NULL pointer dereference in igen6_probe - 6.16-rc2

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Marek Marczykowski-Górecki" <marmarek@invisiblethingslab.com>
To: Tony Luck <tony.luck@intel.com>, Borislav Petkov <bp@alien8.de>,
	Qiuxu Zhuo <qiuxu.zhuo@intel.com>
Cc: "open list:EDAC-IGEN6" <linux-edac@vger.kernel.org>,
	open list <linux-kernel@vger.kernel.org>
Subject: NULL pointer dereference in igen6_probe - 6.16-rc2
Date: Tue, 17 Jun 2025 13:13:49 +0200	[thread overview]
Message-ID: <aFFN7RlXkaK_loQb@mail-itl> (raw)

[-- Attachment #1: Type: text/plain, Size: 6808 bytes --]

Hi,

Environment:
- Novacustom V540TU laptop with Intel Core 5 Ultra 125H
- Dasharo firmware (coreboot+EDK2)
- Linux running as Xen PV dom0

I hit the following crash on boot:

[   13.562085] intel_pmc_core INT33A1:00: Assuming a default substate order for this platform
[   13.562682] intel_pmc_core INT33A1:00:  initialized
[   13.565035] EDAC MC0: Giving out device to module igen6_edac controller Intel_client_SoC MC#0: DEV 0000:00:00.0 (INTERRUPT)
[   13.565746] EDAC igen6: Expected 2 mcs, but only 1 detected.
[   13.565859] BUG: unable to handle page fault for address: 000000000000d570
[   13.566623] #PF: supervisor read access in kernel mode
[   13.566956] #PF: error_code(0x0000) - not-present page
[   13.567276] PGD 0 P4D 0 
[   13.567460] Oops: Oops: 0000 [#1] SMP NOPTI
[   13.567742] CPU: 8 UID: 0 PID: 1090 Comm: (udev-worker) Not tainted 6.16.0-0.rc2.1.qubes.1.fc41.x86_64 #1 PREEMPT(full) 
[   13.568432] Hardware name: Notebook V54x_6x_TU/V54x_6x_TU, BIOS Dasharo (coreboot+UEFI) v0.9.0 07/17/2024
[   13.569049] RIP: e030:ecclog_handler+0x7e/0xf0 [igen6_edac]
[   13.569440] Code: 66 4d 63 ee 48 8b 15 21 c7 01 00 49 83 fd 03 73 6b 4d 69 ed 50 03 00 00 41 8b 47 1c 41 03 47 18 4c 01 ea 48 03 82 08 03 00 00 <48> 8b 30 4a 8d 04 26 48 39 c5 72 ba 48 8b 0d f7 c6 01 00 8b 41 1c
[   13.570602] RSP: e02b:ffffc900428979c8 EFLAGS: 00010202
[   13.570951] RAX: 000000000000d570 RBX: 0000000000000000 RCX: 00000000000000ca
[   13.571403] RDX: ffff888101dcab50 RSI: ffffffffffffffff RDI: ffffffff83484238
[   13.571895] RBP: bffffffffffffffe R08: 0000000000000002 R09: 00000000000000c0
[   13.572358] R10: 0000000000000000 R11: ffffffff81612e60 R12: c000000000000000
[   13.572820] R13: 0000000000000350 R14: 0000000000000001 R15: ffffffffc11b9c00
[   13.573302] FS:  0000706cbfc6fbc0(0000) GS:ffff8882133db000(0000) knlGS:0000000000000000
[   13.573812] CS:  e030 DS: 0000 ES: 0000 CR0: 0000000080050033
[   13.574199] CR2: 000000000000d570 CR3: 0000000104a0a000 CR4: 0000000000050660
[   13.574658] Call Trace:
[   13.574836]  <TASK>
[   13.574985]  igen6_probe+0x2a0/0x343 [igen6_edac]
[   13.575332]  local_pci_probe+0x42/0x90
[   13.575599]  pci_call_probe+0x5b/0x180
[   13.575863]  pci_device_probe+0x95/0x140
[   13.576133]  ? driver_sysfs_add+0x57/0xc0
[   13.576415]  really_probe+0xdb/0x340
[   13.576664]  ? pm_runtime_barrier+0x54/0x90
[   13.576940]  ? __pfx___driver_attach+0x10/0x10
[   13.577234]  __driver_probe_device+0x78/0x110
[   13.577569]  driver_probe_device+0x1f/0xa0
[   13.577833]  __driver_attach+0xba/0x1c0
[   13.578080]  bus_for_each_dev+0x8b/0xe0
[   13.578328]  bus_add_driver+0x142/0x220
[   13.578571]  driver_register+0x72/0xd0
[   13.578823]  igen6_init+0xc5/0xff0 [igen6_edac]
[   13.579122]  ? __pfx_igen6_init+0x10/0x10 [igen6_edac]
[   13.579479]  do_one_initcall+0x57/0x310
[   13.579503]  do_init_module+0x90/0x250
[   13.579969]  init_module_from_file+0x88/0xd0
[   13.579991]  idempotent_init_module+0x114/0x310
[   13.579997]  __x64_sys_finit_module+0x6d/0xd0
[   13.580773]  do_syscall_64+0x84/0x2c0
[   13.581011]  ? count_memcg_events+0x167/0x1d0
[   13.581314]  ? handle_mm_fault+0x220/0x340
[   13.581576]  ? do_user_addr_fault+0x2c3/0x7f0
[   13.581876]  ? clear_bhb_loop+0x50/0xa0
[   13.582125]  ? clear_bhb_loop+0x50/0xa0
[   13.582377]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   13.582724] RIP: 0033:0x706cc04ffd9d
[   13.582967] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 43 60 0f 00 f7 d8 64 89 01 48
[   13.584097] RSP: 002b:00007ffceaf1b958 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   13.584595] RAX: ffffffffffffffda RBX: 00005aaee2a15d20 RCX: 0000706cc04ffd9d
[   13.585029] RDX: 0000000000000000 RSI: 0000706cbeff93bd RDI: 000000000000002b
[   13.585458] RBP: 00007ffceaf1ba10 R08: 0000000000000001 R09: 00007ffceaf1b9c0
[   13.585885] R10: 0000000000000040 R11: 0000000000000246 R12: 0000706cbeff93bd
[   13.586316] R13: 0000000000020000 R14: 00005aaee2a85900 R15: 00005aaee2a84c30
[   13.586753]  </TASK>
[   13.586899] Modules linked in: processor_thermal_power_floor processor_thermal_mbox int340x_thermal_zone intel_pmc_core igen6_edac(+) fjes(-) pmt_telemetry pmt_class intel_pmc_ssram_telemetry intel_hid intel_scu_pltdrv sparse_keymap joydev fuse loop xenfs nfnetlink vsock_loopback vmw_vsock_virtio_transport_common vmw_vsock_vmci_transport vsock zram vmw_vmci lz4hc_compress lz4_compress dm_thin_pool dm_persistent_data dm_bio_prison dm_crypt xe drm_ttm_helper drm_suballoc_helper gpu_sched drm_gpuvm drm_exec drm_gpusvm i915 i2c_algo_bit sdhci_pci drm_buddy nvme sdhci_uhs2 ttm polyval_clmulni intel_pmc_mux nvme_core sdhci ghash_clmulni_intel drm_display_helper typec sha512_ssse3 cqhci nvme_keyring xhci_pci hid_multitouch sha1_ssse3 mmc_core xhci_hcd intel_vpu nvme_auth intel_vsec cec i2c_hid_acpi i2c_hid video thunderbolt wmi pinctrl_meteorlake serio_raw xen_acpi_processor xen_privcmd xen_pciback xen_blkback xen_gntalloc xen_gntdev xen_evtchn scsi_dh_rdac scsi_dh_emc scsi_dh_alua uinput
[   13.589346] Adding 3986428k swap on /dev/zram0.  Priority:100 extents:1 across:3986428k SSDsc
[   13.592314] CR2: 000000000000d570
[   13.592473] ---[ end trace 0000000000000000 ]---
[   13.593400] RIP: e030:ecclog_handler+0x7e/0xf0 [igen6_edac]
[   13.593831] Code: 66 4d 63 ee 48 8b 15 21 c7 01 00 49 83 fd 03 73 6b 4d 69 ed 50 03 00 00 41 8b 47 1c 41 03 47 18 4c 01 ea 48 03 82 08 03 00 00 <48> 8b 30 4a 8d 04 26 48 39 c5 72 ba 48 8b 0d f7 c6 01 00 8b 41 1c
[   13.595067] RSP: e02b:ffffc900428979c8 EFLAGS: 00010202
[   13.595077] RAX: 000000000000d570 RBX: 0000000000000000 RCX: 00000000000000ca
[   13.595078] RDX: ffff888101dcab50 RSI: ffffffffffffffff RDI: ffffffff83484238
[   13.595080] RBP: bffffffffffffffe R08: 0000000000000002 R09: 00000000000000c0
[   13.595083] R10: 0000000000000000 R11: ffffffff81612e60 R12: c000000000000000
[   13.595084] R13: 0000000000000350 R14: 0000000000000001 R15: ffffffffc11b9c00
[   13.595100] FS:  0000706cbfc6fbc0(0000) GS:ffff8882133db000(0000) knlGS:0000000000000000
[   13.598301] CS:  e030 DS: 0000 ES: 0000 CR0: 0000000080050033
[   13.598308] CR2: 000000000000d570 CR3: 0000000104a0a000 CR4: 0000000000050660
[   13.598319] Kernel panic - not syncing: Fatal exception
[   13.598384] Kernel Offset: disabled

Full console log: https://openqa.qubes-os.org/tests/143433/logfile?filename=serial0.txt

Other observations:
- Linux 6.15 works fine
- the same Linux 6.16-rc2 boots fine on several other systems, for
  example on Intel i5 14600K (also with Dasharo firmware)

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

next             reply	other threads:[~2025-06-17 11:13 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-06-17 11:13 Marek Marczykowski-Górecki [this message]
2025-06-17 11:57 ` NULL pointer dereference in igen6_probe - 6.16-rc2 Borislav Petkov
2025-06-17 14:09   ` Zhuo, Qiuxu
2025-06-17 14:51     ` Borislav Petkov
2025-06-17 16:16       ` Zhuo, Qiuxu
2025-06-17 18:20         ` Borislav Petkov
2025-06-18  3:18 ` [PATCH 1/1] EDAC/igen6: Fix NULL pointer dereference Qiuxu Zhuo
2025-06-18  3:26   ` Zhuo, Qiuxu
2025-06-18 13:23     ` marmarek
2025-06-18 13:39       ` Zhuo, Qiuxu
2025-06-18 15:06   ` Luck, Tony
2025-06-18 15:42     ` Zhuo, Qiuxu
2025-06-18 16:23     ` [PATCH v2 1/2] " Qiuxu Zhuo
2025-06-18 16:23       ` [PATCH v2 2/2] EDAC/igen6: Reduce log level to debug for absent memory controllers Qiuxu Zhuo
2025-06-18 17:46       ` [PATCH v2 1/2] EDAC/igen6: Fix NULL pointer dereference Luck, Tony

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aFFN7RlXkaK_loQb@mail-itl \
    --to=marmarek@invisiblethingslab.com \
    --cc=bp@alien8.de \
    --cc=linux-edac@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=qiuxu.zhuo@intel.com \
    --cc=tony.luck@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.