Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc

From: Josh Poimboeuf
Date: Thu Jun 03 2021 - 09:30:06 EST

Next message: Peter Zijlstra: "Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc"
Previous message: Vladimir Oltean: "Re: [RESEND PATCH net-next v4 0/3] Enable 2.5Gbps speed for stmmac"
In reply to: Andi Kleen: "Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc"
Next in thread: Peter Zijlstra: "Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 02, 2021 at 04:35:11PM -0700, Andi Kleen wrote:
>
> > profile_pc() assumes the return address is either directly at regs->sp,
> > or one word adjacent to it due to saved flags, both of which are just
> > completely wrong. This code has probably never worked with ORC, and
> > nobody noticed apparently.
>
> I presume it used to work because the lock functions were really simple, but
> that's not true anymore.

Yeah, I figured as much.

> > We could just use ORC to unwind to the next frame. Though, isn't
> > /proc/profile redundant, compared to all the more sophisticated options
> > nowadays? Is there still a distinct use case for it or can we just
> > remove it?
>
> It's still needed for some special cases. For example there is no other
> viable way to profile early boot without a VM
>
> I would just drop the hack to unwind, at least for the early boot profile
> use case locking profiling is usually not needed.

Ok, I'll just get rid of the hack then.

--
Josh

Next message: Peter Zijlstra: "Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc"
Previous message: Vladimir Oltean: "Re: [RESEND PATCH net-next v4 0/3] Enable 2.5Gbps speed for stmmac"
In reply to: Andi Kleen: "Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc"
Next in thread: Peter Zijlstra: "Re: [syzbot] KASAN: stack-out-of-bounds Read in profile_pc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]