Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp3149058imd;
        Mon, 29 Oct 2018 02:29:22 -0700 (PDT)
X-Google-Smtp-Source: AJdET5cNFwse6rzLBJr8Oz9+geYhtyUrJzuXj3IMxT5kp8KcDeVmDNfI8gai2YceEqkPsHpCOJ7v
X-Received: by 2002:a62:6dc3:: with SMTP id i186-v6mr14563581pfc.218.1540805362089;
        Mon, 29 Oct 2018 02:29:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1540805362; cv=none;
        d=google.com; s=arc-20160816;
        b=VAt09cf9++e/xthBbMRYV1teyq96K6nn91OGYpTQ95wG/Ce9eCK/YyDpdtMeTGTOtD
         SB2TR2s5Q0xLtHjr6QyWUyrp0YZqetFUpt2mHQVth1/A6R6FaBNesFek1O+2XY3KPL53
         A10lAI0ewKCKmngcb5V+ELUIJKjNPoddSv3oJEibKYZE4nyi9Xv536bBTND7wt/4Wuhr
         0LPZVYJPbD4JX0H5U1eRkLgpFeio3QSb3b7jjYirmGziizxkWkBRo1qgs84XuJrQLIV2
         h+FzjZhufqYNBC9pCsCfgCatddNI7acqh90/8nZMC6nVpWs8+HxT6tzUKQiKwzsjzwGz
         R13w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=ustRjgHg5Pd7y8Yf0s+cPVJ5VRBdz0cyHwcHVESt+8c=;
        b=eAwhZ+PhrwaNmkEDAc8FHm4/O6TTg4Ask59W6WJiax9WrTKOs8c2ubZot9e8moY2j4
         Yqsq3qcgrn0z18ouk00KYWZwr/QbSnep2h6IonzWmspF6NqC6xayht2u3zhH1PIhkG8B
         pRnoRFymjwvzaeV482hYXhDxeWoheg8j6sXbGeiNJnlDam5+oTjhpDyjt/ucXYYsMWbc
         exsjVjGTbZiHqDLcJzNtir7bFk4ix4YZ5XF0iLoQwIVtRGf/Q6z1iBatn+zSYHgo34Cf
         lERl916k+/H87hIAoktp57gMhSwB5zPsS7GGeW5nuryJ61t//Inp4VhbTdj760sI13Q1
         eYpg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d8-v6si3504857pls.164.2018.10.29.02.29.06;
        Mon, 29 Oct 2018 02:29:22 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729686AbeJ2SQI (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Mon, 29 Oct 2018 14:16:08 -0400
Received: from foss.arm.com ([217.140.101.70]:37228 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729479AbeJ2SQI (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 Oct 2018 14:16:08 -0400
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 828CA341;
        Mon, 29 Oct 2018 02:28:18 -0700 (PDT)
Received: from salmiak (usa-sjc-mx-foss1.foss.arm.com [217.140.101.70])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id DA4623F557;
        Mon, 29 Oct 2018 02:28:15 -0700 (PDT)
Date:   Mon, 29 Oct 2018 09:28:12 +0000
From:   Mark Rutland <mark.rutland@arm.com>
To:     Josh Poimboeuf <jpoimboe@redhat.com>
Cc:     Torsten Duwe <duwe@lst.de>, Will Deacon <will.deacon@arm.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Julien Thierry <julien.thierry@arm.com>,
        Steven Rostedt <rostedt@goodmis.org>,
        Ingo Molnar <mingo@redhat.com>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        Arnd Bergmann <arnd@arndb.de>,
        AKASHI Takahiro <takahiro.akashi@linaro.org>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        live-patching@vger.kernel.org
Subject: Re: [PATCH v4 3/3] arm64: reliable stacktraces
Message-ID: <20181029092812.j7q5gfwxc3qq4vye@salmiak>
References: <20181026142008.D922868C94@newverein.lst.de>
 <20181026142157.B8FAA68C97@newverein.lst.de>
 <20181026153704.7g34j3gtlklepyvb@treble>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20181026153704.7g34j3gtlklepyvb@treble>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Josh,

I also have a few concerns here, as it is not clear to me precisely what is
required from arch code. Is there any documentation I should look at?

On Fri, Oct 26, 2018 at 10:37:04AM -0500, Josh Poimboeuf wrote:
> On Fri, Oct 26, 2018 at 04:21:57PM +0200, Torsten Duwe wrote:
> > Enhance the stack unwinder so that it reports whether it had to stop
> > normally or due to an error condition; unwind_frame() will report
> > continue/error/normal ending and walk_stackframe() will pass that
> > info. __save_stack_trace() is used to check the validity of a stack;
> > save_stack_trace_tsk_reliable() can now trivially be implemented.
> > Modify arch/arm64/kernel/time.c as the only external caller so far
> > to recognise the new semantics.

There are a number of error conditions not currently handled by the unwinder
(mostly in the face of stack corruption), for which there have been prior
discussions on list.

Do we care about those cases, or do we consider things best-effort in the face
of stack corruption?

> > I had to introduce a marker symbol kthread_return_to_user to tell
> > the normal origin of a kernel thread.
> > 
> > Signed-off-by: Torsten Duwe <duwe@suse.de>
> 
> I haven't looked at the code, but the commit log doesn't inspire much
> confidence.  It's missing everything I previously asked for in the
> powerpc version.
> 
> There's zero mention of objtool.  What analysis was done to indicate
> that we can rely on frame pointers?
> 
> Such a frame pointer analysis should be included in the commit log.  It
> should describe *at least* the following:
> 
> - whether inline asm statements with call/branch instructions will
>   confuse GCC into skipping the frame pointer setup if it considers the
>   function to be a leaf function;

There's a reasonable chance that the out-of-line LL/SC atomics could confuse
GCC into thinking callers are leaf functions. That's the only inline asm that
I'm aware of with BL instructions (how calls are made on arm64).

> - whether hand-coded non-leaf assembly functions can accidentally omit
>   the frame pointer prologue setup;

Most of our assembly doesn't setup stackframes, and some of these are non-leaf,
e.g. __cpu_suspend_enter.

Also, I suspect our entry assembly may violate/confuse assumptions here. I've
been working to move more of that to C, but that isn't yet complete.

> - whether GCC can generally be relied upon to get arm64 frame pointers
>   right, in both normal operation and edge cases.
> 
> The commit log should also describe whether the unwinder itself can be
> considered reliable for all edge cases:
> 
> - detection and reporting of preemption and page faults;
> 
> - detection and recovery from function graph tracing;
> 
> - detection and reporting of other unexpected conditions,
>   including when the unwinder doesn't reach the end of the stack.

We may also have NMIs (with SDEI).

Thanks,
Mark.