linux/arch/arm64/kernel
Qais Yousef 75bd4bff30 arm64: kprobes: Fix Uexpected kernel BRK exception at EL1
I was hitting the below panic continuously when attaching kprobes to
scheduler functions

	[  159.045212] Unexpected kernel BRK exception at EL1
	[  159.053753] Internal error: BRK handler: f2000006 [#1] PREEMPT SMP
	[  159.059954] Modules linked in:
	[  159.063025] CPU: 2 PID: 0 Comm: swapper/2 Not tainted 5.11.0-rc4-00008-g1e2a199f6ccd #56
	[rt-app] <notice> [1] Exiting.[  159.071166] Hardware name: ARM Juno development board (r2) (DT)
	[  159.079689] pstate: 600003c5 (nZCv DAIF -PAN -UAO -TCO BTYPE=--)

	[  159.085723] pc : 0xffff80001624501c
	[  159.089377] lr : attach_entity_load_avg+0x2ac/0x350
	[  159.094271] sp : ffff80001622b640
	[rt-app] <notice> [0] Exiting.[  159.097591] x29: ffff80001622b640 x28: 0000000000000001
	[  159.105515] x27: 0000000000000049 x26: ffff000800b79980

	[  159.110847] x25: ffff00097ef37840 x24: 0000000000000000
	[  159.116331] x23: 00000024eacec1ec x22: ffff00097ef12b90
	[  159.121663] x21: ffff00097ef37700 x20: ffff800010119170
	[rt-app] <notice> [11] Exiting.[  159.126995] x19: ffff00097ef37840 x18: 000000000000000e
	[  159.135003] x17: 0000000000000001 x16: 0000000000000019
	[  159.140335] x15: 0000000000000000 x14: 0000000000000000
	[  159.145666] x13: 0000000000000002 x12: 0000000000000002
	[  159.150996] x11: ffff80001592f9f0 x10: 0000000000000060
	[  159.156327] x9 : ffff8000100f6f9c x8 : be618290de0999a1
	[  159.161659] x7 : ffff80096a4b1000 x6 : 0000000000000000
	[  159.166990] x5 : ffff00097ef37840 x4 : 0000000000000000
	[  159.172321] x3 : ffff000800328948 x2 : 0000000000000000
	[  159.177652] x1 : 0000002507d52fec x0 : ffff00097ef12b90
	[  159.182983] Call trace:
	[  159.185433]  0xffff80001624501c
	[  159.188581]  update_load_avg+0x2d0/0x778
	[  159.192516]  enqueue_task_fair+0x134/0xe20
	[  159.196625]  enqueue_task+0x4c/0x2c8
	[  159.200211]  ttwu_do_activate+0x70/0x138
	[  159.204147]  sched_ttwu_pending+0xbc/0x160
	[  159.208253]  flush_smp_call_function_queue+0x16c/0x320
	[  159.213408]  generic_smp_call_function_single_interrupt+0x1c/0x28
	[  159.219521]  ipi_handler+0x1e8/0x3c8
	[  159.223106]  handle_percpu_devid_irq+0xd8/0x460
	[  159.227650]  generic_handle_irq+0x38/0x50
	[  159.231672]  __handle_domain_irq+0x6c/0xc8
	[  159.235781]  gic_handle_irq+0xcc/0xf0
	[  159.239452]  el1_irq+0xb4/0x180
	[  159.242600]  rcu_is_watching+0x28/0x70
	[  159.246359]  rcu_read_lock_held_common+0x44/0x88
	[  159.250991]  rcu_read_lock_any_held+0x30/0xc0
	[  159.255360]  kretprobe_dispatcher+0xc4/0xf0
	[  159.259555]  __kretprobe_trampoline_handler+0xc0/0x150
	[  159.264710]  trampoline_probe_handler+0x38/0x58
	[  159.269255]  kretprobe_trampoline+0x70/0xc4
	[  159.273450]  run_rebalance_domains+0x54/0x80
	[  159.277734]  __do_softirq+0x164/0x684
	[  159.281406]  irq_exit+0x198/0x1b8
	[  159.284731]  __handle_domain_irq+0x70/0xc8
	[  159.288840]  gic_handle_irq+0xb0/0xf0
	[  159.292510]  el1_irq+0xb4/0x180
	[  159.295658]  arch_cpu_idle+0x18/0x28
	[  159.299245]  default_idle_call+0x9c/0x3e8
	[  159.303265]  do_idle+0x25c/0x2a8
	[  159.306502]  cpu_startup_entry+0x2c/0x78
	[  159.310436]  secondary_start_kernel+0x160/0x198
	[  159.314984] Code: d42000c0 aa1e03e9 d42000c0 aa1e03e9 (d42000c0)

After a bit of head scratching and debugging it turned out that it is
due to kprobe handler being interrupted by a tick that causes us to go
into (I think another) kprobe handler.

The culprit was kprobe_breakpoint_ss_handler() returning DBG_HOOK_ERROR
which leads to the Unexpected kernel BRK exception.

Reverting commit ba090f9caf ("arm64: kprobes: Remove redundant
kprobe_step_ctx") seemed to fix the problem for me.

Further analysis showed that kcb->kprobe_status is set to
KPROBE_REENTER when the error occurs. By teaching
kprobe_breakpoint_ss_handler() to handle this status I can no  longer
reproduce the problem.

Fixes: ba090f9caf ("arm64: kprobes: Remove redundant kprobe_step_ctx")
Signed-off-by: Qais Yousef <qais.yousef@arm.com>
Acked-by: Will Deacon <will@kernel.org>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Link: https://lore.kernel.org/r/20210122110909.3324607-1-qais.yousef@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2021-01-22 16:05:29 +00:00
..
probes arm64: kprobes: Fix Uexpected kernel BRK exception at EL1 2021-01-22 16:05:29 +00:00
vdso arm64: vdso: disable .eh_frame_hdr via /DISCARD/ instead of --no-eh-frame-hdr 2021-01-05 17:52:13 +00:00
vdso32 arm64: lto: Strengthen READ_ONCE() to acquire when CONFIG_LTO=y 2020-11-09 21:49:34 +00:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
acpi_numa.c
acpi_parking_protocol.c
acpi.c arm64: permit ACPI core to map kernel memory used for table overrides 2020-09-30 22:27:51 +01:00
alternative.c arm64: alternatives: Remove READ_ONCE() usage during patch operation 2020-11-09 21:49:34 +00:00
armv8_deprecated.c arm64: uaccess: rename privileged uaccess routines 2020-12-02 19:49:10 +00:00
asm-offsets.c arm64: rename S_FRAME_SIZE to PT_REGS_SIZE 2021-01-13 15:09:06 +00:00
cacheinfo.c arm64 updates for 5.3: 2019-07-08 09:54:55 -07:00
cpu_errata.c Merge branch 'kvm-arm64/vector-rework' into kvmarm-master/next 2020-11-27 11:47:08 +00:00
cpu_ops.c arm64: Introduce get_cpu_ops() helper function 2020-03-24 17:24:19 +00:00
cpu-reset.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cpu-reset.S arm64/relocate_kernel: remove redundant code 2020-09-11 19:06:25 +01:00
cpufeature.c x86: 2021-01-08 15:06:02 -08:00
cpuidle.c arm64: Introduce get_cpu_ops() helper function 2020-03-24 17:24:19 +00:00
cpuinfo.c arm64: avoid -Woverride-init warning 2020-10-28 13:38:36 +00:00
crash_core.c arm64/crash_core: Export TCR_EL1.T1SZ in vmcoreinfo 2020-07-02 17:56:49 +01:00
crash_dump.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
debug-monitors.c arm64: expose FAR_EL1 tag bits in siginfo 2020-11-23 18:17:39 +00:00
efi-entry.S arm64 updates for 5.8 2020-06-01 15:18:27 -07:00
efi-header.S arm64: head: tidy up the Image header definition 2020-11-17 16:14:20 +00:00
efi-rt-wrapper.S Merge branch 'for-next/scs' into for-next/core 2020-05-28 18:03:40 +01:00
efi.c treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00
entry-common.c Merge remote-tracking branch 'arm64/for-next/fixes' into for-next/core 2020-12-09 18:04:55 +00:00
entry-fpsimd.S arm64/sve: Implement a helper to load SVE registers from FPSIMD state 2020-09-21 18:06:33 +01:00
entry-ftrace.S arm64: rename S_FRAME_SIZE to PT_REGS_SIZE 2021-01-13 15:09:06 +00:00
entry.S arm64: rename S_FRAME_SIZE to PT_REGS_SIZE 2021-01-13 15:09:06 +00:00
fpsimd.c arm64: reject prctl(PR_PAC_RESET_KEYS) on compat tasks 2020-10-15 10:50:09 +01:00
ftrace.c arm64: ftrace: Change CONFIG_FTRACE_WITH_REGS to CONFIG_DYNAMIC_FTRACE_WITH_REGS 2020-06-08 15:44:59 +01:00
head.S kasan, arm64: expand CONFIG_KASAN checks 2020-12-22 12:55:08 -08:00
hibernate-asm.S arm64: kernel: Convert to modern annotations for assembly functions 2020-05-04 12:46:03 +01:00
hibernate.c arm64: mte: reset the page tag in page->flags 2020-12-22 12:55:07 -08:00
hw_breakpoint.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
hyp-stub.S arm64: kernel: Convert to modern annotations for assembly functions 2020-05-04 12:46:03 +01:00
image-vars.h kasan, arm64: expand CONFIG_KASAN checks 2020-12-22 12:55:08 -08:00
image.h arm64: get rid of TEXT_OFFSET 2020-09-07 15:00:52 +01:00
insn.c arm64: kprobe: disable probe of fault prone ptrauth instruction 2020-09-14 12:07:02 +01:00
io.c
irq.c Merge remote-tracking branch 'arm64/for-next/fixes' into for-next/core 2020-12-09 18:04:55 +00:00
jump_label.c
kaslr.c kasan, arm64: expand CONFIG_KASAN checks 2020-12-22 12:55:08 -08:00
kexec_image.c arm64: kexec_file: Fix sparse warning 2020-11-10 13:11:44 +00:00
kgdb.c arm64: kgdb: Fix single-step exception handling oops 2020-07-08 22:18:54 +01:00
kuser32.S docs: arm: convert docs to ReST and rename to *.rst 2019-07-15 09:20:24 -03:00
machine_kexec_file.c arm64: kexec_file: try more regions if loading segments fails 2020-11-05 21:48:05 +00:00
machine_kexec.c arm64: fix the flush_icache_range arguments in machine_kexec 2020-05-11 12:02:14 +01:00
Makefile arm64: scs: use vmapped IRQ and SDEI shadow stacks 2020-12-01 11:23:34 +00:00
module-plts.c arm64/module: set trampoline section flags regardless of CONFIG_DYNAMIC_FTRACE 2020-09-02 08:35:33 +01:00
module.c kasan, arm64: expand CONFIG_KASAN checks 2020-12-22 12:55:08 -08:00
mte.c arm64: mte: switch GCR_EL1 in kernel entry and exit 2020-12-22 12:55:07 -08:00
paravirt.c arm64: paravirt: Initialize steal time when cpu is online 2020-09-17 18:12:18 +01:00
pci.c PCI: Constify struct pci_ecam_ops 2020-05-01 16:28:59 +01:00
perf_callchain.c arm64: stacktrace: Make stack walk callback consistent with generic code 2020-09-18 14:24:16 +01:00
perf_event.c Revert "arm64: Enable perf events based hard lockup detector" 2021-01-13 15:08:41 +00:00
perf_regs.c perf/arch: Remove perf_sample_data::regs_user_copy 2020-11-09 18:12:34 +01:00
pointer_auth.c arm64: reject prctl(PR_PAC_RESET_KEYS) on compat tasks 2020-10-15 10:50:09 +01:00
process.c Merge branch 'kvm-master' into kvm-next 2021-01-07 18:06:52 -05:00
proton-pack.c Merge remote-tracking branch 'arm64/for-next/fixes' into for-next/core 2020-12-09 18:04:55 +00:00
psci.c arm64: psci: Avoid printing in cpu_psci_cpu_die() 2020-11-10 13:11:44 +00:00
ptrace.c arm64: expose FAR_EL1 tag bits in siginfo 2020-11-23 18:17:39 +00:00
reloc_test_core.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
reloc_test_syms.S arm64: kernel: Convert to modern annotations for assembly functions 2020-05-04 12:46:03 +01:00
relocate_kernel.S arm64/relocate_kernel: remove redundant code 2020-09-11 19:06:25 +01:00
return_address.c arm64: stacktrace: Make stack walk callback consistent with generic code 2020-09-18 14:24:16 +01:00
sdei.c Merge branch 'kvm-master' into kvm-next 2021-01-07 18:06:52 -05:00
setup.c kasan, arm64: rename kasan_init_tags and mark as __init 2020-12-22 12:55:07 -08:00
signal32.c arm64: compat: Always use sigpage for sigreturn trampoline 2020-06-23 14:56:24 +01:00
signal.c arm64: entry: remove redundant IRQ flag tracing 2021-01-13 12:51:30 +00:00
sigreturn32.S
sleep.S kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK 2020-12-22 12:55:08 -08:00
smccc-call.S arm64/kernel: Remove needless Call Frame Information annotations 2020-09-01 09:50:36 +02:00
smp_spin_table.c treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00
smp.c x86: 2021-01-08 15:06:02 -08:00
stacktrace.c arm64: Move console stack display code to stacktrace.c 2020-09-21 19:43:03 +01:00
suspend.c arm64: uaccess: remove set_fs() 2020-12-02 19:49:11 +00:00
sys32.c
sys_compat.c arm64: expose FAR_EL1 tag bits in siginfo 2020-11-23 18:17:39 +00:00
sys.c
syscall.c arm64: syscall: include prototype for EL0 SVC functions 2021-01-15 10:05:27 +00:00
time.c arm64: time: Replace <linux/clk-provider.h> by <linux/of_clk.h> 2020-02-12 17:26:38 +00:00
topology.c arm64 fixes/updates: 2020-12-18 10:57:27 -08:00
trace-events-emulation.h
traps.c arm64: traps: remove duplicate include statement 2021-01-05 17:52:12 +00:00
vdso.c mm: forbid splitting special mappings 2020-12-15 12:13:41 -08:00
vmlinux.lds.S ARM: 2020-12-20 10:44:05 -08:00