|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH RFC] x86/traps: Improve hypervisor stack overflow detection
On 20/11/15 10:54, Jan Beulich wrote: >>>> On 19.11.15 at 18:34, <andrew.cooper3@xxxxxxxxxx> wrote: >> @@ -394,9 +401,8 @@ void show_stack_overflow(unsigned int cpu, const struct >> cpu_user_regs *regs) >> (void *)esp_top, (void *)esp_bottom, (void *)esp, >> (void *)per_cpu(init_tss, cpu).esp0); >> >> - /* Trigger overflow trace if %esp is within 512 bytes of the guard >> page. */ >> - if ( ((unsigned long)(esp - esp_top) > 512) && >> - ((unsigned long)(esp_top - esp) > 512) ) >> + /* Trigger overflow trace if %esp is anywhere within the guard page. */ >> + if ( (esp & PAGE_MASK) != (esp_top - PAGE_SIZE) ) > Is this correct? I'd suspect this to be wrong when esp is in the > lower of the two primary stack pages. If we have hit a double fault from the stack guard pages, one way or another %esp is somewhere in the guard page. Although now you point this out, it still might be just in the primary stack and very close to the boundary, or misaligned across the boundary. Being an abort means that %esp in the exception frame might not be the exact %esp which caused the issue. I will reintroduce some slop into the check. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |