Re: [Crash-utility] [PATCH] x86_64: Fix "bt" command on kernels with random_kstack_offset=on

On Mon, Feb 20, 2023 at 9:29 AM HAGIO KAZUHITO(萩尾 一仁) <k-hagio-ab(a)nec.com&gt; wrote: > On kernels configured with CONFIG_RANDOMIZE_KSTACK_OFFSET=y and > random_kstack_offset=on, a random offset is added to the stack with > __kstack_alloca() at the beginning of do_syscall_64() and other syscall > entry functions. This function has the following instruction. > > <do_syscall_64+32>: sub %rax,%rsp On the other hand, crash uses only a part of data for ORC unwinder to > unwind stacks and if an ip value doesn't have a usable ORC data, it > caluculates the frame size with parsing the assembly of the function. > > However, crash cannot calculate the frame size correctly with the > instruction above, and prints stale return addresses like this: > > crash> bt 1 > PID: 1 TASK: ffff9c250023b880 CPU: 0 COMMAND: "systemd" > #0 [ffffb7e5c001fc80] __schedule at ffffffff91ae2b16 > #1 [ffffb7e5c001fd00] schedule at ffffffff91ae2ed3 > #2 [ffffb7e5c001fd18] schedule_hrtimeout_range_clock at > ffffffff91ae7ed8 > #3 [ffffb7e5c001fda8] ep_poll at ffffffff913ef828 > #4 [ffffb7e5c001fe48] do_epoll_wait at ffffffff913ef943 > #5 [ffffb7e5c001fe80] __x64_sys_epoll_wait at ffffffff913f0130 > #6 [ffffb7e5c001fed0] do_syscall_64 at ffffffff91ad7169 > #7 [ffffb7e5c001fef0] do_syscall_64 at ffffffff91ad7179 << > #8 [ffffb7e5c001ff10] syscall_exit_to_user_mode at ffffffff91adaab2 << > stale entries > #9 [ffffb7e5c001ff20] do_syscall_64 at ffffffff91ad7179 << > #10 [ffffb7e5c001ff50] entry_SYSCALL_64_after_hwframe at > ffffffff91c0009b > RIP: 00007f258d9427ae RSP: 00007fffda631d60 RFLAGS: 00000293 > ... > > To fix this, enhance the usage of ORC data. The ORC unwinder often uses > %rbp value, so keep it from exception frames and inactive task stacks. > Good understanding, Kazu. The patch looks good to me. So: Ack.