lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAK8P3a2NudGg_i7AMMF67mcFy-UD3RZbUwdWOm5Wv0AUQ0nLLQ@mail.gmail.com>
Date:   Mon, 14 Dec 2020 13:49:07 +0100
From:   Arnd Bergmann <arnd@...nel.org>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Josh Poimboeuf <jpoimboe@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        clang-built-linux <clang-built-linux@...glegroups.com>
Subject: Re: objtool crashes with some clang produced .o files

net/xfrm/xfrm_output.o: warning: objtool: xfrm_output_resume()+0xdb4:
unreachable instruction
On Sat, Dec 12, 2020 at 1:42 AM 'Nick Desaulniers' via Clang Built
Linux <clang-built-linux@...glegroups.com> wrote:
>
> On Fri, Dec 11, 2020 at 12:57 PM Nick Desaulniers
> <ndesaulniers@...gle.com> wrote:
> >
> > Thanks for the patch!
> >
> > Reviewed-by: Nick Desaulniers <ndesaulniers@...gle.com>
> > Link: https://github.com/ClangBuiltLinux/linux/issues/1207
>
> Arnd reported another objtool warning/error from another randconfig in
> https://github.com/ClangBuiltLinux/linux/issues/1209 and CrOS just hit
> this as well.
>
> I haven't been able to isolate the configs yet (Arnd has posted the
> full config: https://pastebin.com/wwwhUL8L
>
> $ ./tools/objtool/objtool orc generate  --no-fp --no-unreachable
> --retpoline arch/x86/entry/thunk_64.o
> arch/x86/entry/thunk_64.o: warning: objtool: missing symbol for insn
> at offset 0x3e
>
> Is the offset 0x3e referring to the final `ret` instruction in
> preempt_schedule_notrace_thunk?  Observing insn_to_reloc_sym_addend()
> (with your patch applied), it looks like both calls to
> find_symbol_containing() with offset and offset-1 returns NULL.  I'm
> curious if there's another quirk going on here, or possibly a config
> from the randconfig that's messing up the special case? I don't follow
> the comment about:
> 119        * Hack alert.  This happens when we need to reference
> 120        * the NOP pad insn immediately after the function.
> 121        */
>
> Attached the object file FWIW.

For completeness, these are the ones I currently see using clang-11
and clang-12, I believe
I have reported each one in the past:

1. For each file in kernel/trace/
kernel/trace/trace_clock.o: warning: objtool:
__llvm_gcov_writeout()+0x7: call without frame pointer save/setup
kernel/trace/trace_clock.o: warning: objtool: __llvm_gcov_reset()+0x0:
call without frame pointer save/setup
kernel/trace/trace_clock.o: warning: objtool: __llvm_gcov_flush()+0x0:
call without frame pointer save/setup
kernel/trace/trace_clock.o: warning: objtool: __llvm_gcov_init()+0x0:
call without frame pointer save/setup

2) reiserfs_panic()
fs/reiserfs/do_balan.o: warning: objtool: replace_key()+0x3db: stack
state mismatch: cfa1=7+104 cfa2=7+128
fs/reiserfs/do_balan.o: warning: objtool: balance_leaf()+0xd80d: stack
state mismatch: cfa1=7+424 cfa2=7+440
fs/reiserfs/lbalance.o: warning: objtool:
leaf_copy_boundary_item()+0x2bc5: stack state mismatch: cfa1=7+248
cfa2=7+240
fs/reiserfs/lbalance.o: warning: objtool:
leaf_copy_items_entirely()+0xcda: stack state mismatch: cfa1=7+256
cfa2=7+248
fs/reiserfs/ibalance.o: warning: objtool: balance_internal()+0x3448:
stack state mismatch: cfa1=7+328 cfa2=7+336
fs/reiserfs/ibalance.o: warning: objtool:
internal_move_pointers_items()+0x7c1: stack state mismatch: cfa1=7+200
cfa2=7+192

3) unreachable instructions:
arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0xb95:
unreachable instruction
net/xfrm/xfrm_output.o: warning: objtool: xfrm_output_resume()+0xdb4:
unreachable instruction
drivers/hwmon/pmbus/adm1275.o: warning: objtool:
adm1275_probe()+0x622: unreachable instruction
drivers/xen/privcmd.o: warning: objtool: mmap_batch_fn()+0x14d:
unreachable instruction
drivers/xen/privcmd.o: warning: objtool:
privcmd_ioctl_mmap_batch()+0x954: unreachable instruction
lib/string.o: warning: objtool: fortify_panic()+0x3: unreachable instruction
drivers/scsi/smartpqi/smartpqi_init.o: warning: objtool:
pqi_shutdown()+0x244: unreachable instruction

4) jitterentropy built with -O0:
crypto/jitterentropy.o: warning: objtool: tsan.module_ctor()+0x0: call
without frame pointer save/setup

5) unsafe_put_user() misoptimization
arch/x86/kernel/signal.o: warning: objtool: __setup_rt_frame()+0x4c7:
call to memset() with UACCESS enabled
arch/x86/ia32/ia32_signal.o: warning: objtool:
ia32_setup_rt_frame()+0x15b: call to memset() with UACCESS enabled

6) user_access_save()/restore() problem in ftrace
kernel/trace/trace_branch.o: warning: objtool:
ftrace_likely_update()+0x1ed: call to __stack_chk_fail() with UACCESS
enabled

7) sibling calls:
mm/vmscan.o: warning: objtool: shrink_node()+0x540: sibling call from
callable instruction with modified stack frame
drivers/spi/spi-rockchip.o: warning: objtool:
rockchip_spi_transfer_one()+0x2e0: sibling call from callable
instruction with modified stack frame
drivers/gpu/drm/i915/gem/i915_gem_execbuffer.o: warning: objtool:
check_relocations()+0x68: return with modified stack frame

8) i915 GEM_BUG_ON() stack state mismatch (same as reiserfs_panic()):
drivers/gpu/drm/i915/gem/i915_gem_execbuffer.o: warning: objtool:
check_relocations()+0x145: stack state mismatch: cfa1=7+48 cfa2=-1+0
drivers/gpu/drm/i915/gem/i915_gem_mman.o: warning: objtool:
__igt_mmap_revoke()+0x180: stack state mismatch: cfa1=7+48 cfa2=-1+0

9) kasan build, for each file:
     arch/x86/entry/vdso/vma.o: warning: objtool:
asan.module_ctor()+0xc: call without frame pointer save/setup
     arch/x86/entry/vdso/vma.o: warning: objtool:
asan.module_dtor()+0xc: call without frame pointer save/setup
     arch/x86/entry/vsyscall/vsyscall_64.o: warning: objtool:
asan.module_ctor()+0xc: call without frame pointer save/setup
     arch/x86/entry/vsyscall/vsyscall_64.o: warning: objtool:
asan.module_dtor()+0xc: call without frame pointer save/setup
     arch/x86/events/amd/core.o: warning: objtool:
asan.module_ctor()+0xc: call without frame pointer save/setup
     arch/x86/events/amd/core.o: warning: objtool:
asan.module_dtor()+0xc: call without frame pointer save/setup
     arch/x86/events/amd/ibs.o: warning: objtool:
asan.module_ctor()+0xc: call without frame pointer save/setup
     arch/x86/events/amd/ibs.o: warning: objtool:
asan.module_dtor()+0xc: call without frame pointer save/setup

        Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ