S | ||
| efi-header.S | ||
| efi.c | ||
| elf_kexec.c | ||
| entry.S | ||
| fpu.S | ||
| ftrace.c | ||
| head.h | ||
| head.S | ||
| hibernate-asm.S | ||
| hibernate.c | ||
| image-vars.h | ||
| irq.c | ||
| jump_label.c | ||
| kernel_mode_vector.c | ||
| kexec_relocate.S | ||
| kgdb.c | ||
| machine_kexec.c | ||
| machine_kexec_file.c | ||
| Makefile | ||
| mcount-dyn.S | ||
| mcount.S | ||
| module-sections.c | ||
| module.c | ||
| paravirt.c | ||
| patch.c | ||
| perf_callchain.c | ||
| perf_regs.c | ||
| process.c | ||
| ptrace.c | ||
| reset.c | ||
| return_address.c | ||
| riscv_ksyms.c | ||
| sbi-ipi.c | ||
| sbi.c | ||
| setup.c | ||
| signal.c | ||
| smp.c | ||
| smpboot.c | ||
| soc.c | ||
| stacktrace.c | ||
| suspend.c | ||
| suspend_entry.S | ||
| sys_hwprobe.c | ||
| sys_riscv.c | ||
| syscall_table.c | ||
| time.c | ||
| traps.c | ||
| traps_misaligned.c | ||
| unaligned_access_speed.c | ||
| vdso.c | ||
| vector.c | ||
| vmcore_info.c | ||
| vmlinux-xip.lds.S | ||
| vmlinux.lds.S | ||