From: Bastian Blank <bastian@waldi.eu.org>
To: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Xen-devel <xen-devel@lists.xensource.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@redhat.com>,
the arch/x86 maintainers <x86@kernel.org>,
Stable Kernel <stable@kernel.org>
Subject: Re: Re: [PATCH] xen: Disable stack protector for irq helper
Date: Wed, 7 Oct 2009 18:35:22 +0200 [thread overview]
Message-ID: <20091007163521.GA17998@wavehammer.waldi.eu.org> (raw)
In-Reply-To: <4ACB93F8.5010900@goop.org>
On Tue, Oct 06, 2009 at 12:01:12PM -0700, Jeremy Fitzhardinge wrote:
> On 10/05/09 20:30, Bastian Blank wrote:
> > The original version saves ecx, but not edx. Both are official
> > caller-saved registers.
> Hm. It doesn't save edx because that can be half of a 64-bit return
> value, and in general both eax and edx are marked clobbered.
Then it will be also wrong for functions returning void. They may
clobber eax but never set it to something correct.
> Except one
> place; does the patch below help?
Don't you need to remove the complete wrapper setup to get a correct
result? (And type safety.)
> > Well, my call stack say something different. It crashs during early
> > startup without a console. The modifications to the function pointers is
> > done much later.
> You're right. But you're holding out on me; can I see your backtrace?
Well, I'm traveling and it needs some time to recreate a broken kernel.
> And the disassembly of the troublesome code (both the Xen function and
> the calling function)?
That is easy.
| c12dc725 <_spin_lock_irqsave>:
| c12dc725: 83 ec 04 sub $0x4,%esp
| c12dc728: 89 c2 mov %eax,%edx
| c12dc72a: 65 a1 14 00 00 00 mov %gs:0x14,%eax
| c12dc730: 89 04 24 mov %eax,(%esp)
| c12dc733: 31 c0 xor %eax,%eax
| c12dc735: ff 15 bc 1a 3f c1 call *0xc13f1abc
Call to pv_irq_ops.save_fl.
| c12dc73b: 89 c1 mov %eax,%ecx
| c12dc73d: ff 15 c4 1a 3f c1 call *0xc13f1ac4
| c12dc743: b8 00 01 00 00 mov $0x100,%eax
| c12dc748: f0 66 0f c1 02 lock xadd %ax,(%edx)
| c12dc74d: 38 e0 cmp %ah,%al
| c12dc74f: 74 06 je c12dc757 <_spin_lock_irqsave+0x32>
| c12dc751: f3 90 pause
| c12dc753: 8a 02 mov (%edx),%al
Try to use (clobbered) edx.
| c12dc755: eb f6 jmp c12dc74d <_spin_lock_irqsave+0x28>
| c12dc757: 8b 14 24 mov (%esp),%edx
| c12dc75a: 65 33 15 14 00 00 00 xor %gs:0x14,%edx
| c12dc761: 89 c8 mov %ecx,%eax
| c12dc763: 74 05 je c12dc76a <_spin_lock_irqsave+0x45>
| c12dc765: e8 28 58 d6 ff call c1041f92 <__stack_chk_fail>
| c12dc76a: 5a pop %edx
| c12dc76b: c3 ret
| c1005dbc <xen_save_fl>:
| c1005dbc: 83 ec 04 sub $0x4,%esp
| c1005dbf: 65 a1 14 00 00 00 mov %gs:0x14,%eax
| c1005dc5: 89 04 24 mov %eax,(%esp)
| c1005dc8: 31 c0 xor %eax,%eax
| c1005dca: 64 a1 0c 70 47 c1 mov %fs:0xc147700c,%eax
| c1005dd0: 80 78 01 00 cmpb $0x0,0x1(%eax)
| c1005dd4: 0f 94 c0 sete %al
| c1005dd7: 0f b6 c0 movzbl %al,%eax
| c1005dda: f7 d8 neg %eax
| c1005ddc: 25 00 02 00 00 and $0x200,%eax
| c1005de1: 8b 14 24 mov (%esp),%edx
| c1005de4: 65 33 15 14 00 00 00 xor %gs:0x14,%edx
| c1005deb: 74 05 je c1005df2 <xen_save_fl+0x36>
| c1005ded: e8 a0 c1 03 00 call c1041f92 <__stack_chk_fail>
| c1005df2: 5a pop %edx
Clobbers edx with the old eax.
| c1005df3: c3 ret
| c13f1ab8 g O .data 0000001c pv_irq_ops
--
I'm frequently appalled by the low regard you Earthmen have for life.
-- Spock, "The Galileo Seven", stardate 2822.3
next prev parent reply other threads:[~2009-10-07 16:35 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-04 18:30 [PATCH] xen: Disable stack protector for irq helper Bastian Blank
2009-10-04 23:06 ` Jeremy Fitzhardinge
2009-10-05 1:35 ` Bastian Blank
2009-10-05 17:21 ` Jeremy Fitzhardinge
2009-10-05 22:43 ` Bastian Blank
2009-10-06 0:36 ` Jeremy Fitzhardinge
2009-10-06 3:30 ` Bastian Blank
2009-10-06 19:01 ` Jeremy Fitzhardinge
2009-10-07 16:35 ` Bastian Blank [this message]
2009-10-08 0:33 ` Jeremy Fitzhardinge
2009-10-12 20:52 ` Ingo Molnar
2009-10-12 21:12 ` Bastian Blank
2009-10-12 22:20 ` Jeremy Fitzhardinge
2009-10-12 23:32 ` Jeremy Fitzhardinge
2009-10-13 7:25 ` [tip:x86/urgent] x86/paravirt: Use normal calling sequences for irq enable/disable tip-bot for Jeremy Fitzhardinge
2009-10-05 1:52 ` [PATCH] xen: fbdev frontend needs xenbus frontend Bastian Blank
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091007163521.GA17998@wavehammer.waldi.eu.org \
--to=bastian@waldi.eu.org \
--cc=jeremy@goop.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=stable@kernel.org \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).