diff options
| author | Borislav Petkov <bp@suse.de> | 2013-04-29 15:05:54 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2013-04-29 15:54:27 -0700 |
| commit | 18ff44b189e2a9becb2047a790578b90aef56349 (patch) | |
| tree | 063e746ba13086b2a154dea0192a9bc15a362ecd /scripts/decodecode | |
| parent | 0c0de199ce1fef20c86679194e31133da21c3c2a (diff) | |
scripts/decodecode: make faulting insn ptr more robust
It can accidentally happen that the faulting insn (the exact instruction
bytes) is repeated a little further on in the trace. This causes that
same instruction to be tagged twice, see example below.
What we want to do, however, is to track back from the end of the whole
disassembly so many lines as the slice which starts with the faulting
instruction is long. This leads us to the actual faulting instruction
and *then* we tag it.
While we're at it, we can drop the sed "g" flag because we address only
this one line.
Also, if we point to an instruction which changes decoding depending on
the slice being objdumped, like a Jcc insn, for example, we do not even
tag it as a faulting instruction because the instruction decode changes
in the second slice but we use that second format as a regex on the
fsrst disassembled buffer and more often than not that instruction
doesn't match.
Again, simply tag the line which is deduced from the original "<>"
marking we've received from the kernel.
This also solves the pathologic issue of multiple tagging like this:
29:* 0f 0b ud2 <-- trapping instruction
2b:* 0f 0b ud2 <-- trapping instruction
2d:* 0f 0b ud2 <-- trapping instruction
Double tagging example:
Code: 34 dd 40 30 ad 81 48 c7 c0 80 f6 00 00 48 8b 3c 30 48 01 c6 b8 ff ff ff ff 48 8d 57 f0 48 39 f7 74 2f 49 8b 4c 24 08 48 8b 47 f0 <48> 39 48 08 75 0e eb 2a 66 90 48 8b 40 f0 48 39 48 08 74 1e 48
All code
========
0: 34 dd xor $0xdd,%al
2: 40 30 ad 81 48 c7 c0 xor %bpl,-0x3f38b77f(%rbp)
9: 80 f6 00 xor $0x0,%dh
c: 00 48 8b add %cl,-0x75(%rax)
f: 3c 30 cmp $0x30,%al
11: 48 01 c6 add %rax,%rsi
14: b8 ff ff ff ff mov $0xffffffff,%eax
19: 48 8d 57 f0 lea -0x10(%rdi),%rdx
1d: 48 39 f7 cmp %rsi,%rdi
20: 74 2f je 0x51
22: 49 8b 4c 24 08 mov 0x8(%r12),%rcx
27: 48 8b 47 f0 mov -0x10(%rdi),%rax
2b:* 48 39 48 08 cmp %rcx,0x8(%rax) <-- trapping instruction
2f: 75 0e jne 0x3f
31: eb 2a jmp 0x5d
33: 66 90 xchg %ax,%ax
35: 48 8b 40 f0 mov -0x10(%rax),%rax
39:* 48 39 48 08 cmp %rcx,0x8(%rax) <-- trapping instruction
3d: 74 1e je 0x5d
3f: 48 rex.W
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'scripts/decodecode')
| -rwxr-xr-x | scripts/decodecode | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/scripts/decodecode b/scripts/decodecode index 4f8248d5a11f..d8824f37acce 100755 --- a/scripts/decodecode +++ b/scripts/decodecode @@ -89,10 +89,16 @@ echo $code >> $T.s disas $T cat $T.dis >> $T.aa +# (lines of whole $T.oo) - (lines of $T.aa, i.e. "Code starting") + 3, +# i.e. the title + the "===..=" line (sed is counting from 1, 0 address is +# special) +faultlinenum=$(( $(wc -l $T.oo | cut -d" " -f1) - \ + $(wc -l $T.aa | cut -d" " -f1) + 3)) + faultline=`cat $T.dis | head -1 | cut -d":" -f2-` faultline=`echo "$faultline" | sed -e 's/\[/\\\[/g; s/\]/\\\]/g'` -cat $T.oo | sed -e "s/\($faultline\)/\*\1 <-- trapping instruction/g" +cat $T.oo | sed -e "${faultlinenum}s/^\(.*:\)\(.*\)/\1\*\2\t\t<-- trapping instruction/" echo cat $T.aa cleanup |