2022-10-04 13:04:47

by Alexey Dobriyan

[permalink] [raw]
Subject: "Unloaded tainted modules:" prints repeated wrong value

I got obiously incorrect values of "pcc_cpufreq():1" on a clean kernel
and clean oops (see below). Original oops is different bug.

A

[17752.703567] BUG: kernel NULL pointer dereference, address: 0000000000000000
[17752.703580] #PF: supervisor read access in kernel mode
[17752.703583] #PF: error_code(0x0000) - not-present page
[17752.703587] PGD 0 P4D 0
[17752.703593] Oops: 0000 [#1] PREEMPT SMP PTI
[17752.703598] CPU: 0 PID: 60649 Comm: cat Tainted: G W 5.19.9-100.fc35.x86_64 #1
[17752.703603] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./X99 Extreme6/3.1, BIOS P3.30 08/05/2016
[17752.703607] RIP: 0010:show_smaps_rollup+0x159/0x2e0
[17752.703619] Code: 4c 39 e2 0f 87 12 01 00 00 48 8b 40 10 48 85 c0 0f 85 78 ff ff ff 48 8b 43 10 48 8b 00 4c 89 e2 6a 00 4c 8b 64 24 18 45 31 c9 <48> 8b 30 45 31 c0 31 c9 4c 89 e7 e8 87 f0 ff ff be 20 00 00 00 4c
[17752.703623] RSP: 0018:ffffa47c85273cb8 EFLAGS: 00010246
[17752.703628] RAX: 0000000000000000 RBX: ffff91e444615480 RCX: 0000000000000000
[17752.703631] RDX: 0000000000000000 RSI: 0000000000000100 RDI: 00000000ffffffff
[17752.703635] RBP: ffff91e444f97700 R08: 0000000000001000 R09: 0000000000000000
[17752.703638] R10: 0000000000020000 R11: 0000000000000000 R12: ffff91e44a18e3c0
[17752.703641] R13: 0000000000000000 R14: ffff91e444f97778 R15: ffffa47c85273cd8
[17752.703644] FS: 00007f20bc8ae740(0000) GS:ffff91f39d800000(0000) knlGS:0000000000000000
[17752.703648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[17752.703652] CR2: 0000000000000000 CR3: 0000000160bbe005 CR4: 00000000003726f0
[17752.703655] Call Trace:
[17752.703658] <TASK>
[17752.703664] ? mod_objcg_state+0xc6/0x300
[17752.703675] seq_read_iter+0x120/0x4b0
[17752.703680] ? folio_add_lru+0x8d/0x100
[17752.703689] seq_read+0xd8/0x100
[17752.703693] ? 0xffffffffa6000000
[17752.703698] vfs_read+0x97/0x190
[17752.703708] ksys_read+0x4f/0xd0
[17752.703713] do_syscall_64+0x5c/0x90
[17752.703724] ? exc_page_fault+0x71/0x170
[17752.703730] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[17752.703738] RIP: 0033:0x7f20bc73e762
[17752.703742] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 3a 10 08 00 e8 e5 e9 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24
[17752.703745] RSP: 002b:00007ffc7ff96c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[17752.703750] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f20bc73e762
[17752.703753] RDX: 0000000000020000 RSI: 00007f20bc88d000 RDI: 0000000000000003
[17752.703756] RBP: 00007f20bc88d000 R08: 00007f20bc88c010 R09: 0000000000000000
[17752.703759] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000
[17752.703762] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000
[17752.703768] </TASK>
[17752.703771] Modules linked in: snd_seq_dummy snd_hrtimer nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat ip6table_nat ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_mangle iptable_raw iptable_security rfkill ip_set nf_tables nfnetlink ip6table_filter ip6_tables iptable_filter qrtr nct6775 nct6775_core hwmon_vid sunrpc vfat fat intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass snd_hda_codec_realtek snd_hda_codec_generic snd_hda_codec_hdmi ledtrig_audio snd_hda_intel iTCO_wdt intel_pmc_bxt snd_intel_dspcfg iTCO_vendor_support snd_intel_sdw_acpi rapl snd_hda_codec intel_cstate intel_uncore snd_hda_core snd_hwdep intel_wmi_thunderbolt snd_seq snd_seq_device snd_pcm joydev mei_me snd_timer mei snd i2c_i801 soundcore lpc_ich i2c_smbus
[17752.703859] zram ip_tables nouveau video drm_ttm_helper ttm i2c_algo_bit drm_display_helper drm_kms_helper crct10dif_pclmul mxm_wmi crc32_pclmul drm crc32c_intel ghash_clmulni_intel nvme e1000e alx nvme_core cec mdio wmi uas usb_storage fuse ipmi_devintf ipmi_msghandler
[17752.703891] Unloaded tainted modules: pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1
[17752.703979] acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 fjes():1 acpi_cpufreq():1 fjes():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1
[17752.704063] acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1
[17752.704148] pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1
[17752.704235] acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1
[17752.704315] pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1
[17752.704390] acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 pcc_cpufreq():1 acpi_cpufreq():1 acpi_cpufreq():1 fjes():1 fjes():1
[17752.704464] CR2: 0000000000000000
[17752.704469] ---[ end trace 0000000000000000 ]---
[17752.704471] RIP: 0010:show_smaps_rollup+0x159/0x2e0
[17752.704480] Code: 4c 39 e2 0f 87 12 01 00 00 48 8b 40 10 48 85 c0 0f 85 78 ff ff ff 48 8b 43 10 48 8b 00 4c 89 e2 6a 00 4c 8b 64 24 18 45 31 c9 <48> 8b 30 45 31 c0 31 c9 4c 89 e7 e8 87 f0 ff ff be 20 00 00 00 4c
[17752.704483] RSP: 0018:ffffa47c85273cb8 EFLAGS: 00010246
[17752.704488] RAX: 0000000000000000 RBX: ffff91e444615480 RCX: 0000000000000000
[17752.704491] RDX: 0000000000000000 RSI: 0000000000000100 RDI: 00000000ffffffff
[17752.704494] RBP: ffff91e444f97700 R08: 0000000000001000 R09: 0000000000000000
[17752.704497] R10: 0000000000020000 R11: 0000000000000000 R12: ffff91e44a18e3c0
[17752.704500] R13: 0000000000000000 R14: ffff91e444f97778 R15: ffffa47c85273cd8
[17752.704503] FS: 00007f20bc8ae740(0000) GS:ffff91f39d800000(0000) knlGS:0000000000000000
[17752.704508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[17752.704511] CR2: 0000000000000000 CR3: 0000000160bbe005 CR4: 00000000003726f0


2022-10-06 16:57:48

by Aaron Tomlin

[permalink] [raw]
Subject: Re: "Unloaded tainted modules:" prints repeated wrong value

On Tue 2022-10-04 15:47 +0300, Alexey Dobriyan wrote:
> I got obiously incorrect values of "pcc_cpufreq():1" on a clean kernel
> and clean oops (see below). Original oops is different bug.

Hi Alexey,

[Added Luis Chamberlain and [email protected] on Cc]

Sorry about that!

Indeed, in the context of the module deletion code path, no module
record/or entry should be added to 'unloaded_tainted_modules' if
the module does not carry a taint. I will send a patch shortly.
The following solution should be sufficient:

diff --git a/kernel/module/tracking.c b/kernel/module/tracking.c
index 7f8133044d09..af52cabfe632 100644
--- a/kernel/module/tracking.c
+++ b/kernel/module/tracking.c
@@ -21,6 +21,9 @@ int try_add_tainted_module(struct module *mod)

module_assert_mutex_or_preempt();

+ if (!mod->taints)
+ goto out;
+
list_for_each_entry_rcu(mod_taint, &unloaded_tainted_modules, list,
lockdep_is_held(&module_mutex)) {
if (!strcmp(mod_taint->name, mod->name) &&



Kind regards,

--
Aaron Tomlin