Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nice stack smashing postmortem message #8670

Merged
merged 2 commits into from
Oct 31, 2022

Conversation

mcspr
Copy link
Collaborator

@mcspr mcspr commented Sep 9, 2022

Wire everything that relies on stack smashing detection to call __stack_chk_fail() (aka what libssp / ssp / stack-protector uses) Expose it in our debugging header

Rename overflow -> smashing, as these are different things we are trying to detect (meaning, that we check for things writing there, not some kind of alloca issue or the way -fstack-check would have worked) ref. #8666

-fstack-protector continues to work as it always did CONT replaces abort(), also moves its check to the loop wrapper to avoid dumping otherwise useless SYS context memory StackThunk replaces a similar abort() call

Wire everything that relies on stack smashing detection to call
`__stack_chk_fail()` (aka what libssp / ssp / stack-protector uses)
Expose it in our debugging header

Rename overflow -> smashing, as these are different things we are trying
to detect (meaning, that we check for things writing there, not some
kind of `alloca` issue or the way `-fstack-check` would have worked)
ref. esp8266#8666

`-fstack-protector` continues to work as it always did
CONT replaces `abort()`, also moves its check to the loop wrapper to
avoid dumping otherwise useless SYS context memory
StackThunk replaces a similar `abort()` call
@d-a-v d-a-v added the alpha included in alpha release label Sep 13, 2022
@d-a-v d-a-v added this to the 3.1 milestone Sep 13, 2022
@mcspr
Copy link
Collaborator Author

mcspr commented Sep 13, 2022

btw, something to reproduce failures

#include <Arduino.h>
#include <StackThunk.h>

#include <umm_malloc/umm_malloc.h>
#include <cont.h>
#include <user_interface.h>

#include <array>

// reproduce crash for all three methods, in sequence
constexpr uintptr_t RtcMem { 0x60001200 + 128 };
auto* count = reinterpret_cast<volatile uint32_t*>(RtcMem);

extern "C" rst_info resetInfo;

// there is only a single thunk in the app
extern "C" void thunk_failme();
extern "C" void failme() {
    printf("will ravage %p\n", stack_thunk_ptr);
    *stack_thunk_ptr = 0xfafafafa;
}

make_stack_thunk(failme)

// needs -fstack-protector to work
void ssp_failme() __attribute__((stack_protect));
void ssp_failme() {
    char buf[4];
    strcpy(buf, "ABCDE");
    puts(buf);
}

void setup() {
    Serial.begin(115200);

    switch (resetInfo.reason) {
    case REASON_DEFAULT_RST:
    case REASON_EXT_SYS_RST:
        *count = 0;
        break;
    }
}

void loop() {
    const auto last = *count;
    *count = ((last + 1) % 3);

    puts("");
    printf("%u - wait for it...\n", last);
    delay(3000);

    switch (last) {
    case 0:
        g_pcont->stack_guard1 = 0xfafafafa;
        g_pcont->stack_guard2 = 0xfafafafa;
        break;
    case 1:
        stack_thunk_add_ref();
        thunk_failme();
        break;
    case 2:
        ssp_failme();
        break;
    }
}

@mcspr mcspr merged commit bde8ef7 into esp8266:master Oct 31, 2022
@mcspr mcspr deleted the stack-smashing-morty branch October 31, 2022 04:15
hasenradball pushed a commit to hasenradball/Arduino that referenced this pull request Nov 18, 2024
Wire everything that relies on stack smashing detection to call
`__stack_chk_fail()` (aka what libssp / ssp / stack-protector uses)
Expose it in our debugging header

Rename overflow -> smashing, as these are different things we are trying
to detect (meaning, that we check for things writing there, not some
kind of `alloca` issue or the way `-fstack-check` would have worked)
ref. esp8266#8666

`-fstack-protector` continues to work as it always did
CONT replaces `abort()`, also moves its check to the loop wrapper to
avoid dumping otherwise useless SYS context memory
StackThunk replaces a similar `abort()` call
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
alpha included in alpha release
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants