Page MenuHomeFreeBSD
Differential D27357

Stack unwinding robustness fixes for RISC-V.
ClosedPublic
Actions

Authored by jhb on Nov 24 2020, 9:48 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mar 16 2024, 11:18 PM
Unknown Object (File)
Mar 16 2024, 11:17 PM
Unknown Object (File)
Mar 16 2024, 11:17 PM
Unknown Object (File)
Mar 16 2024, 11:17 PM
Unknown Object (File)
Mar 14 2024, 6:56 AM
Unknown Object (File)
Jan 1 2024, 10:14 PM
Unknown Object (File)
Dec 23 2023, 4:10 AM
Unknown Object (File)
Dec 23 2023, 4:10 AM
View All 54 Files
Subscribers
andrew
imp

Details

Reviewers
mhorne
jrtc27
markj
gnn
Commits
rS368454: Stack unwinding robustness fixes for RISC-V.
Summary
  • Push the kstack_contains check down into unwind_frame() so that it is honored by DDB and DTrace.
  • Check that the trapframe for an exception frame is contained in the traced thread's kernel stack for DDB traces.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jhb requested review of this revision.Nov 24 2020, 9:48 PM
jhb created this revision.
Harbormaster completed remote builds in B35010: Diff 79953.Nov 24 2020, 9:48 PM
jhb added a parent revision: D27356: Add a kstack_contains() helper function..Nov 24 2020, 9:49 PM
jhb mentioned this in D27362: Check that the frame pointer is within the current stack..Nov 24 2020, 9:53 PM
jhb added reviewers: mhorne, jrtc27, markj.
markj added a subscriber: andrew.Nov 26 2020, 3:36 PM
markj added inline comments.
sys/cddl/dev/dtrace/riscv/dtrace_isa.c
93 ↗(On Diff #79953)

This will have the same problem that @andrew mentioned in the arm64 review: nothing prevents one from enabling an FBT probe on unwind_frame().

jrtc27 added inline comments.Nov 26 2020, 3:38 PM
sys/cddl/dev/dtrace/riscv/dtrace_isa.c
93 ↗(On Diff #79953)

The same is true of dtrace_getpcstack and all manner of other functions, surely? Play stupid games, win stupid prizes, and all that. But in an ideal world we'd tell you to go away if you tried that.

markj added inline comments.Nov 26 2020, 3:45 PM
sys/cddl/dev/dtrace/riscv/dtrace_isa.c
93 ↗(On Diff #79953)

fbt_excluded() tries to exclude such cases. If you load DTrace as a set of kernel modules, as opposed to compiling it into the kernel, it is also smart enough to not create probes in its own kernel modules.

This works fine on amd64: you can reliably enable all FBT probes in the kernel. On other platforms I wouldn't trust it to work because of issues like this, but in general you're not supposed to be able to crash the system by enabling arbitrary probes.

jhb updated this revision to Diff 80333.Dec 4 2020, 8:07 PM
  • Add unwind_frame to fbt_excluded
Herald added a reviewer: gnn. · View Herald TranscriptDec 4 2020, 8:07 PM
Herald added a subscriber: imp. · View Herald Transcript
Harbormaster completed remote builds in B35196: Diff 80333.Dec 4 2020, 8:07 PM
jhb marked 3 inline comments as done.Dec 4 2020, 8:08 PM
jhb added a child revision: D27362: Check that the frame pointer is within the current stack..
markj accepted this revision.Dec 7 2020, 11:15 PM
This revision was not accepted when it landed; it landed in state Needs Review.Dec 8 2020, 5:57 PM
Closed by commit rS368454: Stack unwinding robustness fixes for RISC-V. (authored by jhb). · Explain Why
This revision was automatically updated to reflect the committed changes.
jhb added a commit: rS368454: Stack unwinding robustness fixes for RISC-V..

Revision Contents
Changeset List

PathSize
head/
sys/
cddl/
dev/
dtrace/
riscv/
8 lines
fbt/
9 lines
riscv/
include/
2 lines
riscv/
13 lines
4 lines
11 lines

Diff 80449

View Options

head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c

Loading...
View Options

head/sys/cddl/dev/fbt/fbt.c

Loading...
View Options

head/sys/riscv/include/stack.h

Loading...
View Options

head/sys/riscv/riscv/db_trace.c

Loading...
View Options

head/sys/riscv/riscv/stack_machdep.c

Loading...
View Options

head/sys/riscv/riscv/unwind.c

Loading...