| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAPh3n81TECn_LRKrsKS4qS3-CQsVTf8LSSiCdn+uNYdnO7h9AQ@mail.gmail.com> Date: Mon, 1 Sep 2025 16:40:42 +0200 From: Koen Vandeputte <koen.vandeputte@...ymesh.com> To: linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org, linux-serial@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, jirislaby@...nel.org, neil.armstrong@...aro.org, stephan.gerhold@...aro.org, Robert Marko <robimarko@...il.com> Subject: Crash in msm serial on kernel 6.12 Hi all, I just updated my ipq4019 boards on OpenWRT from kernel 6.6 to 6.12. When using the serial port (/dev/ttyMSM1) I notice that it keeps crashing while using that port. Going through the commit history, I noticed that not much changed at all compared to kernel 6.6: f6ae572683d4 serial: msm: Configure correct working mode before starting earlycon f70f95b485d7 serial: msm: check dma_map_sg() return value properly 1788cf6a91d9 tty: serial: switch from circ_buf to kfifo f8fef2fa419f tty: msm_serial: use dmaengine_prep_slave_sg() 4e5788c0993c serial: msm: Use uart_prepare_sysrq_char(). 173ebdedcd84 serial: msm: Use OPP table for DVFS support a63e5a49d596 serial: msm: Convert to platform remove callback returning void 6cbd979080c7 serial: msm: Use port lock wrappers As the crash indicates, it has got something to do with DMA transfers, which was altered in these 3 commits: f70f95b485d7 serial: msm: check dma_map_sg() return value properly 1788cf6a91d9 tty: serial: switch from circ_buf to kfifo f8fef2fa419f tty: msm_serial: use dmaengine_prep_slave_sg() file: ./drivers/tty/serial/msm_serial.c crashing function: msm_start_rx_dma() Does someone have a clue what could be the culprit here? Splat: [ 0.000000] Linux version 6.12.43 (koen@...eokps13sv03) (arm-openwrt-linux-muslgnueabi-gcc (OpenWrt GCC 14.3.0 r30901+28-f324bd9e34) 14.3.0, GNU ld (GNU Binutils) 2.44) #0 SMP Fri Aug 29 11:31:37 2025 [ 0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Wallystech DR40X9 ... 'Opening Serial port' ... [ 83.717008] 8<--- cut here --- [ 83.717063] Unable to handle kernel paging request at virtual address e2d49000 when write [ 83.718986] [e2d49000] *pgd=83dcf811, *pte=00000000, *ppte=00000000 [ 83.727233] Internal error: Oops: 807 [#1] SMP ARM [ 83.733304] Modules linked in: ath9k(O) ath9k_common(O) qcserial option nft_fib_inet nf_flow_table_inet ebtable_nat ebtable_filter ebtable_broute ath9k_hw(O) ath11k_pci(O) ath11k(O) ath10k_pci(O) ath10k_core(O) ath(O) wireguard usb_wwan sierra_t [ 83.733891] xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_MASQUERADE xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY x_tables wwan usbserial usbnet usbhid m [ 83.806410] sd_mod scsi_mod scsi_common gpio_button_hotplug(O) vfat fat ext4 mbcache jbd2 mii crc32c_generic [ 83.917691] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G O 6.12.43 #0 [ 83.927759] Tainted: [O]=OOT_MODULE [ 83.935903] Hardware name: Generic DT based system [ 83.939121] PC is at mmiocpy+0xb4/0x334 [ 83.943976] LR is at 0x40000400 [ 83.947709] pc : [<c0a42b14>] lr : [<40000400>] psr: 00000193 [ 83.950839] sp : c1011e60 ip : 00000018 fp : c1011e70 [ 83.957087] r10: 00100101 r9 : 82addc00 r8 : 00000002 [ 83.962294] r7 : 00000000 r6 : 00000000 r5 : c10cf304 r4 : c115f900 [ 83.967506] r3 : 00000001 r2 : ffffffe8 r1 : c115f968 r0 : e2d49000 [ 83.974104] Flags: nzcv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user [ 83.980616] Control: 10c5387d Table: 8346006a DAC: 00000055 [ 83.987816] Register r0 information: vmalloc memory [ 83.993631] Register r1 information: slab kmalloc-128 start c115f900 pointer offset 104 size 128 [ 83.998327] Register r2 information: non-paged memory [ 84.007346] Register r3 information: non-paged memory [ 84.012294] Register r4 information: slab kmalloc-128 start c115f900 pointer offset 0 size 128 [ 84.017334] Register r5 information: slab kmalloc-4k start c10cf000 pointer offset 772 size 4096 [ 84.025842] Register r6 information: NULL pointer [ 84.034776] Register r7 information: NULL pointer [ 84.039376] Register r8 information: non-paged memory [ 84.044064] Register r9 information: non-paged memory [ 84.049100] Register r10 information: non-paged memory [ 84.054135] Register r11 information: non-slab/vmalloc memory [ 84.059170] Register r12 information: non-paged memory [ 84.064986] Process swapper/0 (pid: 0, stack limit = 0x5a960252) [ 84.070023] Stack: (0xc1011e60 to 0xc1012000) [ 84.076193] 1e60: c10cf304 00000000 00000002 c115f960 e2d49000 c115f900 e2d49000 c06ef0ec [ 84.080449] 1e80: c1011ed0 c10cf374 ffff8000 c1234840 00000002 c10cf304 20000193 c10cf360 [ 84.088610] 1ea0: c10cf304 00000002 a0000113 00000001 c12ea104 c06ef244 c0e85000 00000400 [ 84.096769] 1ec0: c06ee290 c071c450 00000001 00000000 00000002 00000000 00000400 82addc00 [ 84.104929] 1ee0: c0e85000 00000001 c12ea104 00000001 00000000 c071e5f4 00000000 c0e99010 [ 84.113092] 1f00: c0e01f28 0000f244 c0e85000 c15d7980 c15d79b8 c1011f04 dfbb10c8 00000000 [ 84.121249] 1f20: c1011f3c 00000122 00000100 c06ed858 00000001 00000000 c1234954 c1011f3c [ 84.129410] 1f40: c1011f3c 00000000 00000000 c071e4ac 00000000 c0e85000 000002c4 c10cf344 [ 84.137567] 1f60: c1234954 c10cf348 dfbb10c8 c0d49c00 00000006 00000001 c0e0d4c0 c03260e8 [ 84.145729] 1f80: 00000007 00000040 c0e03080 40000006 c0e03098 00000018 00000100 c0326368 [ 84.153886] 1fa0: c0e99010 c037242c c0e03080 c1011fa0 c0d45140 0000000a 00000000 c0d49c00 [ 84.162047] 1fc0: c0d49c00 ffffab84 c0e03d40 04200002 c0d49bc4 c0e0d4c0 60000013 ffffffff [ 84.170210] 1fe0: c0e01f64 00000000 c0e0d4c0 c0e99010 c0e01f28 c03267a4 c0a6c0a0 c0a40acc [ 84.178362] Call trace: [ 84.178377] mmiocpy from bam_start_dma+0x220/0x2e8 [ 84.189124] bam_start_dma from bam_issue_pending+0x90/0xa0 [ 84.193722] bam_issue_pending from msm_start_rx_dma.part.0+0x134/0x258 [ 84.199279] msm_start_rx_dma.part.0 from msm_complete_rx_dma+0x148/0x394 [ 84.205879] msm_complete_rx_dma from vchan_complete+0x1ec/0x228 [ 84.212821] vchan_complete from tasklet_action_common+0xe0/0x108 [ 84.218897] tasklet_action_common from handle_softirqs+0xf0/0x250 [ 84.224885] handle_softirqs from irq_exit+0x8c/0xb8 [ 84.230958] irq_exit from call_with_stack+0x18/0x20 [ 84.236084] call_with_stack from __irq_svc+0x6c/0x7c [ 84.241027] Exception stack(0xc0e01f30 to 0xc0e01f78) [ 84.245980] 1f20: 00000003 00000001 00063174 40000000 [ 84.251023] 1f40: 00000000 c0e0a0ac c0e0d4c0 c0e0a0c4 00000000 00000000 c0e99010 c0e0a048 [ 84.259181] 1f60: 00000037 c0e01f80 c0a6b938 c0a6c0a0 60000013 ffffffff [ 84.267336] __irq_svc from default_idle_call+0x2c/0x30 [ 84.273757] default_idle_call from do_idle+0x1d4/0x224 [ 84.278965] do_idle from cpu_startup_entry+0x28/0x2c [ 84.284170] cpu_startup_entry from kernel_init+0x0/0x12c [ 84.289380] kernel_init from start_kernel+0x6cc/0x6d0 [ 84.294830] Code: e4804004 e4805004 e4806004 e4808004 (e4809004) [ 84.299800] ---[ end trace 0000000000000000 ]--- [ 84.305960] Kernel panic - not syncing: Fatal exception in interrupt [ 85.401617] SMP: failed to stop secondary CPUs [ 85.401652] Rebooting in 3 seconds.. Thanks all, Koen
Powered by blists - more mailing lists