From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 802F3C3ABBC for ; Tue, 6 May 2025 15:14:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EA48D6B000A; Tue, 6 May 2025 11:14:00 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E2CD66B0082; Tue, 6 May 2025 11:14:00 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CA8C26B0088; Tue, 6 May 2025 11:14:00 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id A59246B000A for ; Tue, 6 May 2025 11:14:00 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 8A4051A03A1 for ; Tue, 6 May 2025 15:14:02 +0000 (UTC) X-FDA: 83412828324.26.4F2A71A Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) by imf29.hostedemail.com (Postfix) with ESMTP id 7058412000C for ; Tue, 6 May 2025 15:13:59 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=PnoL+dEk; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=dsoAksmF; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=PnoL+dEk; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=dsoAksmF; spf=pass (imf29.hostedemail.com: domain of vbabka@suse.cz designates 195.135.223.131 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1746544440; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=jd6xXTmqLw4/z46X71OaL8w3NdaQT1DvHvsLk/MyuWc=; b=qBDok5NE8az561r2y+uvjHGsyNhqSslRsvgAUHRe/Pij4XayZP5cM8GtH2B7xkB43+1p6B eQZ2l5XqnVR1vtFVl0g3cqTroSgCAWeU5JKMg2Nmtr4BKDvhfGIuicfCqpfs2WAJJoQtYA Q4F6mVfTENeZU4Ae8gDW8/bJYIlzXB4= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=PnoL+dEk; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=dsoAksmF; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=PnoL+dEk; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=dsoAksmF; spf=pass (imf29.hostedemail.com: domain of vbabka@suse.cz designates 195.135.223.131 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1746544440; a=rsa-sha256; cv=none; b=QxJXGCyWc5t4JXy3nPwjqbVMRNFK0oc2ILBB3wDa6kOMJm0RU54ftfE+A05qm7+NznJLm2 V8RNoqSnMSo5cyvoGU1sVzQ9ePOSI6yWg1ZF3wdIawft5tmqMK+z8PwSk8wHzkkGr4Mgp8 kOVQfKwRhNE96KI0TQhlABsa38HXmQk= Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id BF3011F390; Tue, 6 May 2025 15:13:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1746544434; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jd6xXTmqLw4/z46X71OaL8w3NdaQT1DvHvsLk/MyuWc=; b=PnoL+dEk96Fi2Ztk5oC8VYqaiFz5Up/98FxJiUHMbIqzOxKktl7vkLG5EJWzQl9Fgl7tC2 I8S5h83mFl51HnXGr/itp+eVwFTDAZyweOOKlrEVn2J2aQIeH+4kJ5F9Eul0A5ILVCaPrM DMieilDU77zxANgP6SnnebA/Xtzv0V4= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1746544434; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jd6xXTmqLw4/z46X71OaL8w3NdaQT1DvHvsLk/MyuWc=; b=dsoAksmFVWU1/S6Y6chYRuhDWPMqLRhcK9q8C37nic5LP+wkQ7LyT7oQcZ5BEKquIVhQyV DQxlmQ31i3R+8+DA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1746544434; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jd6xXTmqLw4/z46X71OaL8w3NdaQT1DvHvsLk/MyuWc=; b=PnoL+dEk96Fi2Ztk5oC8VYqaiFz5Up/98FxJiUHMbIqzOxKktl7vkLG5EJWzQl9Fgl7tC2 I8S5h83mFl51HnXGr/itp+eVwFTDAZyweOOKlrEVn2J2aQIeH+4kJ5F9Eul0A5ILVCaPrM DMieilDU77zxANgP6SnnebA/Xtzv0V4= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1746544434; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jd6xXTmqLw4/z46X71OaL8w3NdaQT1DvHvsLk/MyuWc=; b=dsoAksmFVWU1/S6Y6chYRuhDWPMqLRhcK9q8C37nic5LP+wkQ7LyT7oQcZ5BEKquIVhQyV DQxlmQ31i3R+8+DA== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 9893D137CF; Tue, 6 May 2025 15:13:54 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id HJHeJDInGmh9XgAAD6G6ig (envelope-from ); Tue, 06 May 2025 15:13:54 +0000 Message-ID: <62cf4450-c765-4641-b042-66cca71d5912@suse.cz> Date: Tue, 6 May 2025 17:13:54 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] mm: Fix up memory allocation tracing Content-Language: en-US To: Guenter Roeck , Christoph Lameter Cc: David Rientjes , Andrew Morton , Roman Gushchin , Harry Yoo , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Liviu Dudau , Sudeep Holla , Lorenzo Pieralisi , Linus Walleij , Russell King , "linux-arm-kernel@lists.infradead.org" References: <20250506144531.3434190-1-linux@roeck-us.net> From: Vlastimil Babka In-Reply-To: <20250506144531.3434190-1-linux@roeck-us.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Action: no action X-Stat-Signature: awiqb61srbhj5w4is14wk4y1mfxofxuc X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 7058412000C X-Rspam-User: X-HE-Tag: 1746544438-442549 X-HE-Meta: U2FsdGVkX18A5KjjXlj0bqnpaF7+EPkWc7MLfqfu53cL786LWYEuetZK5bUhcv1SCCCT26azOwNqtpTAqK6Pd321UjjEKYLRLCGtUiWSVDRpQZNd7LkpVRfUQwex5EM1JGGXnIniqXJOAtr1p6lyZir388KZ2a09HSoog+AA+ySJoEnIad50XVkVJSmLMROUqnz4e93IW7jjJlCffNpNqR7qmKCzWOONKL6W6xoWHZZN6xeAN1hiowU8u3u+eS8EOSlb7QBnG6ylr7IwI2SKAqqr3Cg048o5lLIhoOBzkStxnGu5RZPQJtcpPHG2trX+fRzYUlcKBiy1CghXSR+rOLfIscRkKwJViZXT6feT7qh4uiErLL67XRjbhXv15e+yed11CO4jSU/gjGXKohgCYMIVTqGUaVr8vODmWMXo+VI0ej0IaeTSiuTvrZDRziI+lKMSfy6Cpo8LTe4W3T3x3Ta9seikBBT9Y8OAUhH2EqYL6FP0pr1ZCpY1vOi17mWvO2DdDLJr3ukhqda45x9Px/sH5n3fiMEbBuN8ATZLlgpf/1D9jzEX4Qyj6WzWWsIvOzFtKRfirGi0fHwsj4s97hb8TzXb6b9WzvkPpmqQ8F5p9Qb+rKlLq+Q8C7cDlJdX23kr6zPQzuNhOYjhx+XTHbv2V1TFpzQsZo1FzirGKKsJAe6tnaZdzNEWd7F4Cy6cbRu6r/B1sV4YOm3B8t94RAEYmd0yARSAKGiSHu4TMHWSSI+lz7Rwk2AV3cOWhK5JNrYGXYWxkZZudkFS9VuMDZZnT1MTvubZ+hBknRqZXwWrx4oRHqgdjTolitvLYdgivg54MpBjMwWRfE3T7DcdLOsNTL+DpVkW3lw8UMJj7KQygZrl097UIexdJ3912lSJfpkP1pLGTPbwrpveWJq8dGYVtsM0HUwtH1DQLU0JvHk+TmmF6NwXF6wHPMpuaKb6PpjSoXwDMfpxiSUUMzA l+1n44Iy TAUgMqgKhoKYX8CtbtlZ21RrdB2dDm4bFpBU+VaO0a2SwX4ok+PX0E0oG2Km8QRmd1QBBq36GjPFSBvSMyxCkdDoYZ75Ee+ovQ8LDJCGaGP+pQAH7nABjBSQMKAIPNhQlQ5sujnVMbi7EK5ujqUbftvggjeG1kNsnwrUfUZbFifsNmdeiE89VKvjEdtIcGfVL5X+iClVxnbf9qzY5yXIYAydb8X0NIzp/kI0ivZr2xFtc08UCss+ltanL+EdqBiQuh1MKZd09ccOKvTn8nIavlgrxXmm6KIP14S6oNnHvt0fgsbVZnVO4U4Uu0B12w3IfZUr8/Cjq4wKhNNP7PHYRab7AVVQulIOTwKmiSCAgIy5JB48bcRaPJMrCR27fCRQIb7eBiCVHIxacmV4= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 5/6/25 16:45, Guenter Roeck wrote: > intcp_init_early() calls syscon_regmap_lookup_by_compatible() which in > turn calls of_syscon_register(). This function allocates memory. CCing people for intcp_init_early() > intcp_init_early() is called well before kmalloc caches are initialized. > As consequence, kmalloc_caches[] entries are NULL, and NULL is passed as > kmem_cache argument to __kmalloc_cache_noprof(). While slab_alloc_node() > handles this just fine, the trace code unconditionally dereferences it. > This results in crashes such as OK, so we have crashes that are not deterministic. But also intcp_init_early() deterministically fails, right? This means it's called before mm_core_init(), and given the "_early" part of the name that's probably expected (i.e. I don't think it's due to some random initcall ordering) but maybe then it's wrong to rely on kmalloc() in DT's init_early hook? > Unable to handle kernel NULL pointer dereference at virtual address 0000000c when read > [0000000c] *pgd=00000000 > Internal error: Oops: 5 [#1] ARM > Modules linked in: > CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 6.15.0-rc5-00026-g5fcc9bf84ee5 #1 PREEMPT > Hardware name: ARM Integrator/CP (Device Tree) > PC is at __kmalloc_cache_noprof+0xec/0x39c > LR is at __kmalloc_cache_noprof+0x34/0x39c > ... > Call trace: > __kmalloc_cache_noprof from of_syscon_register+0x7c/0x310 > of_syscon_register from device_node_get_regmap+0xa4/0xb0 > device_node_get_regmap from intcp_init_early+0xc/0x40 > intcp_init_early from start_kernel+0x60/0x688 > start_kernel from 0x0 > > The problem is not seen with all versions of gcc. Some versions such as > gcc 9.x apparently do not dereference the pointer, presumably if tracing > is disabled. The problem has been reproduced with gcc 10.x, 11.x, and 13.x. > > Fix the problem by only dereferencing the kmem_cache pointer if it is > not NULL, and pass a dummy parameter otherwise. Only add the check to > __kmalloc_cache_noprof() since it is the only function known to be > affected. > > The problem affects all supported branches of Linux. The crashing function > depends on the kernel version, and some versions are only affected if > CONFIG_TRACING is enabled. > > Signed-off-by: Guenter Roeck Let's see if making slab silently handle those unexpectedly early calls as NULL is the right way or we should warn in a debug config or something. > --- > I only changed a single call of trace_kmalloc() because it is the only one > known to be affected. I'll be happy to change the remaining callers if that > is preferred. > > I have seen this problem for a long time. I always thought it is a compiler > problem because it is not seen with gcc 9.x. However, it turns out that the > problem is real. > > mm/slub.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/slub.c b/mm/slub.c > index be8b09e09d30..627aa8d2b9fd 100644 > --- a/mm/slub.c > +++ b/mm/slub.c > @@ -4353,7 +4353,7 @@ void *__kmalloc_cache_noprof(struct kmem_cache *s, gfp_t gfpflags, size_t size) > void *ret = slab_alloc_node(s, NULL, gfpflags, NUMA_NO_NODE, > _RET_IP_, size); > > - trace_kmalloc(_RET_IP_, ret, size, s->size, gfpflags, NUMA_NO_NODE); > + trace_kmalloc(_RET_IP_, ret, size, s ? s->size : -1, gfpflags, NUMA_NO_NODE); > > ret = kasan_kmalloc(s, ret, size, gfpflags); > return ret;