1. 13 Dec, 2022 8 commits
  2. 12 Dec, 2022 3 commits
  3. 10 Dec, 2022 9 commits
  4. 09 Dec, 2022 6 commits
  5. 08 Dec, 2022 10 commits
  6. 06 Dec, 2022 2 commits
    • Guo Ren's avatar
      riscv: stacktrace: Make walk_stackframe cross pt_regs frame · 7ecdadf7
      Guo Ren authored
      The current walk_stackframe with FRAME_POINTER would stop unwinding at
      ret_from_exception:
        BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1518
        in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 1, name: init
        CPU: 0 PID: 1 Comm: init Not tainted 5.10.113-00021-g15c15974895c-dirty #192
        Call Trace:
        [<ffffffe0002038c8>] walk_stackframe+0x0/0xee
        [<ffffffe000aecf48>] show_stack+0x32/0x4a
        [<ffffffe000af1618>] dump_stack_lvl+0x72/0x8e
        [<ffffffe000af1648>] dump_stack+0x14/0x1c
        [<ffffffe000239ad2>] ___might_sleep+0x12e/0x138
        [<ffffffe000239aec>] __might_sleep+0x10/0x18
        [<ffffffe000afe3fe>] down_read+0x22/0xa4
        [<ffffffe000207588>] do_page_fault+0xb0/0x2fe
        [<ffffffe000201b80>] ret_from_exception+0x0/0xc
      
      The optimization would help walk_stackframe cross the pt_regs frame and
      get more backtrace of debug info:
        BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1518
        in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 1, name: init
        CPU: 0 PID: 1 Comm: init Not tainted 5.10.113-00021-g15c15974895c-dirty #192
        Call Trace:
        [<ffffffe0002038c8>] walk_stackframe+0x0/0xee
        [<ffffffe000aecf48>] show_stack+0x32/0x4a
        [<ffffffe000af1618>] dump_stack_lvl+0x72/0x8e
        [<ffffffe000af1648>] dump_stack+0x14/0x1c
        [<ffffffe000239ad2>] ___might_sleep+0x12e/0x138
        [<ffffffe000239aec>] __might_sleep+0x10/0x18
        [<ffffffe000afe3fe>] down_read+0x22/0xa4
        [<ffffffe000207588>] do_page_fault+0xb0/0x2fe
        [<ffffffe000201b80>] ret_from_exception+0x0/0xc
        [<ffffffe000613c06>] riscv_intc_irq+0x1a/0x72
        [<ffffffe000201b80>] ret_from_exception+0x0/0xc
        [<ffffffe00033f44a>] vma_link+0x54/0x160
        [<ffffffe000341d7a>] mmap_region+0x2cc/0x4d0
        [<ffffffe000342256>] do_mmap+0x2d8/0x3ac
        [<ffffffe000326318>] vm_mmap_pgoff+0x70/0xb8
        [<ffffffe00032638a>] vm_mmap+0x2a/0x36
        [<ffffffe0003cfdde>] elf_map+0x72/0x84
        [<ffffffe0003d05f8>] load_elf_binary+0x69a/0xec8
        [<ffffffe000376240>] bprm_execve+0x246/0x53a
        [<ffffffe00037786c>] kernel_execve+0xe8/0x124
        [<ffffffe000aecdf2>] run_init_process+0xfa/0x10c
        [<ffffffe000aece16>] try_to_run_init_process+0x12/0x3c
        [<ffffffe000afa920>] kernel_init+0xb4/0xf8
        [<ffffffe000201b80>] ret_from_exception+0x0/0xc
      
      Here is the error injection test code for the above output:
       drivers/irqchip/irq-riscv-intc.c:
       static asmlinkage void riscv_intc_irq(struct pt_regs *regs)
       {
              unsigned long cause = regs->cause & ~CAUSE_IRQ_FLAG;
      +       u32 tmp; __get_user(tmp, (u32 *)0);
      Signed-off-by: default avatarGuo Ren <guoren@linux.alibaba.com>
      Signed-off-by: default avatarGuo Ren <guoren@kernel.org>
      Link: https://lore.kernel.org/r/20221109064937.3643993-3-guoren@kernel.org
      [Palmer: use SYM_CODE_*]
      Signed-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
      7ecdadf7
    • Guo Ren's avatar
      riscv: stacktrace: Fixup ftrace_graph_ret_addr retp argument · 5c3022e4
      Guo Ren authored
      The 'retp' is a pointer to the return address on the stack, so we
      must pass the current return address pointer as the 'retp'
      argument to ftrace_push_return_trace(). Not parent function's
      return address on the stack.
      
      Fixes: b785ec12 ("riscv/ftrace: Add HAVE_FUNCTION_GRAPH_RET_ADDR_PTR support")
      Signed-off-by: default avatarGuo Ren <guoren@linux.alibaba.com>
      Signed-off-by: default avatarGuo Ren <guoren@kernel.org>
      Link: https://lore.kernel.org/r/20221109064937.3643993-2-guoren@kernel.org
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
      5c3022e4
  7. 05 Dec, 2022 2 commits
    • Li Huafei's avatar
      RISC-V: kexec: Fix memory leak of elf header buffer · cbc32023
      Li Huafei authored
      This is reported by kmemleak detector:
      
      unreferenced object 0xff2000000403d000 (size 4096):
        comm "kexec", pid 146, jiffies 4294900633 (age 64.792s)
        hex dump (first 32 bytes):
          7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00  .ELF............
          04 00 f3 00 01 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<00000000566ca97c>] kmemleak_vmalloc+0x3c/0xbe
          [<00000000979283d8>] __vmalloc_node_range+0x3ac/0x560
          [<00000000b4b3712a>] __vmalloc_node+0x56/0x62
          [<00000000854f75e2>] vzalloc+0x2c/0x34
          [<00000000e9a00db9>] crash_prepare_elf64_headers+0x80/0x30c
          [<0000000067e8bf48>] elf_kexec_load+0x3e8/0x4ec
          [<0000000036548e09>] kexec_image_load_default+0x40/0x4c
          [<0000000079fbe1b4>] sys_kexec_file_load+0x1c4/0x322
          [<0000000040c62c03>] ret_from_syscall+0x0/0x2
      
      In elf_kexec_load(), a buffer is allocated via vzalloc() to store elf
      headers.  While it's not freed back to system when kdump kernel is
      reloaded or unloaded, or when image->elf_header is successfully set and
      then fails to load kdump kernel for some reason. Fix it by freeing the
      buffer in arch_kimage_file_post_load_cleanup().
      
      Fixes: 8acea455 ("RISC-V: Support for kexec_file on panic")
      Signed-off-by: default avatarLi Huafei <lihuafei1@huawei.com>
      Reviewed-by: default avatarConor Dooley <conor.dooley@microchip.com>
      Link: https://lore.kernel.org/r/20221104095658.141222-2-lihuafei1@huawei.com
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
      cbc32023
    • Li Huafei's avatar
      RISC-V: kexec: Fix memory leak of fdt buffer · 96df59b1
      Li Huafei authored
      This is reported by kmemleak detector:
      
      unreferenced object 0xff60000082864000 (size 9588):
        comm "kexec", pid 146, jiffies 4294900634 (age 64.788s)
        hex dump (first 32 bytes):
          d0 0d fe ed 00 00 12 ed 00 00 00 48 00 00 11 40  ...........H...@
          00 00 00 28 00 00 00 11 00 00 00 02 00 00 00 00  ...(............
        backtrace:
          [<00000000f95b17c4>] kmemleak_alloc+0x34/0x3e
          [<00000000b9ec8e3e>] kmalloc_order+0x9c/0xc4
          [<00000000a95cf02e>] kmalloc_order_trace+0x34/0xb6
          [<00000000f01e68b4>] __kmalloc+0x5c2/0x62a
          [<000000002bd497b2>] kvmalloc_node+0x66/0xd6
          [<00000000906542fa>] of_kexec_alloc_and_setup_fdt+0xa6/0x6ea
          [<00000000e1166bde>] elf_kexec_load+0x206/0x4ec
          [<0000000036548e09>] kexec_image_load_default+0x40/0x4c
          [<0000000079fbe1b4>] sys_kexec_file_load+0x1c4/0x322
          [<0000000040c62c03>] ret_from_syscall+0x0/0x2
      
      In elf_kexec_load(), a buffer is allocated via kvmalloc() to store fdt.
      While it's not freed back to system when kexec kernel is reloaded or
      unloaded.  Then memory leak is caused.  Fix it by introducing riscv
      specific function arch_kimage_file_post_load_cleanup(), and freeing the
      buffer there.
      
      Fixes: 6261586e ("RISC-V: Add kexec_file support")
      Signed-off-by: default avatarLi Huafei <lihuafei1@huawei.com>
      Reviewed-by: default avatarConor Dooley <conor.dooley@microchip.com>
      Reviewed-by: default avatarLiao Chang <liaochang1@huawei.com>
      Link: https://lore.kernel.org/r/20221104095658.141222-1-lihuafei1@huawei.com
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
      96df59b1