Commit f46b1dc5 authored by Matt Redfearn's avatar Matt Redfearn Committed by Greg Kroah-Hartman

MIPS: Handle non word sized instructions when examining frame

[ Upstream commit 11887ed1 ]

Commit 34c2f668 ("MIPS: microMIPS: Add unaligned access support.")
added fairly broken support for handling 16bit microMIPS instructions in
get_frame_info(). It adjusts the instruction pointer by 16bits in the
case of a 16bit sp move instruction, but not any other 16bit

Commit b6c7a324 ("MIPS: Fix get_frame_info() handling of microMIPS
function size") goes some way to fixing get_frame_info() to iterate over
microMIPS instuctions, but the instruction pointer is still manipulated
using a postincrement, and is of union mips_instruction type. Since the
union is sized to the largest member (a word), but microMIPS
instructions are a mix of halfword and word sizes, the function does not
always iterate correctly, ending up misaligned with the instruction
stream and interpreting it incorrectly.

Since the instruction modifying the stack pointer is usually the first
in the function, that one is usually handled correctly. But the
instruction which saves the return address to the sp is some variable
number of instructions into the frame and is frequently missed due to
not being on a word boundary, leading to incomplete walking of the

Fix this by incrementing the instruction pointer based on the size of
the previously decoded instruction (& remove the hack introduced by
commit 34c2f668 ("MIPS: microMIPS: Add unaligned access support.")
which adjusts the instruction pointer in the case of a 16bit sp move
instruction, but not any other).

Fixes: 34c2f668 ("MIPS: microMIPS: Add unaligned access support.")
Signed-off-by: default avatarMatt Redfearn <>
Cc: Marcin Nowakowski <>
Cc: James Hogan <>
Cc: Ingo Molnar <>
Cc: Paul Burton <>
Patchwork: default avatarRalf Baechle <>
Signed-off-by: default avatarSasha Levin <>
parent 8025a417
......@@ -341,6 +341,7 @@ static int get_frame_info(struct mips_frame_info *info)
union mips_instruction insn, *ip, *ip_end;
const unsigned int max_insns = 128;
unsigned int last_insn_size = 0;
unsigned int i;
info->pc_offset = -1;
......@@ -352,15 +353,19 @@ static int get_frame_info(struct mips_frame_info *info)
ip_end = (void *)ip + info->func_size;
for (i = 0; i < max_insns && ip < ip_end; i++, ip++) {
for (i = 0; i < max_insns && ip < ip_end; i++) {
ip = (void *)ip + last_insn_size;
if (is_mmips && mm_insn_16bit(ip->halfword[0])) {
insn.halfword[0] = 0;
insn.halfword[1] = ip->halfword[0];
last_insn_size = 2;
} else if (is_mmips) {
insn.halfword[0] = ip->halfword[1];
insn.halfword[1] = ip->halfword[0];
last_insn_size = 4;
} else {
insn.word = ip->word;
last_insn_size = 4;
if (is_jump_ins(&insn))
......@@ -382,8 +387,6 @@ static int get_frame_info(struct mips_frame_info *info)
tmp = (ip->halfword[0] >> 1);
info->frame_size = -(signed short)(tmp & 0xf);
ip = (void *) &ip->halfword[1];
} else
info->frame_size = - ip->i_format.simmediate;
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment