s390/fault: Print unmodified PSW address on protection exception

hcahca · hcahca · commit 52a1f73d1733 · 2025-11-14T11:34:28.000+01:00
In case of a kernel crash caused by a protection exception, print the unmodified PSW address as reported by the CPU. The protection exception handler modifies the PSW address in order to keep fault handling easy, however that leads to misleading call traces. Therefore restore the original PSW address before printing it. Before this change the output in case of a protection exception looks like this: Oops: 0004 ilc:2 [#1]SMP Krnl PSW : 0704c00180000000 000003ffe0b40d78 (sysrq_handle_crash+0x28/0x40) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 ... Krnl Code: 000003ffe0b40d66: e3e0f0980024 stg %r14,152(%r15) 000003ffe0b40d6c: c010fffffff2 larl %r1,000003ffe0b40d50 #000003ffe0b40d72: c0200046b6bc larl %r2,000003ffe1417aea >000003ffe0b40d78: 92021000 mvi 0(%r1),2 000003ffe0b40d7c: c0e5ffae03d6 brasl %r14,000003ffe0101528 With this change it looks like this: Oops: 0004 ilc:2 [#1]SMP Krnl PSW : 0704c00180000000 000003ffe0b40dfc (sysrq_handle_crash+0x2c/0x40) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 ... Krnl Code: 000003ffe0b40dec: c010fffffff2 larl %r1,000003ffe0b40dd0 000003ffe0b40df2: c0200046b67c larl %r2,000003ffe1417aea *000003ffe0b40df8: 92021000 mvi 0(%r1),2 >000003ffe0b40dfc: c0e5ffae03b6 brasl %r14,000003ffe0101568 000003ffe0b40e02: 0707 bcr 0,%r7 Note that with this change the PSW address points to the instruction behind the instruction which caused the exception like it is expected for protection exceptions. This also replaces the '#' marker in the disassembly with '*', which allows to distinguish between new and old behavior. Reviewed-by: Alexander Gordeev <agordeev@linux.ibm.com> Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
diff --git a/arch/s390/include/asm/ptrace.h b/arch/s390/include/asm/ptrace.h
@@ -14,11 +14,13 @@
 #include <asm/tpi.h>
 
 #define PIF_SYSCALL			0	/* inside a system call */
+#define PIF_PSW_ADDR_ADJUSTED		1	/* psw address has been adjusted */
 #define PIF_SYSCALL_RET_SET		2	/* return value was set via ptrace */
 #define PIF_GUEST_FAULT			3	/* indicates program check in sie64a */
 #define PIF_FTRACE_FULL_REGS		4	/* all register contents valid (ftrace) */
 
 #define _PIF_SYSCALL			BIT(PIF_SYSCALL)
+#define _PIF_ADDR_PSW_ADJUSTED		BIT(PIF_PSW_ADDR_ADJUSTED)
 #define _PIF_SYSCALL_RET_SET		BIT(PIF_SYSCALL_RET_SET)
 #define _PIF_GUEST_FAULT		BIT(PIF_GUEST_FAULT)
 #define _PIF_FTRACE_FULL_REGS		BIT(PIF_FTRACE_FULL_REGS)
diff --git a/arch/s390/kernel/dis.c b/arch/s390/kernel/dis.c
@@ -503,24 +503,27 @@ static int copy_from_regs(struct pt_regs *regs, void *dst, void *src, int len)
 void show_code(struct pt_regs *regs)
 {
 	char *mode = user_mode(regs) ? "User" : "Krnl";
+	unsigned long addr, pswaddr;
 	unsigned char code[64];
 	char buffer[128], *ptr;
-	unsigned long addr;
 	int start, end, opsize, hops, i;
 
+	pswaddr = regs->psw.addr;
+	if (test_pt_regs_flag(regs, PIF_PSW_ADDR_ADJUSTED))
+		pswaddr = __forward_psw(regs->psw, regs->int_code >> 16);
 	/* Get a snapshot of the 64 bytes surrounding the fault address. */
-	for (start = 32; start && regs->psw.addr >= 34 - start; start -= 2) {
-		addr = regs->psw.addr - 34 + start;
+	for (start = 32; start && pswaddr >= 34 - start; start -= 2) {
+		addr = pswaddr - 34 + start;
 		if (copy_from_regs(regs, code + start - 2, (void *)addr, 2))
 			break;
 	}
 	for (end = 32; end < 64; end += 2) {
-		addr = regs->psw.addr + end - 32;
+		addr = pswaddr + end - 32;
 		if (copy_from_regs(regs, code + end, (void *)addr, 2))
 			break;
 	}
 	/* Code snapshot usable ? */
-	if ((regs->psw.addr & 1) || start >= end) {
+	if ((pswaddr & 1) || start >= end) {
 		printk("%s Code: Bad PSW.\n", mode);
 		return;
 	}
@@ -543,12 +546,12 @@ void show_code(struct pt_regs *regs)
 	while (start < end && hops < 8) {
 		opsize = insn_length(code[start]);
 		if  (start + opsize == 32)
-			*ptr++ = '#';
+			*ptr++ = '*';
 		else if (start == 32)
 			*ptr++ = '>';
 		else
 			*ptr++ = ' ';
-		addr = regs->psw.addr + start - 32;
+		addr = pswaddr + start - 32;
 		ptr += sprintf(ptr, "%px: ", (void *)addr);
 		if (start + opsize >= end)
 			break;
diff --git a/arch/s390/kernel/dumpstack.c b/arch/s390/kernel/dumpstack.c
@@ -155,12 +155,16 @@ static void show_last_breaking_event(struct pt_regs *regs)
 void show_registers(struct pt_regs *regs)
 {
 	struct psw_bits *psw = &psw_bits(regs->psw);
+	unsigned long pswaddr;
 	char *mode;
 
+	pswaddr = regs->psw.addr;
+	if (test_pt_regs_flag(regs, PIF_PSW_ADDR_ADJUSTED))
+		pswaddr = __forward_psw(regs->psw, regs->int_code >> 16);
 	mode = user_mode(regs) ? "User" : "Krnl";
-	printk("%s PSW : %px %px", mode, (void *)regs->psw.mask, (void *)regs->psw.addr);
+	printk("%s PSW : %px %px", mode, (void *)regs->psw.mask, (void *)pswaddr);
 	if (!user_mode(regs))
-		pr_cont(" (%pSR)", (void *)regs->psw.addr);
+		pr_cont(" (%pSR)", (void *)pswaddr);
 	pr_cont("\n");
 	printk("           R:%x T:%x IO:%x EX:%x Key:%x M:%x W:%x "
 	       "P:%x AS:%x CC:%x PM:%x", psw->per, psw->dat, psw->io, psw->ext,
diff --git a/arch/s390/mm/fault.c b/arch/s390/mm/fault.c
@@ -374,8 +374,10 @@ void do_protection_exception(struct pt_regs *regs)
 	 * The exception to this rule are aborted transactions, for these
 	 * the PSW already points to the correct location.
 	 */
-	if (!(regs->int_code & 0x200))
+	if (!(regs->int_code & 0x200)) {
 		regs->psw.addr = __rewind_psw(regs->psw, regs->int_code >> 16);
+		set_pt_regs_flag(regs, PIF_PSW_ADDR_ADJUSTED);
+	}
 	/*
 	 * If bit 61 if the TEID is not set, the remainder of the
 	 * TEID is unpredictable. Special handling is required.
