On Sat, Dec 20, 2025 at 04:25:50PM +0000, Carlos Llamas wrote:
> On Wed, Sep 17, 2025 at 09:03:10AM -0700, Josh Poimboeuf wrote:
> > TEXT_MAIN, DATA_MAIN and friends are defined differently depending on
> > whether certain config options enable -ffunction-sections and/or
> > -fdata-sections.
> >
> > There's no technical reason for that beyond voodoo coding. Keeping the
> > separate implementations adds unnecessary complexity, fragments the
> > logic, and increases the risk of subtle bugs.
> >
> > Unify the macros by using the same input section patterns across all
> > configs.
> >
> > This is a prerequisite for the upcoming livepatch klp-build tooling
> > which will manually enable -ffunction-sections and -fdata-sections via
> > KCFLAGS.
> >
> > Cc: Heiko Carstens <[email protected]>
> > Cc: Vasily Gorbik <[email protected]>
> > Cc: Alexander Gordeev <[email protected]>
> > Signed-off-by: Josh Poimboeuf <[email protected]>
> > ---
> > include/asm-generic/vmlinux.lds.h | 40 ++++++++++---------------------
> > scripts/module.lds.S | 12 ++++------
> > 2 files changed, 17 insertions(+), 35 deletions(-)
[...]
> I'm seeing some KP when trying to load modules after this change. I
> believe there is some sort of incompatibility with the SCS (Shadow Call
> Stack) code in arm64? The panic is always on __pi_scs_handle_fde_frame:
>
> init: Loading module [...]/drivers/net/wireless/virtual/mac80211_hwsim.ko
> Unable to handle kernel paging request at virtual address ffffffe6468f0ffc
> [...]
nit: please don't trim the useful stuff when reporting a crash!
> pc : __pi_scs_handle_fde_frame+0xd8/0x15c
> lr : __pi_$x+0x74/0x138
> sp : ffffffc08005bb10
> x29: ffffffc08005bb10 x28: ffffffc081873010 x27: 0000000000000000
> x26: 0000000000000007 x25: 0000000000000000 x24: 0000000000000000
> x23: 0000000000000001 x22: ffffffe649794fa0 x21: ffffffe6469190b4
> x20: 000000000000182c x19: 0000000000000001 x18: ffffffc080053000
> x17: 000000000000002d x16: ffffffe6469190c5 x15: ffffffe6468f1000
> x14: 000000000000003e x13: ffffffe6469190c6 x12: 00000000d50323bf
> x11: 00000000d503233f x10: ffffffe649119cb8 x9 : ffffffe6468f1000
> x8 : 0000000000000100 x7 : 00656d6172665f68 x6 : 0000000000000001
> x5 : 6372610000000000 x4 : 0000008000000000 x3 : 0000000000000000
> x2 : ffffffe647e528f4 x1 : 0000000000000001 x0 : 0000000000000004
> Call trace:
> __pi_scs_handle_fde_frame+0xd8/0x15c (P)
> module_finalize+0xfc/0x164
> post_relocation+0xbc/0xd8
> load_module+0xfd4/0x11a8
> __arm64_sys_finit_module+0x23c/0x328
> invoke_syscall+0x58/0xe4
> el0_svc_common+0x80/0xdc
> do_el0_svc+0x1c/0x28
> el0_svc+0x54/0x1c4
> el0t_64_sync_handler+0x68/0xdc
> el0t_64_sync+0x1c4/0x1c8
> Code: 54fffd4c 1400001f 3707ff63 aa0903ef (b85fcdf0)
Hmm, looks like a translation fault from the load buried here:
u32 insn = le32_to_cpup((void *)loc);
in scs_patch_loc(), called from the 'DW_CFA_negate_ra_state' case in
scs_handle_fde_frame(). So presumably 'loc' is bogus.
Since you replied to this patch, does reverting it fix the problem for
you?
> This is not a problem if I disable UNWIND_PATCH_PAC_INTO_SCS but I have
> no idea why.
Well, that avoids compiling the code that's crashing :p
> Looking around it seems like this might related:
>
> $ cat arch/arm64/include/asm/module.lds.h
> SECTIONS {
> [...]
> #ifdef CONFIG_UNWIND_TABLES
> /*
> * Currently, we only use unwind info at module load time, so we can
> * put it into the .init allocation.
> */
> .init.eh_frame : { *(.eh_frame) }
> #endif
This patch doesn't seem to change that though?
Ard, do you have any ideas here? I wonder whether the addition of
support for 64-bit offsets in 60de7a647fc5 ("arm64/scs: Deal with 64-bit
relative offsets in FDE frames") has introduced padding/alignment
requirements into 'struct eh_frame' and we end up off-by-4 for 'loc' or
something like that? The faulting address looks like an underflow.
Will
