Linux-ARM-Kernel Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Hanjun Guo <guohanjun@huawei.com>
To: Will Deacon <will@kernel.org>, <lorenzo.pieralisi@arm.com>
Cc: mark.rutland@arm.com, rjw@rjwysocki.net,
	linux-kernel@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org
Subject: Re: arm64/acpi: NULL dereference reports from UBSAN at boot
Date: Fri, 22 May 2020 16:07:14 +0800	[thread overview]
Message-ID: <ad521a36-c080-f761-e91b-dc38b8af08ee@huawei.com> (raw)
In-Reply-To: <20200521100952.GA5360@willie-the-truck>

Hi Will,

On 2020/5/21 18:09, Will Deacon wrote:
> Hi folks,
> 
> I just tried booting the arm64 for-kernelci branch under QEMU (version
> 4.2.50 (v4.2.0-779-g4354edb6dcc7)) with UBSAN enabled, and I see a couple
> of NULL pointer dereferences reported at boot. I think they're both GIC
> related (log below). I don't see a panic with UBSAN disabled, so something's
> fishy here.
> 
> Please can you take a look when you get a chance? I haven't had time to see
> if this is a regression or not, but I don't think it's particularly serious
> as I have all sorts of horrible stuff enabled in my .config, since I'm
> trying to chase down another bug:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/plain/arch/arm64/configs/fuzzing.config?h=fuzzing/arm64-kernelci-20200519&id=c149cf6a51aa4f72d53fc681c6661094e93ef660
> 
> (on top of defconfig)
> 
> CONFIG_FAIL_PAGE_ALLOC may be to blame.

I enabled UBSAN and CONFIG_FAIL_PAGE_ALLOC on top of defconfig,
testing against the for-kernelci branch on the D06 board, I
can see some UBSAN warnings from megaraid_sas driver [0], but not
from any other subsystem including ACPI, I will try all your
configs above to see if I can get more warnings.

Thanks
Hanjun

[0]:
[   18.244272] 
================================================================================
[   18.252673] UBSAN: array-index-out-of-bounds in 
drivers/scsi/megaraid/megaraid_sas_fp.c:104:32
[   18.261244] index 1 is out of range for type 'MR_LD_SPAN_MAP [1]'
[   18.267313] CPU: 0 PID: 656 Comm: kworker/0:1 Not tainted 
5.7.0-rc6-1-14703-gf4582661223d-dirty #20
[   18.276314] Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 
2280-V2 CS V3.B210.01 03/12/2020
[   18.285151] Workqueue: events work_for_cpu_fn
[   18.289488] Call trace:
[   18.291925]  dump_backtrace+0x0/0x248
[   18.295572]  show_stack+0x18/0x28
[   18.298873]  dump_stack+0xc0/0x10c
[   18.302261]  ubsan_epilogue+0x10/0x58
[   18.305905]  __ubsan_handle_out_of_bounds+0x8c/0xa8
[   18.310763]  mr_update_load_balance_params+0x118/0x120
[   18.315877]  MR_ValidateMapInfo+0x300/0xb00
[   18.320040]  megasas_get_map_info+0x134/0x1f8
[   18.324377]  megasas_init_adapter_fusion+0xba8/0x10a0
[   18.329403]  megasas_probe_one+0x6e0/0x1b70
[   18.333569]  local_pci_probe+0x40/0xb0
[   18.337299]  work_for_cpu_fn+0x1c/0x30
[   18.341031]  process_one_work+0x1f8/0x378
[   18.345022]  worker_thread+0x21c/0x4c0
[   18.348753]  kthread+0x150/0x158
[   18.351967]  ret_from_fork+0x10/0x18
[   18.355529] 
================================================================================

[   18.592274] 
================================================================================
[   18.600672] UBSAN: array-index-out-of-bounds in 
drivers/scsi/megaraid/megaraid_sas_fp.c:141:9
[   18.609155] index 1 is out of range for type 'MR_LD_SPAN_MAP [1]'
[   18.615221] CPU: 0 PID: 656 Comm: kworker/0:1 Not tainted 
5.7.0-rc6-1-14703-gf4582661223d-dirty #20
[   18.624222] Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 
2280-V2 CS V3.B210.01 03/12/2020
[   18.633050] Workqueue: events work_for_cpu_fn
[   18.637387] Call trace:
[   18.639822]  dump_backtrace+0x0/0x248
[   18.643467]  show_stack+0x18/0x28
[   18.646767]  dump_stack+0xc0/0x10c
[   18.650152]  ubsan_epilogue+0x10/0x58
[   18.653796]  __ubsan_handle_out_of_bounds+0x8c/0xa8
[   18.658652]  MR_GetLDTgtId+0x58/0x60
[   18.662211]  megasas_sync_map_info+0xd0/0x1c0
[   18.666547]  megasas_init_adapter_fusion+0xd60/0x10a0
[   18.671574]  megasas_probe_one+0x6e0/0x1b70
[   18.675736]  local_pci_probe+0x40/0xb0
[   18.679466]  work_for_cpu_fn+0x1c/0x30
[   18.683197]  process_one_work+0x1f8/0x378
[   18.687188]  worker_thread+0x21c/0x4c0
[   18.690920]  kthread+0x150/0x158
[   18.694123]  ret_from_fork+0x10/0x18
[   18.697683] 
================================================================================


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  parent reply	other threads:[~2020-05-22  8:07 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-21 10:09 arm64/acpi: NULL dereference reports from UBSAN at boot Will Deacon
2020-05-21 17:37 ` Lorenzo Pieralisi
2020-05-26 20:21   ` Will Deacon
2020-05-27 13:41     ` Lorenzo Pieralisi
2020-06-01  7:05       ` Will Deacon
2020-06-01 21:51         ` Nick Desaulniers
2020-06-01 21:57           ` Ard Biesheuvel
2020-06-01 22:19             ` Nick Desaulniers
2020-06-01 22:28               ` Ard Biesheuvel
2020-06-01 23:18                 ` [PATCH] ACPICA: fix UBSAN warning using __builtin_offsetof Nick Desaulniers
2020-06-01 23:37                   ` Peter Collingbourne
2020-06-01 23:48                     ` Nick Desaulniers
2020-06-02  0:02                   ` Kaneda, Erik
2020-06-02 18:46                     ` Nick Desaulniers
2020-06-08 14:51                       ` Will Deacon
2020-06-08 20:29                         ` Nick Desaulniers
2020-06-08 20:38                           ` [PATCH v2] arm64: acpi: fix UBSAN warning Nick Desaulniers
2020-06-09 17:46                             ` Lorenzo Pieralisi
2020-06-09 19:50                             ` Jeremy Linton
2020-06-10 11:21                             ` Will Deacon
2020-06-08 23:20                       ` [PATCH] ACPICA: fix UBSAN warning using __builtin_offsetof Kaneda, Erik
2020-06-10 23:06                   ` Kaneda, Erik
2020-06-10 23:29                     ` Nick Desaulniers
2020-06-10 23:46                       ` Jung-uk Kim
2020-06-11 16:45                         ` [Devel] " Kaneda, Erik
2020-06-11 17:06                           ` Nick Desaulniers
2020-06-16 21:39                             ` Kaneda, Erik
2020-06-10 23:31                     ` Jung-uk Kim
2020-05-22  8:07 ` Hanjun Guo [this message]
2020-05-22  9:43   ` arm64/acpi: NULL dereference reports from UBSAN at boot Hanjun Guo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ad521a36-c080-f761-e91b-dc38b8af08ee@huawei.com \
    --to=guohanjun@huawei.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lorenzo.pieralisi@arm.com \
    --cc=mark.rutland@arm.com \
    --cc=rjw@rjwysocki.net \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox