Re: Kernel BUG with loongarch and CONFIG_KFENCE and CONFIG_DEBUG_SG

All the mail mirrored from lore.kernel.org
 help / color / mirror / Atom feed

From: Guenter Roeck <linux@roeck-us.net>
To: Xi Ruoyao <xry111@xry111.site>
Cc: loongarch@lists.linux.dev, Huacai Chen <chenhuacai@kernel.org>,
	WANG Xuerui <kernel@xen0n.name>,
	Alexander Potapenko <glider@google.com>,
	Marco Elver <elver@google.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	kasan-dev@googlegroups.com
Subject: Re: Kernel BUG with loongarch and CONFIG_KFENCE and CONFIG_DEBUG_SG
Date: Wed, 27 Mar 2024 16:38:58 -0700	[thread overview]
Message-ID: <19c0ec82-59ce-4f46-9a38-cdca059e8867@roeck-us.net> (raw)
In-Reply-To: <4d2373e3f0694fd02137a72181d054ee2ebcca45.camel@xry111.site>

On Thu, Mar 28, 2024 at 03:33:03AM +0800, Xi Ruoyao wrote:
> On Wed, 2024-03-27 at 12:11 -0700, Guenter Roeck wrote:
> > Hi,
> > 
> > when enabling both CONFIG_KFENCE and CONFIG_DEBUG_SG, I get the following
> > backtraces when running loongarch images in qemu.
> > 
> > [    2.496257] kernel BUG at include/linux/scatterlist.h:187!
> > ...
> > [    2.501925] Call Trace:
> > [    2.501950] [<9000000004ad59c4>] sg_init_one+0xac/0xc0
> > [    2.502204] [<9000000004a438f8>] do_test_kpp+0x278/0x6e4
> > [    2.502353] [<9000000004a43dd4>] alg_test_kpp+0x70/0xf4
> > [    2.502494] [<9000000004a41b48>] alg_test+0x128/0x690
> > [    2.502631] [<9000000004a3d898>] cryptomgr_test+0x20/0x40
> > [    2.502775] [<90000000041b4508>] kthread+0x138/0x158
> > [    2.502912] [<9000000004161c48>] ret_from_kernel_thread+0xc/0xa4
> > 
> > The backtrace is always similar but not exactly the same. It is always
> > triggered from cryptomgr_test, but not always from the same test.
> > 
> > Analysis shows that with CONFIG_KFENCE active, the address returned from
> > kmalloc() and friends is not always below vm_map_base. It is allocated by
> > kfence_alloc() which at least sometimes seems to get its memory from an
> > address space above vm_map_base. This causes virt_addr_valid() to return
> > false for the affected objects.
> 
> Oops, Xuerui has been haunted by some "random" kernel crashes only
> occurring with CONFIG_KFENCE=y for months but we weren't able to triage
> the issue:
> 
> https://github.com/loongson-community/discussions/issues/34
> 
> Maybe the same issue or not.
> 

Good question. I suspect it might at least be related.

Maybe people can try the patch below. It seems to fix the probem for me.
It might well be, though, that there are other instances in the code
where the same or a similar check is needed.

Thanks,
Guenter

---
diff --git a/arch/loongarch/mm/mmap.c b/arch/loongarch/mm/mmap.c
index a9630a81b38a..89af7c12e8c0 100644
--- a/arch/loongarch/mm/mmap.c
+++ b/arch/loongarch/mm/mmap.c
@@ -4,6 +4,7 @@
  */
 #include <linux/export.h>
 #include <linux/io.h>
+#include <linux/kfence.h>
 #include <linux/memblock.h>
 #include <linux/mm.h>
 #include <linux/mman.h>
@@ -111,6 +112,9 @@ int __virt_addr_valid(volatile void *kaddr)
 {
 	unsigned long vaddr = (unsigned long)kaddr;
 
+	if (is_kfence_address((void *)kaddr))
+		return 1;
+
 	if ((vaddr < PAGE_OFFSET) || (vaddr >= vm_map_base))
 		return 0;

next prev parent reply	other threads:[~2024-03-27 23:39 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-27 19:11 Kernel BUG with loongarch and CONFIG_KFENCE and CONFIG_DEBUG_SG Guenter Roeck
2024-03-27 19:33 ` Xi Ruoyao
2024-03-27 23:38   ` Guenter Roeck [this message]
2024-03-29  2:17     ` Huacai Chen
2024-03-29 16:32       ` Guenter Roeck

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:a9630a81b38 dfblob:89af7c12e8c
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=19c0ec82-59ce-4f46-9a38-cdca059e8867@roeck-us.net \
    --to=linux@roeck-us.net \
    --cc=chenhuacai@kernel.org \
    --cc=dvyukov@google.com \
    --cc=elver@google.com \
    --cc=glider@google.com \
    --cc=kasan-dev@googlegroups.com \
    --cc=kernel@xen0n.name \
    --cc=loongarch@lists.linux.dev \
    --cc=xry111@xry111.site \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.