On Sat, 3 Sep 2022 13:40:59 -0600 Yu Zhao <yuzhao@xxxxxxxxxx> wrote: > TLDR: find_vmap_area can be called in irq context, e.g., soft lockup timer. > > Somehow I only started hitting this recently. Hopefully somebody will > have a better idea than I do. Thanks. Thanks. > 6.0.0-dbg-DEV #1 > Call Trace: > <IRQ> > dump_stack_lvl+0x69/0xaa > dump_stack+0x10/0x12 > print_usage_bug+0x336/0x340 > mark_lock_irq+0x494/0x4a0 > mark_lock+0x125/0x190 > __lock_acquire+0x595/0x30d0 > lock_acquire+0xb2/0x190 > _raw_spin_lock+0x2f/0x40 > find_vmap_area+0x1b/0x70 > check_heap_object+0x23/0x2a0 > __check_object_size+0x69/0x140 > copy_from_user_nmi+0x53/0x80 > show_opcodes+0xa6/0x120 > show_iret_regs+0x36/0x60 > __show_regs+0x27/0x2f0 > show_regs_if_on_stack+0xde/0xf0 > show_trace_log_lvl+0x276/0x400 > show_regs+0x5d/0x60 > watchdog_timer_fn+0x182/0x220 > __hrtimer_run_queues+0x13b/0x220 > hrtimer_interrupt+0xf1/0x380 > __sysvec_apic_timer_interrupt+0x52/0xc0 > sysvec_apic_timer_interrupt+0x71/0x90 copy_from_user_nmi() is such a specialized, low-level thing and needs to be robust against whatever else is going on. How about making it directly call raw_copy_from_user()?
