From owner-svn-src-stable@freebsd.org  Tue Nov  7 17:09:01 2017
Return-Path: <owner-svn-src-stable@freebsd.org>
Delivered-To: svn-src-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7A697E5E1FF;
 Tue,  7 Nov 2017 17:09:01 +0000 (UTC)
 (envelope-from tijl@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org [96.47.72.37])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 45D33772BE;
 Tue,  7 Nov 2017 17:09:01 +0000 (UTC)
 (envelope-from tijl@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vA7H7j2B079834;
 Tue, 7 Nov 2017 17:07:45 GMT (envelope-from tijl@FreeBSD.org)
Received: (from tijl@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id vA7H7j8L079832;
 Tue, 7 Nov 2017 17:07:45 GMT (envelope-from tijl@FreeBSD.org)
Message-Id: <201711071707.vA7H7j8L079832@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: tijl set sender to
 tijl@FreeBSD.org using -f
From: Tijl Coosemans <tijl@FreeBSD.org>
Date: Tue, 7 Nov 2017 17:07:45 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject: svn commit: r325518 - in stable/11/sys: amd64/amd64 i386/i386
X-SVN-Group: stable-11
X-SVN-Commit-Author: tijl
X-SVN-Commit-Paths: in stable/11/sys: amd64/amd64 i386/i386
X-SVN-Commit-Revision: 325518
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
 <svn-src-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-stable>, 
 <mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable/>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Nov 2017 17:09:01 -0000

Author: tijl
Date: Tue Nov  7 17:07:45 2017
New Revision: 325518
URL: https://svnweb.freebsd.org/changeset/base/325518

Log:
  MFC r325232
  
  Set the return address for stack entry points to zero.
  
  Stack unwinders treat zero as a stop condition.  The value on the stack can
  be non-zero because thread stacks may be arbitrary memory provided via
  pthread_attr_setstack(3) or may be recycled from previous threads.
  
  Reference:
  https://lists.freebsd.org/pipermail/freebsd-current/2017-August/066855.html
  https://lists.freebsd.org/pipermail/freebsd-current/2017-October/067254.html
  
  Discussed with:	kib

Modified:
  stable/11/sys/amd64/amd64/vm_machdep.c
  stable/11/sys/i386/i386/vm_machdep.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/amd64/amd64/vm_machdep.c
==============================================================================
--- stable/11/sys/amd64/amd64/vm_machdep.c	Tue Nov  7 16:59:52 2017	(r325517)
+++ stable/11/sys/amd64/amd64/vm_machdep.c	Tue Nov  7 17:07:45 2017	(r325518)
@@ -511,6 +511,9 @@ cpu_set_upcall(struct thread *td, void (*entry)(void *
 		   (((uintptr_t)stack->ss_sp + stack->ss_size - 4) & ~0x0f) - 4;
 		td->td_frame->tf_rip = (uintptr_t)entry;
 
+		/* Return address sentinel value to stop stack unwinding. */
+		suword32((void *)td->td_frame->tf_rsp, 0);
+
 		/* Pass the argument to the entry point. */
 		suword32((void *)(td->td_frame->tf_rsp + sizeof(int32_t)),
 		    (uint32_t)(uintptr_t)arg);
@@ -533,6 +536,9 @@ cpu_set_upcall(struct thread *td, void (*entry)(void *
 	td->td_frame->tf_fs = _ufssel;
 	td->td_frame->tf_gs = _ugssel;
 	td->td_frame->tf_flags = TF_HASSEGS;
+
+	/* Return address sentinel value to stop stack unwinding. */
+	suword((void *)td->td_frame->tf_rsp, 0);
 
 	/* Pass the argument to the entry point. */
 	td->td_frame->tf_rdi = (register_t)arg;

Modified: stable/11/sys/i386/i386/vm_machdep.c
==============================================================================
--- stable/11/sys/i386/i386/vm_machdep.c	Tue Nov  7 16:59:52 2017	(r325517)
+++ stable/11/sys/i386/i386/vm_machdep.c	Tue Nov  7 17:07:45 2017	(r325518)
@@ -530,6 +530,9 @@ cpu_set_upcall(struct thread *td, void (*entry)(void *
 	    (((int)stack->ss_sp + stack->ss_size - 4) & ~0x0f) - 4;
 	td->td_frame->tf_eip = (int)entry;
 
+	/* Return address sentinel value to stop stack unwinding. */
+	suword((void *)td->td_frame->tf_esp, 0);
+
 	/* Pass the argument to the entry point. */
 	suword((void *)(td->td_frame->tf_esp + sizeof(void *)),
 	    (int)arg);