[PATCH 1/4] ARM: backtrace-clang: check for NULL lr
Nathan Huckleberry
nhuck15 at gmail.com
Fri Aug 7 14:07:21 EDT 2020
On Thu, Jul 30, 2020 at 3:51 PM Nick Desaulniers
<ndesaulniers at google.com> wrote:
>
> If the link register was zeroed out, do not attempt to use it for
> address calculations for which there are currently no fixup handlers,
> which can lead to a panic during unwind. Since panicking triggers
> another unwind, this can lead to an infinite loop. If this occurs
> during start_kernel(), this can prevent a kernel from booting.
>
> commit 59b6359dd92d ("ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel()")
> intentionally zeros out the link register in __mmap_switched which tail
> calls into start kernel. Test for this condition so that we can stop
> unwinding when initiated within start_kernel() correctly.
>
> Cc: stable at vger.kernel.org
> Fixes: commit 6dc5fd93b2f1 ("ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang")
> Reported-by: Miles Chen <miles.chen at mediatek.com>
> Signed-off-by: Nick Desaulniers <ndesaulniers at google.com>
> ---
> arch/arm/lib/backtrace-clang.S | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/arm/lib/backtrace-clang.S b/arch/arm/lib/backtrace-clang.S
> index 6174c45f53a5..5388ac664c12 100644
> --- a/arch/arm/lib/backtrace-clang.S
> +++ b/arch/arm/lib/backtrace-clang.S
> @@ -144,6 +144,8 @@ for_each_frame: tst frame, mask @ Check for address exceptions
> */
> 1003: ldr sv_lr, [sv_fp, #4] @ get saved lr from next frame
>
> + tst sv_lr, #0 @ If there's no previous lr,
> + beq finished_setup @ we're done.
> ldr r0, [sv_lr, #-4] @ get call instruction
> ldr r3, .Lopcode+4
> and r2, r3, r0 @ is this a bl call
> --
> 2.28.0.163.g6104cc2f0b6-goog
>
Reviewed-by: Nathan Huckleberry <nhuck15 at gmail.com>
More information about the Linux-mediatek
mailing list