Xen project Mailing List

[Xen-devel] [xen-devel] [Patch 4/4] DO NOT APPLY: Test code for interesting stack overflows

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 9 Aug 2013 20:55:58 +0100

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Delivery-date: Fri, 09 Aug 2013 19:56:31 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

--- xen/arch/x86/traps.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c index 17255d5..f5e99c1 100644 --- a/xen/arch/x86/traps.c +++ b/xen/arch/x86/traps.c @@ -34,6 +34,7 @@ #include <xen/console.h> #include <xen/shutdown.h> #include <xen/guest_access.h> +#include <xen/keyhandler.h> #include <asm/regs.h> #include <xen/delay.h> #include <xen/event.h> @@ -3742,6 +3743,76 @@ unsigned long do_get_debugreg(int reg) return -EINVAL; } +static noinline void recursion(int depth) +{ + /* junk on stack to fool naive algorithm */ + volatile unsigned long addr1 = (unsigned long)&do_get_debugreg; + volatile unsigned long tsc; + volatile unsigned long addr2 = (unsigned long)&do_set_debugreg; + + if ( depth == 0 ) + { + printk("Did you mean recursion()?\n"); + run_in_exception_handler(show_stack); + return; + } + else + { + rdtscll(tsc); + printk("depth %d, addr1 0x%016"PRIx64", addr2 0x%016"PRIx64", tsc %"PRIu64"\n", + depth, addr1, addr2, tsc); + recursion(depth-1); + printk("done\n"); /* So GCC cant perform tailcall optimisation */ + } +} + +static void stacktest1(unsigned char key) +{ + printk("In %s()\n", __func__); + recursion(5); +} + +static void stacktest2(unsigned char key, struct cpu_user_regs * regs) +{ + printk("In %s()\n", __func__); + recursion(5); +} + +static void stacktest3(unsigned char key) +{ + printk("In %s()\n", __func__); + recursion(500); +} + +static struct keyhandler stacktest_handler[] = { + { + .irq_callback = 0, + .u.fn = stacktest1, + .desc = "Xen stack #1 - Recurse a little and see trace." + }, + + { + .irq_callback = 1, + .u.irq_fn = stacktest2, + .desc = "Xen stack #2 - Recurse a little and see trace in irq." + }, + + { + .irq_callback = 0, + .u.fn = stacktest3, + .desc = "Xen stack #3 - Cause stack overflow." + }, + }; + +static int __init initialize_crashtable(void) +{ + register_keyhandler('1', &stacktest_handler[0]); + register_keyhandler('2', &stacktest_handler[1]); + register_keyhandler('3', &stacktest_handler[2]); + return 1; +} +__initcall(initialize_crashtable); + /* * Local variables: * mode: C -- 1.7.10.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.