1. 04 Oct, 2022 4 commits
    • Alex Sverdlin's avatar
      ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n · 823f606a
      Alex Sverdlin authored
      In case CONFIG_KASAN_VMALLOC=y kasan_populate_vmalloc() allocates the
      shadow pages dynamically. But even worse is that kasan_release_vmalloc()
      releases them, which is not compatible with create_mapping() of
      MODULES_VADDR..MODULES_END range:
      
      BUG: Bad page state in process kworker/9:1  pfn:2068b
      page:e5e06160 refcount:0 mapcount:0 mapping:00000000 index:0x0
      flags: 0x1000(reserved)
      raw: 00001000 e5e06164 e5e06164 00000000 00000000 00000000 ffffffff 00000000
      page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
      bad because of flags: 0x1000(reserved)
      Modules linked in: ip_tables
      CPU: 9 PID: 154 Comm: kworker/9:1 Not tainted 5.4.188-... #1
      Hardware name: LSI Axxia AXM55XX
      Workqueue: events do_free_init
      unwind_backtrace
      show_stack
      dump_stack
      bad_page
      free_pcp_prepare
      free_unref_page
      kasan_depopulate_vmalloc_pte
      __apply_to_page_range
      apply_to_existing_page_range
      kasan_release_vmalloc
      __purge_vmap_area_lazy
      _vm_unmap_aliases.part.0
      __vunmap
      do_free_init
      process_one_work
      worker_thread
      kthread
      Reviewed-by: default avatarLinus Walleij <linus.walleij@linaro.org>
      Signed-off-by: default avatarAlexander Sverdlin <alexander.sverdlin@nokia.com>
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      823f606a
    • Linus Walleij's avatar
      ARM: 9240/1: dma-mapping: Pass (void *) to virt_to_page() · 8770b9e5
      Linus Walleij authored
      Pointers to virtual memory functions are (void *) but the
      __dma_update_pte() function is passing an unsigned long.
      Fix this up by explicit cast.
      Signed-off-by: default avatarLinus Walleij <linus.walleij@linaro.org>
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      8770b9e5
    • Li Huafei's avatar
      ARM: 9234/1: stacktrace: Avoid duplicate saving of exception PC value · 752ec621
      Li Huafei authored
      Because an exception stack frame is not created in the exception entry,
      save_trace() does special handling for the exception PC, but this is
      only needed when CONFIG_FRAME_POINTER_UNWIND=y. When
      CONFIG_ARM_UNWIND=y, unwind annotations have been added to the exception
      entry and save_trace() will repeatedly save the exception PC:
      
          [0x7f000090] hrtimer_hander+0x8/0x10 [hrtimer]
          [0x8019ec50] __hrtimer_run_queues+0x18c/0x394
          [0x8019f760] hrtimer_run_queues+0xbc/0xd0
          [0x8019def0] update_process_times+0x34/0x80
          [0x801ad2a4] tick_periodic+0x48/0xd0
          [0x801ad3dc] tick_handle_periodic+0x1c/0x7c
          [0x8010f2e0] twd_handler+0x30/0x40
          [0x80177620] handle_percpu_devid_irq+0xa0/0x23c
          [0x801718d0] generic_handle_domain_irq+0x24/0x34
          [0x80502d28] gic_handle_irq+0x74/0x88
          [0x8085817c] generic_handle_arch_irq+0x58/0x78
          [0x80100ba8] __irq_svc+0x88/0xc8
          [0x80108114] arch_cpu_idle+0x38/0x3c
          [0x80108114] arch_cpu_idle+0x38/0x3c    <==== duplicate saved exception PC
          [0x80861bf8] default_idle_call+0x38/0x130
          [0x8015d5cc] do_idle+0x150/0x214
          [0x8015d978] cpu_startup_entry+0x18/0x1c
          [0x808589c0] rest_init+0xd8/0xdc
          [0x80c00a44] arch_post_acpi_subsys_init+0x0/0x8
      
      We can move the special handling of the exception PC in save_trace() to
      the unwind_frame() of the frame pointer unwinder.
      Signed-off-by: default avatarLi Huafei <lihuafei1@huawei.com>
      Reviewed-by: default avatarLinus Waleij <linus.walleij@linaro.org>
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      752ec621
    • Li Huafei's avatar
      ARM: 9233/1: stacktrace: Skip frame pointer boundary check for call_with_stack() · 5854e4d8
      Li Huafei authored
      When using the frame pointer unwinder, it was found that the stack trace
      output of stack_trace_save() is incomplete if the stack contains
      call_with_stack():
      
       [0x7f00002c] dump_stack_task+0x2c/0x90 [hrtimer]
       [0x7f0000a0] hrtimer_hander+0x10/0x18 [hrtimer]
       [0x801a67f0] __hrtimer_run_queues+0x1b0/0x3b4
       [0x801a7350] hrtimer_run_queues+0xc4/0xd8
       [0x801a597c] update_process_times+0x3c/0x88
       [0x801b5a98] tick_periodic+0x50/0xd8
       [0x801b5bf4] tick_handle_periodic+0x24/0x84
       [0x8010ffc4] twd_handler+0x38/0x48
       [0x8017d220] handle_percpu_devid_irq+0xa8/0x244
       [0x80176e9c] generic_handle_domain_irq+0x2c/0x3c
       [0x8052e3a8] gic_handle_irq+0x7c/0x90
       [0x808ab15c] generic_handle_arch_irq+0x60/0x80
       [0x8051191c] call_with_stack+0x1c/0x20
      
      For the frame pointer unwinder, unwind_frame() checks stackframe::fp by
      stackframe::sp. Since call_with_stack() switches the SP from one stack
      to another, stackframe::fp and stackframe: :sp will point to different
      stacks, so we can no longer check stackframe::fp by stackframe::sp. Skip
      checking stackframe::fp at this point to avoid this problem.
      Signed-off-by: default avatarLi Huafei <lihuafei1@huawei.com>
      Reviewed-by: default avatarLinus Waleij <linus.walleij@linaro.org>
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      5854e4d8
  2. 22 Sep, 2022 1 commit
    • Zhen Lei's avatar
      ARM: 9224/1: Dump the stack traces based on the parameter 'regs' of show_regs() · 09cffeca
      Zhen Lei authored
      Function show_regs() is usually called in interrupt handler or exception
      handler, it prints the registers specified by the parameter 'regs', then
      dump the stack traces. Although not explicitly documented, dump the stack
      traces based on'regs' seems to make the most sense. Although dump_stack()
      can finally dump the desired content, because 'regs' are saved by the
      entry of current interrupt or exception. In the following example we can
      see: 1) The backtrace of interrupt or exception handler is not expected,
      it causes confusion. 2) Something is printed repeatedly. The line with
      the kernel version "CPU: 0 PID: 70 Comm: test0 Not tainted 5.19.0+ #8",
      the registers saved in "Exception stack" which 'regs' actually point to.
      
      For example:
      rcu: INFO: rcu_sched self-detected stall on CPU
      rcu:    0-....: (499 ticks this GP) idle=379/1/0x40000002 softirq=91/91 fqs=249
              (t=500 jiffies g=-911 q=13 ncpus=4)
      CPU: 0 PID: 70 Comm: test0 Not tainted 5.19.0+ #8
      Hardware name: ARM-Versatile Express
      PC is at ktime_get+0x4c/0xe8
      LR is at ktime_get+0x4c/0xe8
      pc : 8019a474  lr : 8019a474  psr: 60000013
      sp : cabd1f28  ip : 00000001  fp : 00000005
      r10: 527bf1b8  r9 : 431bde82  r8 : d7b634db
      r7 : 0000156e  r6 : 61f234f8  r5 : 00000001  r4 : 80ca86c0
      r3 : ffffffff  r2 : fe5bce0b  r1 : 00000000  r0 : 01a431f4
      Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
      Control: 10c5387d  Table: 6121406a  DAC: 00000051
      CPU: 0 PID: 70 Comm: test0 Not tainted 5.19.0+ #8  <-----------start----------
      Hardware name: ARM-Versatile Express                                          |
       unwind_backtrace from show_stack+0x10/0x14                                   |
       show_stack from dump_stack_lvl+0x40/0x4c                                     |
       dump_stack_lvl from rcu_dump_cpu_stacks+0x10c/0x134                          |
       rcu_dump_cpu_stacks from rcu_sched_clock_irq+0x780/0xaf4                     |
       rcu_sched_clock_irq from update_process_times+0x54/0x74                      |
       update_process_times from tick_periodic+0x3c/0xd4                            |
       tick_periodic from tick_handle_periodic+0x20/0x80                       worthless
       tick_handle_periodic from twd_handler+0x30/0x40                             or
       twd_handler from handle_percpu_devid_irq+0x8c/0x1c8                    duplicated
       handle_percpu_devid_irq from generic_handle_domain_irq+0x24/0x34             |
       generic_handle_domain_irq from gic_handle_irq+0x74/0x88                      |
       gic_handle_irq from generic_handle_arch_irq+0x34/0x44                        |
       generic_handle_arch_irq from call_with_stack+0x18/0x20                       |
       call_with_stack from __irq_svc+0x98/0xb0                                     |
      Exception stack(0xcabd1ed8 to 0xcabd1f20)                                     |
      1ec0:                                                       01a431f4 00000000 |
      1ee0: fe5bce0b ffffffff 80ca86c0 00000001 61f234f8 0000156e d7b634db 431bde82 |
      1f00: 527bf1b8 00000005 00000001 cabd1f28 8019a474 8019a474 60000013 ffffffff |
       __irq_svc from ktime_get+0x4c/0xe8                 <---------end--------------
       ktime_get from test_task+0x44/0x110
       test_task from kthread+0xd8/0xf4
       kthread from ret_from_fork+0x14/0x2c
      Exception stack(0xcabd1fb0 to 0xcabd1ff8)
      1fa0:                                     00000000 00000000 00000000 00000000
      1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
      1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
      
      After replacing dump_stack() with dump_backtrace():
      rcu: INFO: rcu_sched self-detected stall on CPU
      rcu:    0-....: (500 ticks this GP) idle=8f7/1/0x40000002 softirq=129/129 fqs=241
              (t=500 jiffies g=-915 q=13 ncpus=4)
      CPU: 0 PID: 69 Comm: test0 Not tainted 5.19.0+ #9
      Hardware name: ARM-Versatile Express
      PC is at ktime_get+0x4c/0xe8
      LR is at ktime_get+0x4c/0xe8
      pc : 8019a494  lr : 8019a494  psr: 60000013
      sp : cabddf28  ip : 00000001  fp : 00000002
      r10: 0779cb48  r9 : 431bde82  r8 : d7b634db
      r7 : 00000a66  r6 : e835ab70  r5 : 00000001  r4 : 80ca86c0
      r3 : ffffffff  r2 : ff337d39  r1 : 00000000  r0 : 00cc82c6
      Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
      Control: 10c5387d  Table: 611d006a  DAC: 00000051
       ktime_get from test_task+0x44/0x110
       test_task from kthread+0xd8/0xf4
       kthread from ret_from_fork+0x14/0x2c
      Exception stack(0xcabddfb0 to 0xcabddff8)
      dfa0:                                     00000000 00000000 00000000 00000000
      dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
      dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
      Signed-off-by: default avatarZhen Lei <thunder.leizhen@huawei.com>
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      09cffeca
  3. 31 Aug, 2022 3 commits
  4. 30 Aug, 2022 1 commit
  5. 28 Aug, 2022 25 commits
  6. 27 Aug, 2022 6 commits