lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f2psdjlh7mafym2kuiuyzohrtjpsf6mvdi3by4dlatwiaozt35@wllpaa36jxgj>
Date: Tue, 2 Dec 2025 11:56:59 -0800
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: Ingo Molnar <mingo@...nel.org>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, 
	Nathan Chancellor <nathan@...nel.org>, Peter Zijlstra <peterz@...radead.org>, 
	Alexandre Chartre <alexandre.chartre@...cle.com>, David Laight <david.laight.linux@...il.com>
Subject: Re: [PATCH] objtool: Fix stack overflow in validate_branch()

On Tue, Dec 02, 2025 at 09:11:50AM -0800, Josh Poimboeuf wrote:
> > > > That's weird - how can a user-space tool run into stack 
> > > > limits, are they set particularly conservatively?
> > > 
> > > On my Fedora system, "ulimit -s" is 8MB.  You'd think that would be
> > > enough :-)
> > > 
> > > In this case, objtool had over 20,000 stack frames caused by recursively
> > > following over 7,000(!) conditional jumps in a single function.
> > 
> > Ouch ...
> > 
> > ... which means that very likely we'll run into this problem again. :-/
> > 
> > Time to add stack overflow self-detection?
> > 
> > I've attached a simple proof-of-concept that uses 
> > sigaltstacks based SIGSEGV handler to catch a stack 
> > overflow:
> > 
> >   starship:/s/stack-overflow> ./overflow 
> >   # Starting stack recursion:
> > 
> >   # WARNING: SIGSEGV received: Possible stack overflow detected!
> > 
> >   starship:/s/stack-overflow> 
> > 
> > Could we add something like this to objtool, with 
> > perhaps a look at the interrupted stack pointer from 
> > SIGSEGV_handler(), to make sure the SIGSEGV was due to 
> > a stack overflow?
> 
> Yes, I think that would be wise.  I've been thinking objtool could use a
> SIGSEGV handler anyway, as it crashes more often than one would hope,
> with a cryptic non-helpful error message for the user.
> 
> I'll work on it.

Is something like the below sufficient?  Or do you think we should add
logic to distinguish the stack overflow from other crashes?

---8<---

From: Josh Poimboeuf <jpoimboe@...nel.org>
Subject: [PATCH] objtool: Improve error message for SIGSEGV

When the kernel build fails due to an objtool seg fault, the error
message is confusing:

  make[5]: *** [scripts/Makefile.build:503: drivers/scsi/qla2xxx/qla2xxx.o] Error 139
  make[5]: *** Deleting file 'drivers/scsi/qla2xxx/qla2xxx.o'
  make[4]: *** [scripts/Makefile.build:556: drivers/scsi/qla2xxx] Error 2
  make[3]: *** [scripts/Makefile.build:556: drivers/scsi] Error 2
  make[2]: *** [scripts/Makefile.build:556: drivers] Error 2
  make[1]: *** [/home/jpoimboe/git/linux/Makefile:2013: .] Error 2
  make: *** [Makefile:248: __sub-make] Error 2

Add a signal handler which prints an error message like:

  drivers/scsi/qla2xxx/qla2xxx.o: error: objtool: SIGSEGV (Segmentation Fault) received at address 0x7ffc5f33bf30

... and re-raises the signal so the core dump still gets triggered.

Reported-by: Ingo Molnar <mingo@...nel.org>
Signed-off-by: Josh Poimboeuf <jpoimboe@...nel.org>
---
 tools/objtool/Build                     |  1 +
 tools/objtool/include/objtool/objtool.h |  2 +
 tools/objtool/objtool.c                 |  4 +-
 tools/objtool/signal.c                  | 77 +++++++++++++++++++++++++
 4 files changed, 83 insertions(+), 1 deletion(-)
 create mode 100644 tools/objtool/signal.c

diff --git a/tools/objtool/Build b/tools/objtool/Build
index 9982e665d58d..600da051af12 100644
--- a/tools/objtool/Build
+++ b/tools/objtool/Build
@@ -18,6 +18,7 @@ objtool-y += libstring.o
 objtool-y += libctype.o
 objtool-y += str_error_r.o
 objtool-y += librbtree.o
+objtool-y += signal.o
 
 $(OUTPUT)libstring.o: ../lib/string.c FORCE
 	$(call rule_mkdir)
diff --git a/tools/objtool/include/objtool/objtool.h b/tools/objtool/include/objtool/objtool.h
index f7051bbe0bcb..6dc12a59ad00 100644
--- a/tools/objtool/include/objtool/objtool.h
+++ b/tools/objtool/include/objtool/objtool.h
@@ -41,6 +41,8 @@ struct objtool_file {
 
 char *top_level_dir(const char *file);
 
+int init_signal_handler(void);
+
 struct objtool_file *objtool_open_read(const char *_objname);
 
 int objtool_pv_add(struct objtool_file *file, int idx, struct symbol *func);
diff --git a/tools/objtool/objtool.c b/tools/objtool/objtool.c
index 3c26ed561c7e..1c3622117c33 100644
--- a/tools/objtool/objtool.c
+++ b/tools/objtool/objtool.c
@@ -104,11 +104,13 @@ char *top_level_dir(const char *file)
 	return str;
 }
 
-
 int main(int argc, const char **argv)
 {
 	static const char *UNUSED = "OBJTOOL_NOT_IMPLEMENTED";
 
+	if (init_signal_handler())
+		return -1;
+
 	/* libsubcmd init */
 	exec_cmd_init("objtool", UNUSED, UNUSED, UNUSED);
 	pager_init(UNUSED);
diff --git a/tools/objtool/signal.c b/tools/objtool/signal.c
new file mode 100644
index 000000000000..9f99fb2fde24
--- /dev/null
+++ b/tools/objtool/signal.c
@@ -0,0 +1,77 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <unistd.h>
+
+#include <objtool/objtool.h>
+#include <objtool/warn.h>
+
+static void signal_handler(int sig_num, siginfo_t *info, void *context)
+{
+	struct sigaction sa_dfl = {0};
+	const char *sig_name;
+	char msg[256];
+	int msg_len;
+
+	switch (sig_num) {
+	case SIGSEGV:
+		sig_name = "SIGSEGV (Segmentation Fault)";
+		break;
+	case SIGBUS:
+		sig_name = "SIGBUS (Bus Error)";
+		break;
+	case SIGILL:
+		sig_name = "SIGILL (Illegal Instruction)";
+		break;
+	case SIGABRT:
+		sig_name = "SIGABRT (Program Abort)";
+		break;
+	default:
+		sig_name = "Unknown signal";
+		break;
+	}
+
+	msg_len = snprintf(msg, sizeof(msg),
+			   "%s: error: objtool: %s received at address %p\n",
+			   objname, sig_name, info->si_addr);
+	write(STDERR_FILENO, msg, msg_len);
+
+	/* Re-raise the signal to trigger the core dump */
+	sa_dfl.sa_handler = SIG_DFL;
+	sigaction(sig_num, &sa_dfl, NULL);
+	raise(sig_num);
+}
+
+int init_signal_handler(void)
+{
+	int signals[] = {SIGSEGV, SIGBUS, SIGILL, SIGABRT};
+	struct sigaction sa;
+	stack_t ss;
+
+	ss.ss_sp = malloc(SIGSTKSZ);
+	if (!ss.ss_sp) {
+		ERROR_GLIBC("malloc");
+		return -1;
+	}
+	ss.ss_size = SIGSTKSZ;
+	ss.ss_flags = 0;
+
+	if (sigaltstack(&ss, NULL) == -1) {
+		ERROR_GLIBC("sigaltstack");
+		return -1;
+	}
+
+	sa.sa_sigaction = signal_handler;
+	sigemptyset(&sa.sa_mask);
+
+	sa.sa_flags = SA_ONSTACK | SA_SIGINFO;
+
+	for (int i = 0; i < ARRAY_SIZE(signals); i++) {
+		if (sigaction(signals[i], &sa, NULL) == -1) {
+			ERROR_GLIBC("sigaction");
+			return -1;
+		}
+	}
+
+	return 0;
+}
-- 
2.51.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ