Greeting,
FYI, we noticed the following commit (built with clang-14):
commit: 40caa127f3c7279c75cb0c9684559fa314ee3a66 ("init: bootconfig: Remove all bootconfig data when the init memory is removed")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
in testcase: boot
on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <[email protected]>
[ 17.504659][ T1] ------------[ cut here ]------------
[ 17.505585][ T1] kernel BUG at arch/x86/mm/physaddr.c:76!
[ 17.506561][ T1] invalid opcode: 0000 [#1] SMP
[ 17.507339][ T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.14.0-rc2-00062-g40caa127f3c7 #1 00c78f7b688292d34ec614a62bcd66d7bca8c06c
[ 17.509340][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 17.510823][ T1] EIP: __phys_addr+0x48/0x80
[ 17.511538][ T1] Code: 1d 16 00 84 80 12 f8 c2 80 12 f8 c2 89 f1 c1 e9 89 f1 c1 e9 29 89 f8 e8 29 89 f8 e8 39 f0 75 2a 39 f0 75 2a 5d c3 0f 0b 5d c3 <0f> 0b c2 e8 6c 69 c2 e8 6c 69 68 10 c0 28 68 10 c0 28 6a 00 0f 0b
[ 17.514699][ T1] EAX: 00000000 EBX: c1d19f90 ECX: 00000000 EDX: c10878dc
[ 17.515909][ T1] ESI: 40000000 EDI: 00000000 EBP: c016ff90 ESP: c016ff88
[ 17.517114][ T1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010207
[ 17.518380][ T1] CR0: 80050033 CR2: 00000000 CR3: 02895000 CR4: 00040690
[ 17.519575][ T1] Call Trace:
[ 17.520137][ T1] xbc_destroy_all+0x22/0x3b
[ 17.520863][ T1] kernel_init+0x1c/0x180
[ 17.521533][ T1] ret_from_fork+0x19/0x24
[ 17.522233][ T1] Modules linked in:
[ 17.522923][ T1] ---[ end trace a86c2af2528aa089 ]---
[ 17.523863][ T1] EIP: __phys_addr+0x48/0x80
[ 17.524612][ T1] Code: 1d 16 00 84 80 12 f8 c2 80 12 f8 c2 89 f1 c1 e9 89 f1 c1 e9 29 89 f8 e8 29 89 f8 e8 39 f0 75 2a 39 f0 75 2a 5d c3 0f 0b 5d c3 <0f> 0b c2 e8 6c 69 c2 e8 6c 69 68 10 c0 28 68 10 c0 28 6a 00 0f 0b
[ 17.527796][ T1] EAX: 00000000 EBX: c1d19f90 ECX: 00000000 EDX: c10878dc
[ 17.528969][ T1] ESI: 40000000 EDI: 00000000 EBP: c016ff90 ESP: c016ff88
[ 17.530128][ T1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010207
[ 17.531302][ T1] CR0: 80050033 CR2: 00000000 CR3: 02895000 CR4: 00040690
[ 17.532427][ T1] Kernel panic - not syncing: Fatal exception
[ 17.533500][ T1] Kernel Offset: disabled
To reproduce:
# build kernel
cd linux
cp config-5.14.0-rc2-00062-g40caa127f3c7 .config
make HOSTCC=clang-14 CC=clang-14 ARCH=i386 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
---
0DAY/LKP+ Test Infrastructure Open Source Technology Center
https://lists.01.org/hyperkitty/list/[email protected] Intel Corporation
Thanks,
Oliver Sang
Hi,
Oops, sorry this is my mistake that I mixed kfree() behevior and memblock_free() behevior.
(memblock_free() is NOT NULL safe)
Let me fix that soon.
Thank you,
On Sun, 12 Sep 2021 22:08:20 +0800
kernel test robot <[email protected]> wrote:
>
>
> Greeting,
>
> FYI, we noticed the following commit (built with clang-14):
>
> commit: 40caa127f3c7279c75cb0c9684559fa314ee3a66 ("init: bootconfig: Remove all bootconfig data when the init memory is removed")
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
>
>
> in testcase: boot
>
> on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
>
> caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
>
>
>
> If you fix the issue, kindly add following tag
> Reported-by: kernel test robot <[email protected]>
>
>
>
> [ 17.504659][ T1] ------------[ cut here ]------------
> [ 17.505585][ T1] kernel BUG at arch/x86/mm/physaddr.c:76!
> [ 17.506561][ T1] invalid opcode: 0000 [#1] SMP
> [ 17.507339][ T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.14.0-rc2-00062-g40caa127f3c7 #1 00c78f7b688292d34ec614a62bcd66d7bca8c06c
> [ 17.509340][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
> [ 17.510823][ T1] EIP: __phys_addr+0x48/0x80
> [ 17.511538][ T1] Code: 1d 16 00 84 80 12 f8 c2 80 12 f8 c2 89 f1 c1 e9 89 f1 c1 e9 29 89 f8 e8 29 89 f8 e8 39 f0 75 2a 39 f0 75 2a 5d c3 0f 0b 5d c3 <0f> 0b c2 e8 6c 69 c2 e8 6c 69 68 10 c0 28 68 10 c0 28 6a 00 0f 0b
> [ 17.514699][ T1] EAX: 00000000 EBX: c1d19f90 ECX: 00000000 EDX: c10878dc
> [ 17.515909][ T1] ESI: 40000000 EDI: 00000000 EBP: c016ff90 ESP: c016ff88
> [ 17.517114][ T1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010207
> [ 17.518380][ T1] CR0: 80050033 CR2: 00000000 CR3: 02895000 CR4: 00040690
> [ 17.519575][ T1] Call Trace:
> [ 17.520137][ T1] xbc_destroy_all+0x22/0x3b
> [ 17.520863][ T1] kernel_init+0x1c/0x180
> [ 17.521533][ T1] ret_from_fork+0x19/0x24
> [ 17.522233][ T1] Modules linked in:
> [ 17.522923][ T1] ---[ end trace a86c2af2528aa089 ]---
> [ 17.523863][ T1] EIP: __phys_addr+0x48/0x80
> [ 17.524612][ T1] Code: 1d 16 00 84 80 12 f8 c2 80 12 f8 c2 89 f1 c1 e9 89 f1 c1 e9 29 89 f8 e8 29 89 f8 e8 39 f0 75 2a 39 f0 75 2a 5d c3 0f 0b 5d c3 <0f> 0b c2 e8 6c 69 c2 e8 6c 69 68 10 c0 28 68 10 c0 28 6a 00 0f 0b
> [ 17.527796][ T1] EAX: 00000000 EBX: c1d19f90 ECX: 00000000 EDX: c10878dc
> [ 17.528969][ T1] ESI: 40000000 EDI: 00000000 EBP: c016ff90 ESP: c016ff88
> [ 17.530128][ T1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010207
> [ 17.531302][ T1] CR0: 80050033 CR2: 00000000 CR3: 02895000 CR4: 00040690
> [ 17.532427][ T1] Kernel panic - not syncing: Fatal exception
> [ 17.533500][ T1] Kernel Offset: disabled
>
>
>
>
> To reproduce:
>
> # build kernel
> cd linux
> cp config-5.14.0-rc2-00062-g40caa127f3c7 .config
> make HOSTCC=clang-14 CC=clang-14 ARCH=i386 olddefconfig prepare modules_prepare bzImage
>
> git clone https://github.com/intel/lkp-tests.git
> cd lkp-tests
> bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
>
>
>
> ---
> 0DAY/LKP+ Test Infrastructure Open Source Technology Center
> https://lists.01.org/hyperkitty/list/[email protected] Intel Corporation
>
> Thanks,
> Oliver Sang
>
--
Masami Hiramatsu <[email protected]>
Fix to check the xbc_node is used before calling memblock_free()
because passing NULL to phys_addr() will cause a panic.
This will happen if user doesn't pass any bootconfig to the
kernel, because kernel will call xbc_destroy_all() after
booting.
Fixes: 40caa127f3c7 ("init: bootconfig: Remove all bootconfig data when the init memory is removed")
Reported-by: kernel test robot <[email protected]>
Signed-off-by: Masami Hiramatsu <[email protected]>
---
lib/bootconfig.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index f8419cff1147..4f8849706ef6 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -792,7 +792,8 @@ void __init xbc_destroy_all(void)
xbc_data = NULL;
xbc_data_size = 0;
xbc_node_num = 0;
- memblock_free(__pa(xbc_nodes), sizeof(struct xbc_node) * XBC_NODE_MAX);
+ if (xbc_nodes)
+ memblock_free(__pa(xbc_nodes), sizeof(struct xbc_node) * XBC_NODE_MAX);
xbc_nodes = NULL;
brace_index = 0;
}
On 9/13/21 02:56, Masami Hiramatsu wrote:
> Fix to check the xbc_node is used before calling memblock_free()
> because passing NULL to phys_addr() will cause a panic.
> This will happen if user doesn't pass any bootconfig to the
> kernel, because kernel will call xbc_destroy_all() after
> booting.
>
> Fixes: 40caa127f3c7 ("init: bootconfig: Remove all bootconfig data when the init memory is removed")
> Reported-by: kernel test robot <[email protected]>
> Signed-off-by: Masami Hiramatsu <[email protected]>
FTR, I got a different issue with 5.15-rc1, bisected to 40caa127f3c7 and
this patch fixed it for me, so:
Tested-by: Vlastimil Babka <[email protected]>
The panic I was getting:
general protection fault, probably for non-canonical address 0x343479726f6d657d: 0000 [#1] SMP NOPTI
CPU: 10 PID: 446 Comm: udevadm Tainted: G E 5.15.0-rc1-1.g8787773-default+ #43 openSUSE Tumbleweed (unreleased) d96e60462206b52b95b55ea8102fc1a7d9e8ae9a
Hardware name: Gigabyte Technology Co., Ltd. X470 AORUS ULTRA GAMING/X470 AORUS ULTRA GAMING-CF, BIOS F60h 02/04/2021
RIP: 0010:rb_next+0x14/0x50
Code: 89 c1 89 c6 89 c7 41 89 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 8b 17 48 39 d7 74 43 48 8b 47 08 48 85 c0 74 23 49 89 c0 <48> 8b 40 10 48 85 c0 75 f4 4c 89 c0 31 d2 89 d7 41 89 d0 c3 48 3b
RSP: 0018:ffffa63741053e00 EFLAGS: 00010202
RAX: 343479726f6d656d RBX: ffffa63741053e90 RCX: 0000000000000000
RDX: ffff94fd4eb37f18 RSI: 0000000000000000 RDI: ffff94fd4ebf7e18
RBP: 0000000000000000 R08: 343479726f6d656d R09: 0000000000000000
R10: ffffffff89f58b50 R11: 0000000000000000 R12: ffff94f64a7c3f00
R13: ffff94f640e3b300 R14: ffff94fd4ebf7e00 R15: 0000000000000007
FS: 00007fd358530180(0000) GS:ffff94fd4ea80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564bfee24028 CR3: 000000013055c000 CR4: 00000000003506e0
Call Trace:
kernfs_fop_readdir+0x12d/0x260
iterate_dir+0x196/0x1e0
__x64_sys_getdents64+0x80/0x120
? compat_fillonedir+0x160/0x160
? syscall_exit_to_user_mode+0x18/0x40
do_syscall_64+0x5c/0x90
? syscall_exit_to_user_mode+0x18/0x40
? syscall_exit_to_user_mode+0x18/0x40
? do_syscall_64+0x69/0x90
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fd358f04947
Code: 00 00 0f 05 eb b7 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 f9 a4 0f 00 f7 d8 64 89 02 48
RSP: 002b:00007fffc0b3ba78 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 0000564bfedac480 RCX: 00007fd358f04947
RDX: 0000000000008000 RSI: 0000564bfedac4b0 RDI: 0000000000000004
RBP: 0000564bfedac4b0 R08: 0000000000000030 R09: 00007fd358fffa60
R10: 0000564bfedb44b0 R11: 0000000000000293 R12: fffffffffffffeb0
R13: 0000564bfedac484 R14: 0000000000000000 R15: 00007fffc0b3bb70
Modules linked in: btrfs(E) blake2b_generic(E) libcrc32c(E) crc32c_intel(E) xor(E) raid6_pq(E) sg(E) dm_multipath(E) dm_mod(E) scsi_dh_rdac(E) scsi_dh_emc(E) scsi_dh_alua(E) msr(E) efivarfs(E)
---[ end trace 011b3d281b92632a ]---