hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-sg2042/arch/x86
History
Josh Poimboeuf 7fbe6ac024 x86/unwind: Fix empty stack dereference in guess unwinder 
Vince Waver reported the following bug:

  WARNING: CPU: 0 PID: 21338 at arch/x86/mm/fault.c:435 vmalloc_fault+0x58/0x1f0
  CPU: 0 PID: 21338 Comm: perf_fuzzer Not tainted 4.8.0+ #37
  Hardware name: Hewlett-Packard HP Compaq Pro 6305 SFF/1850, BIOS K06 v02.57 08/16/2013
  Call Trace:
   <NMI>  ? dump_stack+0x46/0x59
   ? __warn+0xd5/0xee
   ? vmalloc_fault+0x58/0x1f0
   ? __do_page_fault+0x6d/0x48e
   ? perf_log_throttle+0xa4/0xf4
   ? trace_page_fault+0x22/0x30
   ? __unwind_start+0x28/0x42
   ? perf_callchain_kernel+0x75/0xac
   ? get_perf_callchain+0x13a/0x1f0
   ? perf_callchain+0x6a/0x6c
   ? perf_prepare_sample+0x71/0x2eb
   ? perf_event_output_forward+0x1a/0x54
   ? __default_send_IPI_shortcut+0x10/0x2d
   ? __perf_event_overflow+0xfb/0x167
   ? x86_pmu_handle_irq+0x113/0x150
   ? native_read_msr+0x6/0x34
   ? perf_event_nmi_handler+0x22/0x39
   ? perf_ibs_nmi_handler+0x4a/0x51
   ? perf_event_nmi_handler+0x22/0x39
   ? nmi_handle+0x4d/0xf0
   ? perf_ibs_handle_irq+0x3d1/0x3d1
   ? default_do_nmi+0x3c/0xd5
   ? do_nmi+0x92/0x102
   ? end_repeat_nmi+0x1a/0x1e
   ? entry_SYSCALL_64_after_swapgs+0x12/0x4a
   ? entry_SYSCALL_64_after_swapgs+0x12/0x4a
   ? entry_SYSCALL_64_after_swapgs+0x12/0x4a
   <EOE> ^A4---[ end trace 632723104d47d31a ]---
  BUG: stack guard page was hit at ffffc90008500000 (stack is ffffc900084fc000..ffffc900084fffff)
  kernel stack overflow (page fault): 0000 [#1] SMP
  ...

The NMI hit in the entry code right after setting up the stack pointer
from 'cpu_current_top_of_stack', so the kernel stack was empty.  The
'guess' version of __unwind_start() attempted to dereference the "top of
stack" pointer, which is not actually *on* the stack.

Add a check in the guess unwinder to deal with an empty stack.  (The
frame pointer unwinder already has such a check.)

Reported-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: 7c7900f897 ("x86/unwind: Add new unwind interface and implementations")
Link: http://lkml.kernel.org/r/20161024133127.e5evgeebdbohnmpb@treble
Signed-off-by: Ingo Molnar <mingo@kernel.org>
 		2016-10-25 11:36:43 +02:00
..
boot * Refactor the EFI memory map code into architecture neutral files 2016-09-13 20:21:55 +02:00
configs IOMMU Updates for Linux v4.9 2016-10-11 12:52:41 -07:00
crypto crypto: sha512-mb - fix ctx pointer 2016-08-16 17:09:43 +08:00
entry x86, pkeys: remove cruft from never-merged syscalls 2016-10-17 14:16:13 -07:00
events Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-10-18 09:59:04 -07:00
ia32 x86/signal: Add SA_{X32,IA32}_ABI sa_flags 2016-09-14 21:28:11 +02:00
include sched/core, x86: Make struct thread_info arch specific again 2016-10-20 13:27:47 +02:00
kernel x86/unwind: Fix empty stack dereference in guess unwinder 2016-10-25 11:36:43 +02:00
kvm kvm: x86: memset whole irq_eoi 2016-10-20 14:54:11 +02:00
lguest lguest: Read offset of device_cap later 2016-06-10 11:39:09 +02:00
lib Merge branch 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2016-10-14 14:26:58 -07:00
math-emu
mm Merge branch 'gup_flag-cleanups' 2016-10-19 08:39:47 -07:00
net bpf, x86: add support for constant blinding 2016-05-16 13:49:32 -04:00
oprofile oprofile/x86: Convert x86_backtrace() to use the new unwinder 2016-09-20 08:29:34 +02:00
pci PCI changes for the v4.9 merge window: 2016-10-07 11:46:37 -07:00
platform x86/platform/UV: Fix support for EFI_OLD_MEMMAP after BIOS callback updates 2016-10-20 08:47:58 +02:00
power x86/asm: Get rid of __read_cr4_safe() 2016-09-30 12:40:12 +02:00
purgatory Add sancov plugin 2016-06-07 22:57:10 +02:00
ras x86/RAS/mce_amd_inj: Remove debugfs dir recursively on exit 2016-09-26 11:13:17 +02:00
realmode x86/boot: Rework reserve_real_mode() to allow multiple tries 2016-08-11 11:15:01 +02:00
tools x86/insn: Add AVX-512 support to the instruction decoder 2016-07-21 09:37:11 -03:00
um Merge branch 'gup_flag-cleanups' 2016-10-19 08:39:47 -07:00
video x86/video: Don't assume all FB devices are PCI devices 2016-03-15 11:08:26 +01:00
xen xen: fixes for 4.9-rc2 2016-10-24 19:52:24 -07:00
.gitignore
Kbuild perf/x86: Move perf_event.c ............... => x86/events/core.c 2016-02-09 10:23:49 +01:00
Kconfig atomic64: no need for CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE 2016-10-07 18:46:30 -07:00
Kconfig.cpu
Kconfig.debug Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-03-15 09:32:27 -07:00
Makefile lib/raid6: Add AVX512 optimized gen_syndrome functions 2016-09-21 09:09:44 -07:00
Makefile.um
Makefile_32.cpu