From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.3 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB7FAC433DF for ; Fri, 22 May 2020 08:07:43 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7D8A820814 for ; Fri, 22 May 2020 08:07:43 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="LPgfEMZX" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7D8A820814 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender:Content-Type: Content-Transfer-Encoding:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:Date:Message-ID:From: References:To:Subject:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=eO4JsqtITqQqzBInUpTHXSIzAoUMHG3RpIbIVnDLqzM=; b=LPgfEMZXsk0Q52iLLQGs2VK3Y U369ZJoB3aSdjxQ0L9UvGkPm6NScgm58WNoZujKJ3IzWp6ncJ35FFDKaWqbtv6OWvEKrEcK+4Thoq JlXzSoRAnAMABEBfxsi4yC3H91Hg0rDfRstHGnJ3VqWVHf1/0dY9dA7a+ae4J1IDQsDq5ypMbloc+ 9xzSbiChMmUW0rfsoUdj1Vy22nbA80XadXVgZxBWGm3UPFvqUufXd5hKClLGUaL3aeK+3GW1XhhY9 zDmGRk9JY6hlb3I7ulZhVpEHDlWmb8eVyJ90WmrSS6HfiQXeK/NDGCz4lJyoL0r4bfEz9A9IILHUr JU8hwPYIg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jc2iU-0008TB-RL; Fri, 22 May 2020 08:07:42 +0000 Received: from szxga06-in.huawei.com ([45.249.212.32] helo=huawei.com) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jc2iR-0008RB-2R for linux-arm-kernel@lists.infradead.org; Fri, 22 May 2020 08:07:41 +0000 Received: from DGGEMS408-HUB.china.huawei.com (unknown [172.30.72.59]) by Forcepoint Email with ESMTP id 03A2323164A41ED81F03; Fri, 22 May 2020 16:07:20 +0800 (CST) Received: from [127.0.0.1] (10.166.213.93) by DGGEMS408-HUB.china.huawei.com (10.3.19.208) with Microsoft SMTP Server id 14.3.487.0; Fri, 22 May 2020 16:07:15 +0800 Subject: Re: arm64/acpi: NULL dereference reports from UBSAN at boot To: Will Deacon , References: <20200521100952.GA5360@willie-the-truck> From: Hanjun Guo Message-ID: Date: Fri, 22 May 2020 16:07:14 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: <20200521100952.GA5360@willie-the-truck> Content-Language: en-GB X-Originating-IP: [10.166.213.93] X-CFilter-Loop: Reflected X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200522_010739_276555_E7D591C6 X-CRM114-Status: GOOD ( 13.00 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: mark.rutland@arm.com, rjw@rjwysocki.net, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi Will, On 2020/5/21 18:09, Will Deacon wrote: > Hi folks, > > I just tried booting the arm64 for-kernelci branch under QEMU (version > 4.2.50 (v4.2.0-779-g4354edb6dcc7)) with UBSAN enabled, and I see a couple > of NULL pointer dereferences reported at boot. I think they're both GIC > related (log below). I don't see a panic with UBSAN disabled, so something's > fishy here. > > Please can you take a look when you get a chance? I haven't had time to see > if this is a regression or not, but I don't think it's particularly serious > as I have all sorts of horrible stuff enabled in my .config, since I'm > trying to chase down another bug: > > https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/plain/arch/arm64/configs/fuzzing.config?h=fuzzing/arm64-kernelci-20200519&id=c149cf6a51aa4f72d53fc681c6661094e93ef660 > > (on top of defconfig) > > CONFIG_FAIL_PAGE_ALLOC may be to blame. I enabled UBSAN and CONFIG_FAIL_PAGE_ALLOC on top of defconfig, testing against the for-kernelci branch on the D06 board, I can see some UBSAN warnings from megaraid_sas driver [0], but not from any other subsystem including ACPI, I will try all your configs above to see if I can get more warnings. Thanks Hanjun [0]: [ 18.244272] ================================================================================ [ 18.252673] UBSAN: array-index-out-of-bounds in drivers/scsi/megaraid/megaraid_sas_fp.c:104:32 [ 18.261244] index 1 is out of range for type 'MR_LD_SPAN_MAP [1]' [ 18.267313] CPU: 0 PID: 656 Comm: kworker/0:1 Not tainted 5.7.0-rc6-1-14703-gf4582661223d-dirty #20 [ 18.276314] Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 2280-V2 CS V3.B210.01 03/12/2020 [ 18.285151] Workqueue: events work_for_cpu_fn [ 18.289488] Call trace: [ 18.291925] dump_backtrace+0x0/0x248 [ 18.295572] show_stack+0x18/0x28 [ 18.298873] dump_stack+0xc0/0x10c [ 18.302261] ubsan_epilogue+0x10/0x58 [ 18.305905] __ubsan_handle_out_of_bounds+0x8c/0xa8 [ 18.310763] mr_update_load_balance_params+0x118/0x120 [ 18.315877] MR_ValidateMapInfo+0x300/0xb00 [ 18.320040] megasas_get_map_info+0x134/0x1f8 [ 18.324377] megasas_init_adapter_fusion+0xba8/0x10a0 [ 18.329403] megasas_probe_one+0x6e0/0x1b70 [ 18.333569] local_pci_probe+0x40/0xb0 [ 18.337299] work_for_cpu_fn+0x1c/0x30 [ 18.341031] process_one_work+0x1f8/0x378 [ 18.345022] worker_thread+0x21c/0x4c0 [ 18.348753] kthread+0x150/0x158 [ 18.351967] ret_from_fork+0x10/0x18 [ 18.355529] ================================================================================ [ 18.592274] ================================================================================ [ 18.600672] UBSAN: array-index-out-of-bounds in drivers/scsi/megaraid/megaraid_sas_fp.c:141:9 [ 18.609155] index 1 is out of range for type 'MR_LD_SPAN_MAP [1]' [ 18.615221] CPU: 0 PID: 656 Comm: kworker/0:1 Not tainted 5.7.0-rc6-1-14703-gf4582661223d-dirty #20 [ 18.624222] Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 2280-V2 CS V3.B210.01 03/12/2020 [ 18.633050] Workqueue: events work_for_cpu_fn [ 18.637387] Call trace: [ 18.639822] dump_backtrace+0x0/0x248 [ 18.643467] show_stack+0x18/0x28 [ 18.646767] dump_stack+0xc0/0x10c [ 18.650152] ubsan_epilogue+0x10/0x58 [ 18.653796] __ubsan_handle_out_of_bounds+0x8c/0xa8 [ 18.658652] MR_GetLDTgtId+0x58/0x60 [ 18.662211] megasas_sync_map_info+0xd0/0x1c0 [ 18.666547] megasas_init_adapter_fusion+0xd60/0x10a0 [ 18.671574] megasas_probe_one+0x6e0/0x1b70 [ 18.675736] local_pci_probe+0x40/0xb0 [ 18.679466] work_for_cpu_fn+0x1c/0x30 [ 18.683197] process_one_work+0x1f8/0x378 [ 18.687188] worker_thread+0x21c/0x4c0 [ 18.690920] kthread+0x150/0x158 [ 18.694123] ret_from_fork+0x10/0x18 [ 18.697683] ================================================================================ _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel