Hi Matthew, On Thu, Mar 21, 2019 at 10:44 PM Matthew Wilcox <wi...@infradead.org> wrote: > > On Thu, Mar 21, 2019 at 09:17:34PM +0100, Martin Blumenstingl wrote: > > Hello, > > > > I am experiencing the following crash: > > ------------[ cut here ]------------ > > kernel BUG at mm/slub.c:3950! > > if (unlikely(!PageSlab(page))) { > BUG_ON(!PageCompound(page)); > > You called kfree() on the address of a page which wasn't allocated by slab. > > > I have traced this crash to the kfree() in meson_nfc_read_buf(). > > my observation is as follows: > > - meson_nfc_read_buf() is called 7 times without any crash, the > > kzalloc() call returns 0xe9e6c600 (virtual address) / 0x29e6c600 > > (physical address) > > - the eight time meson_nfc_read_buf() is called kzalloc() call returns > > 0xee39a38b (virtual address) / 0x2e39a38b (physical address) and the > > final kfree() crashes > > - changing the size in the kzalloc() call from PER_INFO_BYTE (= 8) to > > PAGE_SIZE works around that crash > > I suspect you're doing something which corrupts memory. Overrunning > the end of your allocation or something similar. Have you tried KASAN > or even the various slab debugging (eg redzones)? KASAN is not available on 32-bit ARM. there was some progress last year [0] but it didn't make it into mainline. I tried to make the patches apply again and got it to compile (and my kernel is still booting) but I have no idea if it's still working. for anyone interested, my patches are here: [1] (I consider this a HACK because I don't know anything about the code which is being touched in the patches, I only made it compile)
SLAB debugging (redzones) were a great hint, thank you very much for that Matthew! I enabled: CONFIG_SLUB_DEBUG=y CONFIG_SLUB_DEBUG_ON=y and with that I now get "BUG kmalloc-64 (Not tainted): Redzone overwritten" (a larger kernel log extract is attached). I'm starting to wonder if the NAND controller (hardware) writes more than 8 bytes. some context: the "info" buffer allocated in meson_nfc_read_buf is then passed to the NAND controller IP (after using dma_map_single). Liang, how does the NAND controller know that it only has to send PER_INFO_BYTE (= 8) bytes when called from meson_nfc_read_buf? all other callers of meson_nfc_dma_buffer_setup (which passes the info buffer to the hardware) are using (nand->ecc.steps * PER_INFO_BYTE) bytes? Regards Martin [0] https://lore.kernel.org/patchwork/cover/913212/ [1] https://github.com/xdarklight/linux/tree/arm-kasan-hack-v5.1-rc1
[ 2.742070] meson_nfc_read_buf e95e7d00 0x295e7d00 [ 2.742155] meson_nfc_read_buf e95e7d00 0x295e7d00 [ 2.746056] meson_nfc_read_buf e95e62c0 0x295e62c0 [ 2.750947] meson_nfc_read_buf e95e7d00 0x295e7d00 [ 2.755530] ============================================================================= [ 2.763673] BUG kmalloc-64 (Not tainted): Redzone overwritten [ 2.769392] ----------------------------------------------------------------------------- [ 2.769392] [ 2.779013] Disabling lock debugging due to kernel taint [ 2.784303] INFO: 0x(ptrval)-0x(ptrval). First byte 0xff instead of 0xcc [ 2.790982] INFO: Allocated in 0xffffffff age=4294937574 cpu=4294967295 pid=-1 [ 2.798171] 0xffffffff [ 2.800598] 0xffffffff [ 2.803024] 0xffffffff [ 2.805451] 0xffffffff [ 2.807879] 0xffffffff [ 2.810306] 0xffffffff [ 2.812733] 0xffffffff [ 2.815160] 0xffffffff [ 2.817587] 0xffffffff [ 2.820014] 0xffffffff [ 2.822441] 0xffffffff [ 2.824869] 0xffffffff [ 2.827296] 0xffffffff [ 2.829722] 0xffffffff [ 2.832150] 0xffffffff [ 2.834577] 0xffffffff [ 2.837006] INFO: Freed in 0xffffffff age=4294937574 cpu=4294967295 pid=-1 [ 2.843852] 0xffffffff [ 2.846279] 0xffffffff [ 2.848706] 0xffffffff [ 2.851133] 0xffffffff [ 2.853560] 0xffffffff [ 2.855987] 0xffffffff [ 2.858414] 0xffffffff [ 2.860842] 0xffffffff [ 2.863269] 0xffffffff [ 2.865696] 0xffffffff [ 2.868123] 0xffffffff [ 2.870550] 0xffffffff [ 2.872977] 0xffffffff [ 2.875404] 0xffffffff [ 2.877831] 0xffffffff [ 2.880258] 0xffffffff [ 2.882687] INFO: Slab 0x(ptrval) objects=25 used=4 fp=0x(ptrval) flags=0x10201 [ 2.889968] INFO: Object 0x(ptrval) @offset=7424 fp=0x(ptrval) [ 2.889968] [ 2.897251] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 2.905917] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 2.914585] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 2.923253] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 2.931922] Object (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 2.940503] Object (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 2.949085] Object (ptrval): ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 2.957666] Object (ptrval): ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 2.966248] Redzone (ptrval): ff ff ff ff .... [ 2.973876] Padding (ptrval): ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 2.982544] Padding (ptrval): ff ff ff ff ff ff ff ff ........ [ 2.990523] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G B 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 3.000574] Hardware name: Amlogic Meson platform [ 3.005269] [<c0311bb8>] (unwind_backtrace) from [<c030ca68>] (show_stack+0x10/0x14) [ 3.012976] [<c030ca68>] (show_stack) from [<c0ccba28>] (dump_stack+0xa4/0xb8) [ 3.020171] [<c0ccba28>] (dump_stack) from [<c0487fe0>] (check_bytes_and_report+0xcc/0x104) [ 3.028490] [<c0487fe0>] (check_bytes_and_report) from [<c04881d4>] (check_object+0x194/0x28c) [ 3.037072] [<c04881d4>] (check_object) from [<c048a658>] (free_debug_processing+0x12c/0x420) [ 3.045566] [<c048a658>] (free_debug_processing) from [<c048ac5c>] (__slab_free+0x310/0x4a0) [ 3.053974] [<c048ac5c>] (__slab_free) from [<c048b1c4>] (kfree+0x184/0x274) [ 3.060997] [<c048b1c4>] (kfree) from [<c08b861c>] (meson_nfc_exec_op+0x3b0/0x408) [ 3.068541] [<c08b861c>] (meson_nfc_exec_op) from [<c08a424c>] (nand_read_data_op+0xb8/0x154) [ 3.077034] [<c08a424c>] (nand_read_data_op) from [<c08ae394>] (nand_onfi_detect+0xdc/0x644) [ 3.085440] [<c08ae394>] (nand_onfi_detect) from [<c08aa4d0>] (nand_scan_with_ids+0x900/0x171c) [ 3.094111] [<c08aa4d0>] (nand_scan_with_ids) from [<c08b7a04>] (meson_nfc_probe+0x46c/0x694) [ 3.102606] [<c08b7a04>] (meson_nfc_probe) from [<c081f430>] (platform_drv_probe+0x48/0x98) [ 3.110924] [<c081f430>] (platform_drv_probe) from [<c081d4b8>] (really_probe+0x1e0/0x2cc) [ 3.119158] [<c081d4b8>] (really_probe) from [<c081d704>] (driver_probe_device+0x60/0x16c) [ 3.127393] [<c081d704>] (driver_probe_device) from [<c081d9b0>] (device_driver_attach+0x58/0x60) [ 3.136235] [<c081d9b0>] (device_driver_attach) from [<c081da10>] (__driver_attach+0x58/0xcc) [ 3.144734] [<c081da10>] (__driver_attach) from [<c081b87c>] (bus_for_each_dev+0x74/0xb4) [ 3.152879] [<c081b87c>] (bus_for_each_dev) from [<c081c8ec>] (bus_add_driver+0x1b8/0x1d8) [ 3.161113] [<c081c8ec>] (bus_add_driver) from [<c081e53c>] (driver_register+0x74/0x108) [ 3.169176] [<c081e53c>] (driver_register) from [<c0302f54>] (do_one_initcall+0x54/0x284) [ 3.177324] [<c0302f54>] (do_one_initcall) from [<c1001180>] (kernel_init_freeable+0x2d4/0x36c) [ 3.185991] [<c1001180>] (kernel_init_freeable) from [<c0ce2a38>] (kernel_init+0x8/0x110) [ 3.194139] [<c0ce2a38>] (kernel_init) from [<c03010f0>] (ret_from_fork+0x14/0x24) [ 3.201678] Exception stack(0xe983ffb0 to 0xe983fff8) [ 3.206707] ffa0: 00000000 00000000 00000000 00000000 [ 3.214856] ffc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 3.223003] ffe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 3.229591] FIX kmalloc-64: Restoring 0x(ptrval)-0x(ptrval)=0xcc [ 3.229591] [ 3.237097] FIX kmalloc-64: Object at 0x(ptrval) not freed [ 3.242545] meson_nfc_read_buf e95e6400 0x295e6400 [ 3.247278] ============================================================================= [ 3.255421] BUG kmalloc-64 (Tainted: G B ): Redzone overwritten [ 3.262527] ----------------------------------------------------------------------------- [ 3.262527] [ 3.272151] INFO: 0x(ptrval)-0x(ptrval). First byte 0xff instead of 0xcc [ 3.278827] INFO: Allocated in 0xfedfffff age=4294937620 cpu=0 pid=27697 [ 3.285499] 0xffef6f7f [ 3.287926] 0xffffffff [ 3.290353] 0xffffffef [ 3.292780] 0xdf777fef [ 3.295207] 0xffffffff [ 3.297636] INFO: Freed in 0x80840052 age=4294937617 cpu=0 pid=33554432 [ 3.304223] INFO: Slab 0x(ptrval) objects=25 used=5 fp=0x(ptrval) flags=0x10201 [ 3.311504] INFO: Object 0x(ptrval) @offset=1024 fp=0x(ptrval) [ 3.311504] [ 3.318786] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.327454] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.336122] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.344790] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.353458] Object (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 3.362040] Object (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 3.370621] Object (ptrval): ff ff ff ff ff ff ff ff ff fd fb bf ff ff ff ff ................ [ 3.379203] Object (ptrval): ef ff f7 ff ff ff ff ff fb ff fe ff ff ff ff ff ................ [ 3.387784] Redzone (ptrval): ff ff ff ff .... [ 3.395412] Padding (ptrval): 00 00 00 00 02 00 00 00 01 00 00 02 e0 8b ff ff ................ [ 3.404080] Padding (ptrval): 00 00 00 00 00 00 00 00 ........ [ 3.412057] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G B 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 3.422110] Hardware name: Amlogic Meson platform [ 3.426797] [<c0311bb8>] (unwind_backtrace) from [<c030ca68>] (show_stack+0x10/0x14) [ 3.434510] [<c030ca68>] (show_stack) from [<c0ccba28>] (dump_stack+0xa4/0xb8) [ 3.441705] [<c0ccba28>] (dump_stack) from [<c0487fe0>] (check_bytes_and_report+0xcc/0x104) [ 3.450026] [<c0487fe0>] (check_bytes_and_report) from [<c04881d4>] (check_object+0x194/0x28c) [ 3.458607] [<c04881d4>] (check_object) from [<c048a658>] (free_debug_processing+0x12c/0x420) [ 3.467102] [<c048a658>] (free_debug_processing) from [<c048ac5c>] (__slab_free+0x310/0x4a0) [ 3.475510] [<c048ac5c>] (__slab_free) from [<c048b1c4>] (kfree+0x184/0x274) [ 3.482531] [<c048b1c4>] (kfree) from [<c08b861c>] (meson_nfc_exec_op+0x3b0/0x408) [ 3.490074] [<c08b861c>] (meson_nfc_exec_op) from [<c08a424c>] (nand_read_data_op+0xb8/0x154) [ 3.498569] [<c08a424c>] (nand_read_data_op) from [<c08ae394>] (nand_onfi_detect+0xdc/0x644) [ 3.506976] [<c08ae394>] (nand_onfi_detect) from [<c08aa4d0>] (nand_scan_with_ids+0x900/0x171c) [ 3.515645] [<c08aa4d0>] (nand_scan_with_ids) from [<c08b7a04>] (meson_nfc_probe+0x46c/0x694) [ 3.524140] [<c08b7a04>] (meson_nfc_probe) from [<c081f430>] (platform_drv_probe+0x48/0x98) [ 3.532460] [<c081f430>] (platform_drv_probe) from [<c081d4b8>] (really_probe+0x1e0/0x2cc) [ 3.540695] [<c081d4b8>] (really_probe) from [<c081d704>] (driver_probe_device+0x60/0x16c) [ 3.548930] [<c081d704>] (driver_probe_device) from [<c081d9b0>] (device_driver_attach+0x58/0x60) [ 3.557771] [<c081d9b0>] (device_driver_attach) from [<c081da10>] (__driver_attach+0x58/0xcc) [ 3.566267] [<c081da10>] (__driver_attach) from [<c081b87c>] (bus_for_each_dev+0x74/0xb4) [ 3.574415] [<c081b87c>] (bus_for_each_dev) from [<c081c8ec>] (bus_add_driver+0x1b8/0x1d8) [ 3.582649] [<c081c8ec>] (bus_add_driver) from [<c081e53c>] (driver_register+0x74/0x108) [ 3.590711] [<c081e53c>] (driver_register) from [<c0302f54>] (do_one_initcall+0x54/0x284) [ 3.598859] [<c0302f54>] (do_one_initcall) from [<c1001180>] (kernel_init_freeable+0x2d4/0x36c) [ 3.607527] [<c1001180>] (kernel_init_freeable) from [<c0ce2a38>] (kernel_init+0x8/0x110) [ 3.615675] [<c0ce2a38>] (kernel_init) from [<c03010f0>] (ret_from_fork+0x14/0x24) [ 3.623214] Exception stack(0xe983ffb0 to 0xe983fff8) [ 3.628243] ffa0: 00000000 00000000 00000000 00000000 [ 3.636392] ffc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 3.644539] ffe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 3.651126] FIX kmalloc-64: Restoring 0x(ptrval)-0x(ptrval)=0xcc [ 3.651126] [ 3.658617] FIX kmalloc-64: Object at 0x(ptrval) not freed [ 3.664070] meson_nfc_read_buf e95e62c0 0x295e62c0 [ 3.668825] ============================================================================= [ 3.676957] BUG kmalloc-64 (Tainted: G B ): Redzone overwritten [ 3.684064] ----------------------------------------------------------------------------- [ 3.684064] [ 3.693687] INFO: 0x(ptrval)-0x(ptrval). First byte 0x0 instead of 0xcc [ 3.700277] INFO: Freed in 0xfe55620 age=536841280 cpu=4294967263 pid=-1048577 [ 3.707469] INFO: Slab 0x(ptrval) objects=25 used=6 fp=0x(ptrval) flags=0x10201 [ 3.714750] INFO: Object 0x(ptrval) @offset=704 fp=0x(ptrval) [ 3.714750] [ 3.721945] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.730613] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.739281] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.747949] Redzone (ptrval): cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................ [ 3.756618] Object (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 3.765199] Object (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 3.773781] Object (ptrval): ff ff ff ff ff ff ff ff ff bf ff ff 7f ff ff ff ................ [ 3.782362] Object (ptrval): ff ff ff ff ff ff ff ff ff ff df ff 2f ff ff ff ............/... [ 3.790944] Redzone (ptrval): 00 00 00 00 .... [ 3.798572] Padding (ptrval): ff ff ff ff ff ff d7 fe ff ff ff ff ff ff ff ff ................ [ 3.807240] Padding (ptrval): db ff ff ff 5e 7b ff ff ....^{.. [ 3.815217] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G B 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 3.825269] Hardware name: Amlogic Meson platform [ 3.829957] [<c0311bb8>] (unwind_backtrace) from [<c030ca68>] (show_stack+0x10/0x14) [ 3.837669] [<c030ca68>] (show_stack) from [<c0ccba28>] (dump_stack+0xa4/0xb8) [ 3.844865] [<c0ccba28>] (dump_stack) from [<c0487fe0>] (check_bytes_and_report+0xcc/0x104) [ 3.853186] [<c0487fe0>] (check_bytes_and_report) from [<c04881d4>] (check_object+0x194/0x28c) [ 3.861767] [<c04881d4>] (check_object) from [<c048a658>] (free_debug_processing+0x12c/0x420) [ 3.870262] [<c048a658>] (free_debug_processing) from [<c048ac5c>] (__slab_free+0x310/0x4a0) [ 3.878670] [<c048ac5c>] (__slab_free) from [<c048b1c4>] (kfree+0x184/0x274) [ 3.885691] [<c048b1c4>] (kfree) from [<c08b861c>] (meson_nfc_exec_op+0x3b0/0x408) [ 3.893233] [<c08b861c>] (meson_nfc_exec_op) from [<c08a424c>] (nand_read_data_op+0xb8/0x154) [ 3.901728] [<c08a424c>] (nand_read_data_op) from [<c08ae394>] (nand_onfi_detect+0xdc/0x644) [ 3.910135] [<c08ae394>] (nand_onfi_detect) from [<c08aa4d0>] (nand_scan_with_ids+0x900/0x171c) [ 3.918805] [<c08aa4d0>] (nand_scan_with_ids) from [<c08b7a04>] (meson_nfc_probe+0x46c/0x694) [ 3.927300] [<c08b7a04>] (meson_nfc_probe) from [<c081f430>] (platform_drv_probe+0x48/0x98) [ 3.935619] [<c081f430>] (platform_drv_probe) from [<c081d4b8>] (really_probe+0x1e0/0x2cc) [ 3.943854] [<c081d4b8>] (really_probe) from [<c081d704>] (driver_probe_device+0x60/0x16c) [ 3.952089] [<c081d704>] (driver_probe_device) from [<c081d9b0>] (device_driver_attach+0x58/0x60) [ 3.960931] [<c081d9b0>] (device_driver_attach) from [<c081da10>] (__driver_attach+0x58/0xcc) [ 3.969427] [<c081da10>] (__driver_attach) from [<c081b87c>] (bus_for_each_dev+0x74/0xb4) [ 3.977575] [<c081b87c>] (bus_for_each_dev) from [<c081c8ec>] (bus_add_driver+0x1b8/0x1d8) [ 3.985808] [<c081c8ec>] (bus_add_driver) from [<c081e53c>] (driver_register+0x74/0x108) [ 3.993871] [<c081e53c>] (driver_register) from [<c0302f54>] (do_one_initcall+0x54/0x284) [ 4.002019] [<c0302f54>] (do_one_initcall) from [<c1001180>] (kernel_init_freeable+0x2d4/0x36c) [ 4.010686] [<c1001180>] (kernel_init_freeable) from [<c0ce2a38>] (kernel_init+0x8/0x110) [ 4.018834] [<c0ce2a38>] (kernel_init) from [<c03010f0>] (ret_from_fork+0x14/0x24) [ 4.026373] Exception stack(0xe983ffb0 to 0xe983fff8) [ 4.031402] ffa0: 00000000 00000000 00000000 00000000 [ 4.039552] ffc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 4.047699] ffe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 4.054286] FIX kmalloc-64: Restoring 0x(ptrval)-0x(ptrval)=0xcc [ 4.054286] [ 4.061773] FIX kmalloc-64: Object at 0x(ptrval) not freed [ 4.067212] Could not find a valid ONFI parameter page, trying bit-wise majority to recover it [ 4.075833] ONFI parameter recovery failed, aborting [ 4.080773] meson_nfc_read_buf e95e7bc0 0x295e7bc0 [ 4.085578] meson_nfc_read_buf e95e7bc0 0x295e7bc0 [ 4.090336] nand: device found, Manufacturer ID: 0xad, Chip ID: 0xde [ 4.096586] nand: Hynix NAND 8GiB 3,3V 8-bit [ 4.100847] nand: 8192 MiB, MLC, erase size: 4096 KiB, page size: 16384, OOB size: 1280 [ 4.108873] meson_nfc_read_buf e95e7bc0 0x295e7bc0 [ 4.116115] Unable to handle kernel paging request at virtual address fffffffe [ 4.120770] pgd = (ptrval) [ 4.123457] [fffffffe] *pgd=2bfde861, *pte=00000000, *ppte=00000000 [ 4.129703] Internal error: Oops: 80000007 [#1] PREEMPT SMP ARM [ 4.135593] Modules linked in: [ 4.138630] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 4.148681] Hardware name: Amlogic Meson platform [ 4.153364] PC is at 0xfffffffe [ 4.156491] LR is at __handle_irq_event_percpu+0x7c/0x2c4 [ 4.161858] pc : [<fffffffe>] lr : [<c037c878>] psr: 600001b3 [ 4.168099] sp : c1101e48 ip : ea001ee8 fp : c11c32a0 [ 4.173300] r10: c11c32b4 r9 : c1101f10 r8 : c1101e90 [ 4.178501] r7 : 00000033 r6 : 00000000 r5 : e9a566a8 r4 : e95e4f40 [ 4.185002] r3 : ffffffff r2 : c1108cb4 r1 : ffffffff r0 : 00000033 [ 4.191505] Flags: nZCv IRQs off FIQs on Mode SVC_32 ISA Thumb Segment none [ 4.198872] Control: 10c5387d Table: 0020404a DAC: 00000051 [ 4.204592] Process swapper/0 (pid: 0, stack limit = 0x(ptrval)) [ 4.210573] Stack: (0xc1101e48 to 0xc1102000) [ 4.214910] 1e40: 00000080 c11c3264 eaf86680 c11c32b4 ffffe000 e9a56640 [ 4.223059] 1e60: c1108cb4 c11c2d03 eaf85580 c1108c88 e9a566a8 e9a56640 00000001 00000000 [ 4.231207] 1e80: c1101f10 c021f540 c0f40060 c037caec 00000000 5b1da9e9 e9a56640 e9a566a8 [ 4.239355] 1ea0: c11093a0 c037cb78 e9a56640 e9a566a8 c11093a0 c0380d90 c108d1b4 00000000 [ 4.247503] 1ec0: 00000033 c037ba34 c108d1b4 c037c014 c11093a0 c11579c8 f080210c f0802100 [ 4.255651] 1ee0: c1101f10 f0803100 c108c970 c06fe26c c030946c 60000013 ffffffff c1101f44 [ 4.263799] 1f00: c1108c88 c1100000 c108c970 c0301a8c 00000000 0000a974 eaf8ade0 c031aee0 [ 4.271948] 1f20: ffffe000 c1108cb4 c1108cf8 00000001 c1108c88 00000000 c108c970 c0f40060 [ 4.280096] 1f40: c1108d9c c1101f60 c0309468 c030946c 60000013 ffffffff 00000051 00000000 [ 4.288244] 1f60: ffffe000 c0356de4 00000000 c1108c88 00000041 5b1da9e9 c1112210 000000c9 [ 4.296392] 1f80: 00000001 ffffffff c11d7640 c1108c88 00000041 c11d7640 c106da40 c0357168 [ 4.304540] 1fa0: c11d7698 c1000e80 ffffffff ffffffff 00000000 c1000584 00000000 ebfffd00 [ 4.312688] 1fc0: 00000000 c106da40 5b18a8e9 00000000 00000000 c1000330 00000051 10c0387d [ 4.320836] 1fe0: 00000f81 1f164000 414fc091 10c5387d 00000000 00000000 00000000 00000000 [ 4.328989] [<c037c878>] (__handle_irq_event_percpu) from [<c037caec>] (handle_irq_event_percpu+0x2c/0x80) [ 4.338608] [<c037caec>] (handle_irq_event_percpu) from [<c037cb78>] (handle_irq_event+0x38/0x5c) [ 4.347451] [<c037cb78>] (handle_irq_event) from [<c0380d90>] (handle_fasteoi_irq+0xcc/0x17c) [ 4.355943] [<c0380d90>] (handle_fasteoi_irq) from [<c037ba34>] (generic_handle_irq+0x24/0x34) [ 4.364525] [<c037ba34>] (generic_handle_irq) from [<c037c014>] (__handle_domain_irq+0x7c/0xec) [ 4.373196] [<c037c014>] (__handle_domain_irq) from [<c06fe26c>] (gic_handle_irq+0x4c/0x90) [ 4.381515] [<c06fe26c>] (gic_handle_irq) from [<c0301a8c>] (__irq_svc+0x6c/0xa8) [ 4.388966] Exception stack(0xc1101f10 to 0xc1101f58) [ 4.393995] 1f00: 00000000 0000a974 eaf8ade0 c031aee0 [ 4.402145] 1f20: ffffe000 c1108cb4 c1108cf8 00000001 c1108c88 00000000 c108c970 c0f40060 [ 4.410292] 1f40: c1108d9c c1101f60 c0309468 c030946c 60000013 ffffffff [ 4.416883] [<c0301a8c>] (__irq_svc) from [<c030946c>] (arch_cpu_idle+0x38/0x3c) [ 4.424252] [<c030946c>] (arch_cpu_idle) from [<c0356de4>] (do_idle+0x1e4/0x290) [ 4.431618] [<c0356de4>] (do_idle) from [<c0357168>] (cpu_startup_entry+0x18/0x1c) [ 4.439158] [<c0357168>] (cpu_startup_entry) from [<c1000e80>] (start_kernel+0x45c/0x488) [ 4.447305] [<c1000e80>] (start_kernel) from [<00000000>] ( (null)) [ 4.453631] Code: bad PC value [ 4.456674] ---[ end trace eaad995c3018501e ]--- [ 4.461259] Kernel panic - not syncing: Fatal exception in interrupt [ 4.467592] CPU3: stopping [ 4.470277] CPU: 3 PID: 0 Comm: swapper/3 Tainted: G B D 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 4.480328] Hardware name: Amlogic Meson platform [ 4.485017] [<c0311bb8>] (unwind_backtrace) from [<c030ca68>] (show_stack+0x10/0x14) [ 4.492729] [<c030ca68>] (show_stack) from [<c0ccba28>] (dump_stack+0xa4/0xb8) [ 4.499924] [<c0ccba28>] (dump_stack) from [<c03100d4>] (handle_IPI+0x418/0x444) [ 4.507292] [<c03100d4>] (handle_IPI) from [<c06fe2ac>] (gic_handle_irq+0x8c/0x90) [ 4.514832] [<c06fe2ac>] (gic_handle_irq) from [<c0301a8c>] (__irq_svc+0x6c/0xa8) [ 4.522283] Exception stack(0xe987df60 to 0xe987dfa8) [ 4.527315] df60: 00000000 00003658 eafc0de0 c031aee0 ffffe000 c1108cb4 c1108cf8 00000008 [ 4.535462] df80: c1108c88 00000000 c108c970 c0f40060 00000001 e987dfb0 c0309468 c030946c [ 4.543607] dfa0: 600c0013 ffffffff [ 4.547079] [<c0301a8c>] (__irq_svc) from [<c030946c>] (arch_cpu_idle+0x38/0x3c) [ 4.554447] [<c030946c>] (arch_cpu_idle) from [<c0356de4>] (do_idle+0x1e4/0x290) [ 4.561814] [<c0356de4>] (do_idle) from [<c0357168>] (cpu_startup_entry+0x18/0x1c) [ 4.569355] [<c0357168>] (cpu_startup_entry) from [<003026ac>] (0x3026ac) [ 4.576113] CPU1: stopping [ 4.578803] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B D 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 4.588855] Hardware name: Amlogic Meson platform [ 4.593543] [<c0311bb8>] (unwind_backtrace) from [<c030ca68>] (show_stack+0x10/0x14) [ 4.601254] [<c030ca68>] (show_stack) from [<c0ccba28>] (dump_stack+0xa4/0xb8) [ 4.608449] [<c0ccba28>] (dump_stack) from [<c03100d4>] (handle_IPI+0x418/0x444) [ 4.615817] [<c03100d4>] (handle_IPI) from [<c06fe2ac>] (gic_handle_irq+0x8c/0x90) [ 4.623358] [<c06fe2ac>] (gic_handle_irq) from [<c0301a8c>] (__irq_svc+0x6c/0xa8) [ 4.630809] Exception stack(0xe9877f60 to 0xe9877fa8) [ 4.635841] 7f60: 00000000 00005464 eaf9cde0 c031aee0 ffffe000 c1108cb4 c1108cf8 00000002 [ 4.643989] 7f80: c1108c88 00000000 c108c970 c0f40060 00000001 e9877fb0 c0309468 c030946c [ 4.652133] 7fa0: 600c0013 ffffffff [ 4.655605] [<c0301a8c>] (__irq_svc) from [<c030946c>] (arch_cpu_idle+0x38/0x3c) [ 4.662973] [<c030946c>] (arch_cpu_idle) from [<c0356de4>] (do_idle+0x1e4/0x290) [ 4.670341] [<c0356de4>] (do_idle) from [<c0357168>] (cpu_startup_entry+0x18/0x1c) [ 4.677881] [<c0357168>] (cpu_startup_entry) from [<003026ac>] (0x3026ac) [ 4.684640] CPU2: stopping [ 4.687329] CPU: 2 PID: 0 Comm: swapper/2 Tainted: G B D 5.1.0-rc1-00088-g406014e081b4-dirty #4272 [ 4.697381] Hardware name: Amlogic Meson platform [ 4.702069] [<c0311bb8>] (unwind_backtrace) from [<c030ca68>] (show_stack+0x10/0x14) [ 4.709781] [<c030ca68>] (show_stack) from [<c0ccba28>] (dump_stack+0xa4/0xb8) [ 4.716975] [<c0ccba28>] (dump_stack) from [<c03100d4>] (handle_IPI+0x418/0x444) [ 4.724344] [<c03100d4>] (handle_IPI) from [<c06fe2ac>] (gic_handle_irq+0x8c/0x90) [ 4.731884] [<c06fe2ac>] (gic_handle_irq) from [<c0301a8c>] (__irq_svc+0x6c/0xa8) [ 4.739336] Exception stack(0xe987bf60 to 0xe987bfa8) [ 4.744367] bf60: 00000000 00009844 eafaede0 c031aee0 ffffe000 c1108cb4 c1108cf8 00000004 [ 4.752515] bf80: c1108c88 00000000 c108c970 c0f40060 eafaab34 e987bfb0 c0309468 c030946c [ 4.760660] bfa0: 600c0013 ffffffff [ 4.764132] [<c0301a8c>] (__irq_svc) from [<c030946c>] (arch_cpu_idle+0x38/0x3c) [ 4.771499] [<c030946c>] (arch_cpu_idle) from [<c0356de4>] (do_idle+0x1e4/0x290) [ 4.778867] [<c0356de4>] (do_idle) from [<c0357168>] (cpu_startup_entry+0x18/0x1c) [ 4.786408] [<c0357168>] (cpu_startup_entry) from [<003026ac>] (0x3026ac) [ 4.793171] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---