[PATCH] Fix fall-through from case 30 (rld*) to case 31
Andrew Donnellan
andrew.donnellan at au1.ibm.com
Wed Jan 27 11:52:04 AEDT 2016
On 25/01/16 17:55, Oliver O'Halloran wrote:
> I think this bug can only be triggered if the instruction to
> simulate is malformed. The switch in the else case only handles
> the zero and one case, but it extracts bits 4:1 from the
> instruction word so it may be other values. It's pretty minor, but
> a bug is a bug.
>
> Signed-off-by: Oliver O'Halloran <oohall at gmail.com>
The patch summary should probably be something along the lines of
"powerpc/sstep: fix switch fall-through when analysing malformed rld*
instructions" or similar. The rest of the message should have the more
specific details of the bug you're fixing.
In general, we always mention the affected subsystems in the patch
summary line and write both the summary line and the message so that
other developers can get a quick understanding of what the patch does
without actually needing to read the code. Keep in mind that commit
messages will show up in the git logs of every kernel developer, not
just powerpc people.
> --- a/arch/powerpc/lib/sstep.c
> +++ b/arch/powerpc/lib/sstep.c
> @@ -925,6 +925,7 @@ int __kprobes analyse_instr(struct instruction_op *op, struct pt_regs *regs,
> }
> }
> #endif
> + break; /* illegal instruction */
I had a cursory glance at the code and it's not obvious to me that this
is the correct way to deal with an invalid instruction. What happens
when you break out of the switch? It looks like it just ends up
returning 0, the same as any other instruction that isn't executed
directly in the analyse_instr() stage.
Is there anywhere else in the sstep code that deals well with malformed
instructions?
--
Andrew Donnellan Software Engineer, OzLabs
andrew.donnellan at au1.ibm.com Australia Development Lab, Canberra
+61 2 6201 8874 (work) IBM Australia Limited
More information about the Linuxppc-dev
mailing list