[Re: v5.15.57 regression - boot panic after retbleed backports with CONFIG_KPROBES_SANITY_TEST=y] On 05/08/2022 (Fri 18:13) Thadeu Lima de Souza Cascardo wrote:
On Fri, Aug 05, 2022 at 04:04:38PM -0400, Paul Gortmaker wrote:
The panic comes from the sanity test code, but after trying to boil down the .config differences between the kitchen sink our test team uses, and a "defconfig", it seems there are at least a couple extra dependencies for creating a reproducer:
[...]
rcu: Hierarchical SRCU implementation. Kprobe smoke test: started BUG: unable to handle page fault for address: ffffffffc110f3e7 #PF: supervisor instruction fetch in kernel mode #PF: error_code(0x0010) - not-present page PGD b2c60f067 P4D b2c60f067 PUD b2c611067 PMD 0 Oops: 0010 [#1] SMP NOPTI CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.57 #33
[...]
Can you try the patch below?
[ 2.529263] rcu: Hierarchical SRCU implementation. [ 2.530393] Kprobe smoke test: started [ 2.555965] Kprobe smoke test: passed successfully [ 2.556454] smp: Bringing up secondary CPUs ...
As per above, the same spot in the kprobe test seems to manage to not panic anymore and the remainder of the boot looks clean and normal.
I tested directly on vanilla v5.15.57.
Thanks for the quick response! Paul. --
Thanks. Cascardo.
diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 74c2f88a43d0..6bb479ce1ae4 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -321,12 +321,12 @@ create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) unsigned long offset; unsigned long npages; unsigned long size;
- unsigned long retq; unsigned long *ptr; void *trampoline; void *ip; /* 48 8b 15 <offset> is movq <offset>(%rip), %rdx */ unsigned const char op_ref[] = { 0x48, 0x8b, 0x15 };
- unsigned const char retq[] = { RET_INSN_OPCODE, INT3_INSN_OPCODE }; union ftrace_op_code_union op_ptr; int ret;
@@ -364,15 +364,10 @@ create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) goto fail; ip = trampoline + size;
- /* The trampoline ends with ret(q) */
- retq = (unsigned long)ftrace_stub; if (cpu_feature_enabled(X86_FEATURE_RETHUNK)) memcpy(ip, text_gen_insn(JMP32_INSN_OPCODE, ip, &__x86_return_thunk), JMP32_INSN_SIZE); else
ret = copy_from_kernel_nofault(ip, (void *)retq, RET_SIZE);
- if (WARN_ON(ret < 0))
goto fail;
memcpy(ip, retq, sizeof(retq));
/* No need to test direct calls on created trampolines */ if (ops->flags & FTRACE_OPS_FL_SAVE_REGS) {