Re: [REGRESSION] Kernel booted via kexec fails to resume from hibernation

[Baoquan He <bhe@redhat.com>]

On 03/29/25 at 01:14am, Roberto Ricci wrote:
> On 2025-01-27 10:42 +0800, Dave Young wrote:
> > On Mon, 27 Jan 2025 at 10:39, Dave Young <dyoung@redhat.com> wrote:
> > > On 01/13/25 at 10:28pm, Roberto Ricci wrote:
> > > > After rebooting the system via kexec, hibernating and rebooting the machine, this oops occurs:
> > > >
> > > [snip]
> > > >
> > > > I will send the kernel config and dmesg in replies to this email.
> > > >
> > >
> > > I tried your config (removed some config driver related which is not useful), but it can not boot on my kvm guest.
> > > Firstly I saw a panic in ftrace path,  then I rebuilt the kernel without ftrace, it panicked again but in kvm related code path.
> > > Both are not related to kexec at all so I suspect your bug is not kexec specific.
> > >
> > > [snip]
> > >
> > > You can find the kernel config here (with the ftrace enabled):
> > > https://people.redhat.com/~ruyang/snakeyear/panic-ftrace.config
> > 
> > BTW, if I disable KASAN then kernel can boot, anyway kexec +
> > hibernation works fine with a few tests, no panics.
> > 
> > >
> > > Thanks
> > > Dave
> 
> Hi,
> 
> sorry for the late reply. I tried your modified config, but I'm getting
> the same oops I originally reported. No idea why the oops is not
> happening for you.

Not that oops is not happening in my side, I can't boot kernel built
with you provided config on Fedora OS. 

> 
> Anyway, I performed yet another bisection, this time with just plain
> defconfig plus CONFIG_KEXEC_FILE=y, and I got different results.
> 
> Updated steps to reproduce:
> 1. Boot kernel >= v6.8 in a virtual machine created with this command:
>    `qemu-system-x86_64 -enable-kvm -smp 1 -m 4.0G -hda disk.qcow2`
> 2. Load the same kernel with:
>    `kexec --kexec-file-syscall -l /boot/vmlinuz-6.14.0 --initrd /boot/initramfs-6.14.0.img --reuse-cmdline`
> 3. Reboot (or call `kexec -e` directly)
> 4. Hibernate and reboot: `printf reboot >/sys/power/disk && printf disk >/sys/power/state`
> 5. Upon resuming, three things could happen, depending on luck:

OK, this is a little complicated. wondering why you need to do the
hibernation and reboot. Just for curiosity.

> 5a. A kernel oops:
> ```
> [   42.574201] BUG: kernel NULL pointer dereference, address: 0000000000000000
...snip... 
> I will send config and dmesg in replies to this email.
> 
> The bisection pointed to
> b3ba234171cd kexec_file: load kernel at top of system RAM if required
> 
> #regzbot introduced: b3ba234171cd0d58df0a13c262210ff8b5fd2830
> 
> Now that I think about it, this was the commit I found when I did the
> very first bisection after I found the bug. But I could not get the same
> result with subsequent bisections, so I didn't mention it in my original
> report.
> 
> When reverting b3ba234171cd on top of v6.14, merge conflicts must be
> solved, I hope I did it right:

I doubt how this caused the failure. I have several questions, could you
help answer:

1) Can this problem be stably reproduced with kexec_file_load?

2) if answer to 1) is yes, can reverting b3ba234171cd fix it stably?

3) If answer to 1) and 2) is yes, does kexec_load works for you? Asking
this because kexec_load interface defaults to put kexec kernel on top of
system RAM which is equivalent to applying commit b3ba234171cd.

4) Can you add '-d' to 'kexec -l' to print more debugging message?

5) Can normal kexec trigger the failure? I mean operating kexec w/o
the hibernation/resumption. 

> 
> ```
> diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
> index 3eedb8c226ad..3014be212afd 100644
> --- a/kernel/kexec_file.c
> +++ b/kernel/kexec_file.c
> @@ -614,10 +614,7 @@ static int kexec_walk_resources(struct kexec_buf *kbuf,
>                                            crashk_res.start, crashk_res.end,
>                                            kbuf, func);
>  #endif
> -       if (kbuf->top_down)
> -               return walk_system_ram_res_rev(0, ULONG_MAX, kbuf, func);
> -       else
> -               return walk_system_ram_res(0, ULONG_MAX, kbuf, func);
> +       return walk_system_ram_res(0, ULONG_MAX, kbuf, func);
>  }
> 
>  /**
> ```
> 
> Applying this diff solves the problem for v6.14.
>