the bug has been introduced by the patch: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/driv...
On Sat, Sep 11, 2021 at 10:20 PM Cheng Chao cs.os.kernel@gmail.com wrote:
for longterm v4.4.283, the code has checked if (!page) https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/driver...
static struct page *alloc_buffer_page(struct ion_system_heap *heap, struct ion_buffer *buffer, unsigned long order) { ... if (!cached) { page = ion_page_pool_alloc(pool); } else { ... page = alloc_pages(gfp_flags | __GFP_COMP, order); if (!page) <--- return NULL; <---
ion_pages_sync_for_device(NULL, page, PAGE_SIZE << order, ... }
for longterm v4.14.246, has no ion_pages_sync_for_device after ion_page_pool_alloc https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/driver...
static struct page *alloc_buffer_page(struct ion_system_heap *heap, struct ion_buffer *buffer, unsigned long order) { ... if (!cached) pool = heap->uncached_pools[order_to_index(order)]; else pool = heap->cached_pools[order_to_index(order)];
page = ion_page_pool_alloc(pool);
return page; }
after longterm v4.19.206(include),
static struct page *alloc_buffer_page(struct ion_system_heap *heap, struct ion_buffer *buffer, unsigned long order) { struct ion_page_pool *pool = heap->pools[order_to_index(order)];
return ion_page_pool_alloc(pool); }
On Sat, Sep 11, 2021 at 7:54 PM Greg KH gregkh@linuxfoundation.org wrote:
On Sat, Sep 11, 2021 at 07:21:15PM +0800, Cheng Chao wrote:
kernel panic is here:
Unable to handle kernel paging request at virtual address b0380000 pgd = d9d94000 [b0380000] *pgd=00000000 Internal error: Oops: 2805 [#1] PREEMPT SMP ARM ... task: daa2dd00 task.stack: da194000 PC is at v7_dma_clean_range+0x1c/0x34 LR is at arm_dma_sync_single_for_device+0x44/0x58 pc : [<c011aa0c>] lr : [<c011645c>] psr: 200f0013 sp : da195da0 ip : dc1f9000 fp : c1043dc4 r10: 00000000 r9 : c16f1f58 r8 : 00000001 r7 : c1621f94 r6 : c0116418 r5 : 00000000 r4 : c011aa58 r3 : 0000003f r2 : 00000040 r1 : b0480000 r0 : b0380000 Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 10c5383d Table: 19d9406a DAC: 00000051 ... [<c011aa0c>] (v7_dma_clean_range) from [<c011645c>] (arm_dma_sync_single_for_device+0x44/0x58) [<c011645c>] (arm_dma_sync_single_for_device) from [<c0117088>] (arm_dma_sync_sg_for_device+0x50/0x7c) [<c0117088>] (arm_dma_sync_sg_for_device) from [<c0c033c4>] (ion_pages_sync_for_device+0xb0/0xec) [<c0c033c4>] (ion_pages_sync_for_device) from [<c0c054ac>] (ion_system_heap_allocate+0x2a0/0x2e0) [<c0c054ac>] (ion_system_heap_allocate) from [<c0c02c78>] (ion_alloc+0x12c/0x494) [<c0c02c78>] (ion_alloc) from [<c0c03eac>] (ion_ioctl+0x510/0x63c) [<c0c03eac>] (ion_ioctl) from [<c027c4b0>] (do_vfs_ioctl+0xa8/0x9b4) [<c027c4b0>] (do_vfs_ioctl) from [<c027ce28>] (SyS_ioctl+0x6c/0x7c) [<c027ce28>] (SyS_ioctl) from [<c0108a40>] (ret_fast_syscall+0x0/0x48) Code: e3a02004 e1a02312 e2423001 e1c00003 (ee070f3a) ---[ end trace 89278304932c0e87 ]--- Kernel panic - not syncing: Fatal exception
Signed-off-by: Cheng Chao cs.os.kernel@gmail.com
drivers/staging/android/ion/ion_system_heap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/android/ion/ion_system_heap.c b/drivers/staging/android/ion/ion_system_heap.c index 22c481f2ae4f..2a35b99cf628 100644 --- a/drivers/staging/android/ion/ion_system_heap.c +++ b/drivers/staging/android/ion/ion_system_heap.c @@ -75,7 +75,7 @@ static struct page *alloc_buffer_page(struct ion_system_heap *heap,
page = ion_page_pool_alloc(pool);
if (cached)
if (page && cached) ion_pages_sync_for_device(NULL, page, PAGE_SIZE << order, DMA_BIDIRECTIONAL); return page;-- 2.26.3
Why is this just a 4.9 patch? Ion didn't get removed until 5.11, so wouldn't this be an issue for anything 5.10 and older?
thanks,
greg k-h