From patchwork Fri Feb 12 20:46:00 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Yang Shi <yang.shi@linaro.org>
X-Patchwork-Id: 61897
Delivered-To: patch@linaro.org
Received: by 10.112.43.199 with SMTP id y7csp1064291lbl;
 Fri, 12 Feb 2016 13:08:57 -0800 (PST)
X-Received: by 10.66.119.71 with SMTP id ks7mr5174737pab.151.1455311337720; 
 Fri, 12 Feb 2016 13:08:57 -0800 (PST)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
 by mx.google.com with ESMTP id
 s137si22233894pfs.11.2016.02.12.13.08.57; 
 Fri, 12 Feb 2016 13:08:57 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender) client-ip=209.132.180.67; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org; 
 dkim=pass header.i=@linaro.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1751982AbcBLVIz (ORCPT <rfc822;bjorn.andersson@linaro.org>
 + 30 others); Fri, 12 Feb 2016 16:08:55 -0500
Received: from mail-pa0-f43.google.com ([209.85.220.43]:35242 "EHLO
 mail-pa0-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
 with ESMTP id S1751888AbcBLVIw (ORCPT
 <rfc822;linux-kernel@vger.kernel.org>);
 Fri, 12 Feb 2016 16:08:52 -0500
Received: by mail-pa0-f43.google.com with SMTP id ho8so52538694pac.2
 for <linux-kernel@vger.kernel.org>;
 Fri, 12 Feb 2016 13:08:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id;
 bh=e4i7sdiIaKX1LKhC3UGwAiVex/ahjU0v9nZWNF+5kqw=;
 b=Lrkrg3DRkSC6FWbPm6KkwoDiy+Snf5xDU9WQKWagYUz7YgVENhGgbJwz5MHt3Qw+KU
 LwMqaSt9t1NcDBkYC0WPzLdyNIf6vc58ylfXAp5wyHZuTTEAuJxfjy8gfma1rDx9ckQe
 hqd9lLXIG1dqrZgDV+hW8XiNXVFjH4SrDRSW8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=e4i7sdiIaKX1LKhC3UGwAiVex/ahjU0v9nZWNF+5kqw=;
 b=E2kHO0T1vHvBw9UBSE/KqqpGfCZUqOjHWrJTVmUV3f0ZrCkoP5z1ZdZRF3O995zsb9
 XRYI93IZIvgnQGRPVN+dSX0jDSmV725XBZoZA3tdoOQWGVaje0wo1bwmTuQ3KPFwH6uJ
 Uidl6Wk3Fm+mHqHWI97EUCLgc3kNljpksDtM0BoPpWTQVtYPLnabWFcqMbG8vQPDAsX5
 VsmvCmhmNcExLyaFwAxeBtWLz3/GcBTdvuoPRQ7QnUvqfU1ko0xb2v05CE2rPBbA1u1Q
 qZUkALz9sxv5Tf7QSY8Sr/x0wB4OHVtdG7dCEvVPpXq4GpZpjlK+gXeAvq/s8vNdeS4M
 yKpQ==
X-Gm-Message-State: AG10YOSsb7S/JSopcOTchDJD+lUF8wzPBN1VPG0JCkq/6dWtUE+1anGjwDi24xKSLlYGkbqd
X-Received: by 10.66.218.196 with SMTP id pi4mr5081226pac.147.1455311332316; 
 Fri, 12 Feb 2016 13:08:52 -0800 (PST)
Received: from yshi-Precision-T5600.corp.ad.wrs.com
 (unknown-216-82.windriver.com. [147.11.216.82])
 by smtp.gmail.com with ESMTPSA id
 e14sm21503688pap.24.2016.02.12.13.08.51
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Fri, 12 Feb 2016 13:08:51 -0800 (PST)
From: Yang Shi <yang.shi@linaro.org>
To: aryabinin@virtuozzo.com, rostedt@goodmis.org, mingo@redhat.com
Cc: linux-kernel@vger.kernel.org, linaro-kernel@lists.linaro.org,
 yang.shi@linaro.org
Subject: [v2 PATCH] trace, kasan: silence Kasan warning in check_stack
Date: Fri, 12 Feb 2016 12:46:00 -0800
Message-Id: <1455309960-18930-1-git-send-email-yang.shi@linaro.org>
X-Mailer: git-send-email 2.0.2
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

When enabling stack trace via "echo 1 > /proc/sys/kernel/stack_tracer_enabled",
the below KASAN warning is triggered:

BUG: KASAN: stack-out-of-bounds in check_stack+0x344/0x848 at addr ffffffc0689ebab8
Read of size 8 by task ksoftirqd/4/29
page:ffffffbdc3a27ac0 count:0 mapcount:0 mapping:          (null) index:0x0
flags: 0x0()
page dumped because: kasan: bad access detected
CPU: 4 PID: 29 Comm: ksoftirqd/4 Not tainted 4.5.0-rc1 #129
Hardware name: Freescale Layerscape 2085a RDB Board (DT)
Call trace:
[<ffffffc000091300>] dump_backtrace+0x0/0x3a0
[<ffffffc0000916c4>] show_stack+0x24/0x30
[<ffffffc0009bbd78>] dump_stack+0xd8/0x168
[<ffffffc000420bb0>] kasan_report_error+0x6a0/0x920
[<ffffffc000421688>] kasan_report+0x70/0xb8
[<ffffffc00041f7f0>] __asan_load8+0x60/0x78
[<ffffffc0002e05c4>] check_stack+0x344/0x848
[<ffffffc0002e0c8c>] stack_trace_call+0x1c4/0x370
[<ffffffc0002af558>] ftrace_ops_no_ops+0x2c0/0x590
[<ffffffc00009f25c>] ftrace_graph_call+0x0/0x14
[<ffffffc0000881bc>] fpsimd_thread_switch+0x24/0x1e8
[<ffffffc000089864>] __switch_to+0x34/0x218
[<ffffffc0011e089c>] __schedule+0x3ac/0x15b8
[<ffffffc0011e1f6c>] schedule+0x5c/0x178
[<ffffffc0001632a8>] smpboot_thread_fn+0x350/0x960
[<ffffffc00015b518>] kthread+0x1d8/0x2b0
[<ffffffc0000874d0>] ret_from_fork+0x10/0x40
Memory state around the buggy address:
 ffffffc0689eb980: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f4 f4 f4
 ffffffc0689eba00: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
>ffffffc0689eba80: 00 00 f1 f1 f1 f1 00 f4 f4 f4 f3 f3 f3 f3 00 00
                                        ^
 ffffffc0689ebb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffffffc0689ebb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

The stacker tracer traverses the whole kernel stack when saving the max stack
trace. It may touch the stack red zones to cause the warning. So, just disable
the instrumentation to silence the warning.

Signed-off-by: Yang Shi <yang.shi@linaro.org>
---
v2:
 Add comment suggested by Steven

 kernel/trace/trace_stack.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

-- 
2.0.2

diff --git a/kernel/trace/trace_stack.c b/kernel/trace/trace_stack.c
index 202df6c..2a1abba 100644
--- a/kernel/trace/trace_stack.c
+++ b/kernel/trace/trace_stack.c
@@ -156,7 +156,11 @@ check_stack(unsigned long ip, unsigned long *stack)
 		for (; p < top && i < stack_trace_max.nr_entries; p++) {
 			if (stack_dump_trace[i] == ULONG_MAX)
 				break;
-			if (*p == stack_dump_trace[i]) {
+			/*
+			 * The READ_ONCE_NOCHECK is used to let KASAN know that
+			 * this is not a stack-out-of-bounds error.
+			 */
+			if ((READ_ONCE_NOCHECK(*p)) == stack_dump_trace[i]) {
 				stack_dump_trace[x] = stack_dump_trace[i++];
 				this_size = stack_trace_index[x++] =
 					(top - p) * sizeof(unsigned long);