Don't overflow the trap frame when accessing lr or xzr
AbandonedPublic
Actions

Authored by andrew on Jul 8 2020, 9:42 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Mar 5 2025, 4:16 PM

	Unknown Object (File)
	Mar 2 2025, 4:16 AM

	Unknown Object (File)
	Mar 2 2025, 4:03 AM

	Unknown Object (File)
	Mar 2 2025, 2:33 AM

	Unknown Object (File)
	Mar 2 2025, 2:31 AM

	Unknown Object (File)
	Jan 8 2025, 1:55 PM

	Unknown Object (File)
	Dec 18 2024, 5:47 PM

	Unknown Object (File)
	Dec 12 2024, 7:24 PM

View All 24 Files

Subscribers

emaste

Details

Reviewers

None

Group Reviewers

arm64

Summary

When emulating a load pair or store pair in dtrace on arm64 we need to
copy the data between the stack and trap frame. When the registers are
either the link register or the zero register we will access memory
past the end of the trap frame as these are encoded as registers 30 and
31 respectively while the array they access only has 30 entries.

Fix this by creating 2 helper functions to perform the operation with
special cases for these registers.

Test Plan

Can run the following without a kernel panic:
dtrace -n 'fbt::kmem*:entry { @[probefunc] = count(); }'

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 32194
Build 29691: arc lint + arc unit

Event Timeline

andrew created this revision.Jul 8 2020, 9:42 AM

Herald added a subscriber: emaste. · View Herald TranscriptJul 8 2020, 9:42 AM

Harbormaster completed remote builds in B32194: Diff 74185.Jul 8 2020, 9:42 AM

andrew requested review of this revision.Jul 8 2020, 9:42 AM

Committed in rS363272

Revision Contents
Changeset List

Path

Size

sys/

cddl/

dev/

dtrace/

aarch64/

dtrace_subr.c

33 lines

Diff 74185

View Options

sys/cddl/dev/dtrace/aarch64/dtrace_subr.c

Don't overflow the trap frame when accessing lr or xzrAbandonedPublicActions