| From 29d6455178a09e1dc340380c582b13356227e8df Mon Sep 17 00:00:00 2001 |
| From: Jann Horn <jannh@google.com> |
| Date: Wed, 1 Jun 2016 11:55:07 +0200 |
| Subject: sched: panic on corrupted stack end |
| |
| From: Jann Horn <jannh@google.com> |
| |
| commit 29d6455178a09e1dc340380c582b13356227e8df upstream. |
| |
| Until now, hitting this BUG_ON caused a recursive oops (because oops |
| handling involves do_exit(), which calls into the scheduler, which in |
| turn raises an oops), which caused stuff below the stack to be |
| overwritten until a panic happened (e.g. via an oops in interrupt |
| context, caused by the overwritten CPU index in the thread_info). |
| |
| Just panic directly. |
| |
| Signed-off-by: Jann Horn <jannh@google.com> |
| Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| kernel/sched/core.c | 3 ++- |
| 1 file changed, 2 insertions(+), 1 deletion(-) |
| |
| --- a/kernel/sched/core.c |
| +++ b/kernel/sched/core.c |
| @@ -3008,7 +3008,8 @@ static noinline void __schedule_bug(stru |
| static inline void schedule_debug(struct task_struct *prev) |
| { |
| #ifdef CONFIG_SCHED_STACK_END_CHECK |
| - BUG_ON(task_stack_end_corrupted(prev)); |
| + if (task_stack_end_corrupted(prev)) |
| + panic("corrupted stack end detected inside scheduler\n"); |
| #endif |
| |
| if (unlikely(in_atomic_preempt_off())) { |