diff options
Diffstat (limited to '')
-rw-r--r-- | debian/patches-rt/0305-lib-ubsan-Don-t-seralize-UBSAN-report.patch | 308 |
1 files changed, 308 insertions, 0 deletions
diff --git a/debian/patches-rt/0305-lib-ubsan-Don-t-seralize-UBSAN-report.patch b/debian/patches-rt/0305-lib-ubsan-Don-t-seralize-UBSAN-report.patch new file mode 100644 index 000000000..0d8dba5e3 --- /dev/null +++ b/debian/patches-rt/0305-lib-ubsan-Don-t-seralize-UBSAN-report.patch @@ -0,0 +1,308 @@ +From 7310d776df7bc46b442c51d6b723b77ef6614830 Mon Sep 17 00:00:00 2001 +From: Julien Grall <julien.grall@arm.com> +Date: Fri, 20 Sep 2019 11:08:35 +0100 +Subject: [PATCH 305/347] lib/ubsan: Don't seralize UBSAN report +Origin: https://www.kernel.org/pub/linux/kernel/projects/rt/4.19/older/patches-4.19.246-rt110.tar.xz + +[ Upstream commit 4702c28ac777b27acb499cbd5e8e787ce1a7d82d ] + +At the moment, UBSAN report will be serialized using a spin_lock(). On +RT-systems, spinlocks are turned to rt_spin_lock and may sleep. This will +result to the following splat if the undefined behavior is in a context +that can sleep: + +| BUG: sleeping function called from invalid context at /src/linux/kernel/locking/rtmutex.c:968 +| in_atomic(): 1, irqs_disabled(): 128, pid: 3447, name: make +| 1 lock held by make/3447: +| #0: 000000009a966332 (&mm->mmap_sem){++++}, at: do_page_fault+0x140/0x4f8 +| Preemption disabled at: +| [<ffff000011324a4c>] rt_mutex_futex_unlock+0x4c/0xb0 +| CPU: 3 PID: 3447 Comm: make Tainted: G W 5.2.14-rt7-01890-ge6e057589653 #911 +| Call trace: +| dump_backtrace+0x0/0x148 +| show_stack+0x14/0x20 +| dump_stack+0xbc/0x104 +| ___might_sleep+0x154/0x210 +| rt_spin_lock+0x68/0xa0 +| ubsan_prologue+0x30/0x68 +| handle_overflow+0x64/0xe0 +| __ubsan_handle_add_overflow+0x10/0x18 +| __lock_acquire+0x1c28/0x2a28 +| lock_acquire+0xf0/0x370 +| _raw_spin_lock_irqsave+0x58/0x78 +| rt_mutex_futex_unlock+0x4c/0xb0 +| rt_spin_unlock+0x28/0x70 +| get_page_from_freelist+0x428/0x2b60 +| __alloc_pages_nodemask+0x174/0x1708 +| alloc_pages_vma+0x1ac/0x238 +| __handle_mm_fault+0x4ac/0x10b0 +| handle_mm_fault+0x1d8/0x3b0 +| do_page_fault+0x1c8/0x4f8 +| do_translation_fault+0xb8/0xe0 +| do_mem_abort+0x3c/0x98 +| el0_da+0x20/0x24 + +The spin_lock() will protect against multiple CPUs to output a report +together, I guess to prevent them to be interleaved. However, they can +still interleave with other messages (and even splat from __migth_sleep). + +So the lock usefulness seems pretty limited. Rather than trying to +accomodate RT-system by switching to a raw_spin_lock(), the lock is now +completely dropped. + +Link: https://lkml.kernel.org/r/20190920100835.14999-1-julien.grall@arm.com +Reported-by: Andre Przywara <andre.przywara@arm.com> +Signed-off-by: Julien Grall <julien.grall@arm.com> +Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> +Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> +Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> +--- + lib/ubsan.c | 64 +++++++++++++++++++---------------------------------- + 1 file changed, 23 insertions(+), 41 deletions(-) + +diff --git a/lib/ubsan.c b/lib/ubsan.c +index 1e9e2ab25539..5830cc9a2164 100644 +--- a/lib/ubsan.c ++++ b/lib/ubsan.c +@@ -143,25 +143,21 @@ static void val_to_string(char *str, size_t size, struct type_descriptor *type, + } + } + +-static DEFINE_SPINLOCK(report_lock); +- +-static void ubsan_prologue(struct source_location *location, +- unsigned long *flags) ++static void ubsan_prologue(struct source_location *location) + { + current->in_ubsan++; +- spin_lock_irqsave(&report_lock, *flags); + + pr_err("========================================" + "========================================\n"); + print_source_location("UBSAN: Undefined behaviour in", location); + } + +-static void ubsan_epilogue(unsigned long *flags) ++static void ubsan_epilogue(void) + { + dump_stack(); + pr_err("========================================" + "========================================\n"); +- spin_unlock_irqrestore(&report_lock, *flags); ++ + current->in_ubsan--; + } + +@@ -170,14 +166,13 @@ static void handle_overflow(struct overflow_data *data, void *lhs, + { + + struct type_descriptor *type = data->type; +- unsigned long flags; + char lhs_val_str[VALUE_LENGTH]; + char rhs_val_str[VALUE_LENGTH]; + + if (suppress_report(&data->location)) + return; + +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + + val_to_string(lhs_val_str, sizeof(lhs_val_str), type, lhs); + val_to_string(rhs_val_str, sizeof(rhs_val_str), type, rhs); +@@ -189,7 +184,7 @@ static void handle_overflow(struct overflow_data *data, void *lhs, + rhs_val_str, + type->type_name); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + + void __ubsan_handle_add_overflow(struct overflow_data *data, +@@ -217,20 +212,19 @@ EXPORT_SYMBOL(__ubsan_handle_mul_overflow); + void __ubsan_handle_negate_overflow(struct overflow_data *data, + void *old_val) + { +- unsigned long flags; + char old_val_str[VALUE_LENGTH]; + + if (suppress_report(&data->location)) + return; + +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + + val_to_string(old_val_str, sizeof(old_val_str), data->type, old_val); + + pr_err("negation of %s cannot be represented in type %s:\n", + old_val_str, data->type->type_name); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + EXPORT_SYMBOL(__ubsan_handle_negate_overflow); + +@@ -238,13 +232,12 @@ EXPORT_SYMBOL(__ubsan_handle_negate_overflow); + void __ubsan_handle_divrem_overflow(struct overflow_data *data, + void *lhs, void *rhs) + { +- unsigned long flags; + char rhs_val_str[VALUE_LENGTH]; + + if (suppress_report(&data->location)) + return; + +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + + val_to_string(rhs_val_str, sizeof(rhs_val_str), data->type, rhs); + +@@ -254,58 +247,52 @@ void __ubsan_handle_divrem_overflow(struct overflow_data *data, + else + pr_err("division by zero\n"); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + EXPORT_SYMBOL(__ubsan_handle_divrem_overflow); + + static void handle_null_ptr_deref(struct type_mismatch_data_common *data) + { +- unsigned long flags; +- + if (suppress_report(data->location)) + return; + +- ubsan_prologue(data->location, &flags); ++ ubsan_prologue(data->location); + + pr_err("%s null pointer of type %s\n", + type_check_kinds[data->type_check_kind], + data->type->type_name); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + + static void handle_misaligned_access(struct type_mismatch_data_common *data, + unsigned long ptr) + { +- unsigned long flags; +- + if (suppress_report(data->location)) + return; + +- ubsan_prologue(data->location, &flags); ++ ubsan_prologue(data->location); + + pr_err("%s misaligned address %p for type %s\n", + type_check_kinds[data->type_check_kind], + (void *)ptr, data->type->type_name); + pr_err("which requires %ld byte alignment\n", data->alignment); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + + static void handle_object_size_mismatch(struct type_mismatch_data_common *data, + unsigned long ptr) + { +- unsigned long flags; +- + if (suppress_report(data->location)) + return; + +- ubsan_prologue(data->location, &flags); ++ ubsan_prologue(data->location); + pr_err("%s address %p with insufficient space\n", + type_check_kinds[data->type_check_kind], + (void *) ptr); + pr_err("for an object of type %s\n", data->type->type_name); +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + + static void ubsan_type_mismatch_common(struct type_mismatch_data_common *data, +@@ -369,25 +356,23 @@ EXPORT_SYMBOL(__ubsan_handle_vla_bound_not_positive); + + void __ubsan_handle_out_of_bounds(struct out_of_bounds_data *data, void *index) + { +- unsigned long flags; + char index_str[VALUE_LENGTH]; + + if (suppress_report(&data->location)) + return; + +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + + val_to_string(index_str, sizeof(index_str), data->index_type, index); + pr_err("index %s is out of range for type %s\n", index_str, + data->array_type->type_name); +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + EXPORT_SYMBOL(__ubsan_handle_out_of_bounds); + + void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data, + void *lhs, void *rhs) + { +- unsigned long flags; + struct type_descriptor *rhs_type = data->rhs_type; + struct type_descriptor *lhs_type = data->lhs_type; + char rhs_str[VALUE_LENGTH]; +@@ -396,7 +381,7 @@ void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data, + if (suppress_report(&data->location)) + return; + +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + + val_to_string(rhs_str, sizeof(rhs_str), rhs_type, rhs); + val_to_string(lhs_str, sizeof(lhs_str), lhs_type, lhs); +@@ -419,18 +404,16 @@ void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data, + lhs_str, rhs_str, + lhs_type->type_name); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + EXPORT_SYMBOL(__ubsan_handle_shift_out_of_bounds); + + + void __ubsan_handle_builtin_unreachable(struct unreachable_data *data) + { +- unsigned long flags; +- +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + pr_err("calling __builtin_unreachable()\n"); +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + panic("can't return from __builtin_unreachable()"); + } + EXPORT_SYMBOL(__ubsan_handle_builtin_unreachable); +@@ -438,19 +421,18 @@ EXPORT_SYMBOL(__ubsan_handle_builtin_unreachable); + void __ubsan_handle_load_invalid_value(struct invalid_value_data *data, + void *val) + { +- unsigned long flags; + char val_str[VALUE_LENGTH]; + + if (suppress_report(&data->location)) + return; + +- ubsan_prologue(&data->location, &flags); ++ ubsan_prologue(&data->location); + + val_to_string(val_str, sizeof(val_str), data->type, val); + + pr_err("load of value %s is not a valid value for type %s\n", + val_str, data->type->type_name); + +- ubsan_epilogue(&flags); ++ ubsan_epilogue(); + } + EXPORT_SYMBOL(__ubsan_handle_load_invalid_value); +-- +2.36.1 + |