On Thu, Aug 27, 2020 at 11:08 AM Viresh Kumar <viresh.kumar@xxxxxxxxxx> wrote: > > +Rajendra > > On 27-08-20, 14:02, Naresh Kamboju wrote: > > arm64 dragonboard db410c boot failed while running linux next 20200827 kernel. > > > > metadata: > > git branch: master > > git repo: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git > > git commit: 88abac0b753dfdd85362a26d2da8277cb1e0842b > > git describe: next-20200827 > > make_kernelversion: 5.9.0-rc2 > > kernel-config: > > https://builds.tuxbuild.com/vThV35pOF_GMlWdiTs3Bdw/kernel.config > > > > Boot log, > > > > [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x410fd030] > > [ 0.000000] Linux version 5.9.0-rc2-next-20200827 > > (TuxBuild@12963d21faa5) (aarch64-linux-gnu-gcc (Debian 9.3.0-8) 9.3.0, > > GNU ld (GNU Binutils for Debian) 2.34) #1 SMP PREEMPT Thu Aug 27 > > 05:19:00 UTC 2020 > > [ 0.000000] Machine model: Qualcomm Technologies, Inc. APQ 8016 SBC > > [ 0.000000] efi: UEFI not found. > > [ 0.000000] [Firmware Bug]: Kernel image misaligned at boot, please > > fix your bootloader! > > <trmi> > > [ 3.451425] i2c_qup 78ba000.i2c: using default clock-frequency 100000 > > [ 3.451491] i2c_qup 78ba000.i2c: > > [ 3.451491] tx channel not available > > [ 3.493455] sdhci: Secure Digital Host Controller Interface driver > > [ 3.493508] sdhci: Copyright(c) Pierre Ossman > > [ 3.500902] Synopsys Designware Multimedia Card Interface Driver > > [ 3.507441] sdhci-pltfm: SDHCI platform and OF driver helper > > [ 3.514308] Unable to handle kernel paging request at virtual > > address dead000000000108 This is where the address comes from: #define POISON_POINTER_DELTA _AC(CONFIG_ILLEGAL_POINTER_VALUE, UL) #define LIST_POISON1 ((void *) 0x100 + POISON_POINTER_DELTA) static inline void hlist_del(struct hlist_node *n) { __hlist_del(n); n->next = LIST_POISON1; n->pprev = LIST_POISON2; } > > [ 3.514695] Mem abort info: > > [ 3.522421] ESR = 0x96000044 > > [ 3.525096] EC = 0x25: DABT (current EL), IL = 32 bits > > [ 3.528236] SET = 0, FnV = 0 > > [ 3.533703] EA = 0, S1PTW = 0 > > [ 3.536561] Data abort info: > > [ 3.539601] ISV = 0, ISS = 0x00000044 > > [ 3.542727] CM = 0, WnR = 1 > > [ 3.546287] [dead000000000108] address between user and kernel address ranges > > [ 3.549414] Internal error: Oops: 96000044 [#1] PREEMPT SMP > > [ 3.556520] Modules linked in: > > [ 3.561901] CPU: 0 PID: 1 Comm: swapper/0 Not tainted > > 5.9.0-rc2-next-20200827 #1 > > [ 3.565034] Hardware name: Qualcomm Technologies, Inc. APQ 8016 SBC (DT) > > [ 3.572584] pstate: 60000005 (nZCv daif -PAN -UAO BTYPE=--) > > [ 3.579271] pc : __clk_put+0x40/0x140 > > [ 3.584556] lr : __clk_put+0x2c/0x140 Fairly sure this is from the hlist_del(), meaning we try to remove the same list object a second time, after it was already removed. > > [ 3.588373] sp : ffff80001002bb00 > > [ 3.592016] x29: ffff80001002bb00 x28: 000000000000002e > > [ 3.595320] x27: ffff000009f7ba68 x26: ffff80001146d878 > > [ 3.600703] x25: ffff00003fcfd8f8 x24: ffff00003d0bc410 > > [ 3.605999] x23: ffff80001146d0e0 x22: ffff000009f7ba40 > > [ 3.611293] x21: ffff00003d0bc400 x20: ffff000009f7b580 > > [ 3.616588] x19: ffff00003bccc780 x18: 0000000007824000 > > [ 3.621883] x17: ffff000009f7ba00 x16: ffff000009f7b5d0 > > [ 3.627177] x15: ffff800011966cf8 x14: ffffffffffffffff > > [ 3.632472] x13: ffff800012917000 x12: ffff800012917000 > > [ 3.637769] x11: 0000000000000020 x10: 0101010101010101 > > [ 3.643063] x9 : ffff8000107a984c x8 : 7f7f7f7f7f7f7f7f > > [ 3.648358] x7 : ffff000009fd8000 x6 : ffff80001237a000 > > [ 3.653653] x5 : 0000000000000000 x4 : ffff000009fd8000 > > [ 3.658949] x3 : ffff8000124e6768 x2 : ffff000009fd8000 > > [ 3.664243] x1 : ffff00003bccca80 x0 : dead000000000100 > > [ 3.669539] Call trace: > > [ 3.674830] __clk_put+0x40/0x140 > > [ 3.677003] clk_put+0x18/0x28 > > [ 3.680477] dev_pm_opp_put_clkname+0x30/0x58 > > [ 3.683431] sdhci_msm_probe+0x284/0x9a0 dev_pm_opp_put_clkname() is part of the error handling in the probe function, so I would deduct there are two problems: - something failed during the probe and the driver is trying to unwind - the error handling it self is buggy and tries to undo something again that has already been undone. > > [ 3.687857] platform_drv_probe+0x5c/0xb0 > > [ 3.691847] really_probe+0xf0/0x4d8 > > [ 3.695753] driver_probe_device+0xfc/0x168 > > [ 3.699399] device_driver_attach+0x7c/0x88 > > [ 3.703306] __driver_attach+0xac/0x178 > > [ 3.707472] bus_for_each_dev+0x78/0xc8 > > [ 3.711291] driver_attach+0x2c/0x38 > > [ 3.715110] bus_add_driver+0x14c/0x230 > > [ 3.718929] driver_register+0x6c/0x128 > > [ 3.722489] __platform_driver_register+0x50/0x60 > > [ 3.726312] sdhci_msm_driver_init+0x24/0x30 > > [ 3.731173] do_one_initcall+0x4c/0x2c0 > > [ 3.735511] kernel_init_freeable+0x21c/0x284 > > [ 3.739072] kernel_init+0x1c/0x120 > > [ 3.743582] ret_from_fork+0x10/0x30 > > [ 3.746885] Code: 35000720 a9438660 f9000020 b4000040 (f9000401) > > [ 3.750720] ---[ end trace a8d4100497387a2e ]--- > > [ 3.756736] Kernel panic - not syncing: Attempted to kill init! > > exitcode=0x0000000b > > [ 3.761392] SMP: stopping secondary CPUs > > [ 3.768877] Kernel Offset: 0x80000 from 0xffff800010000000 > > [ 3.772924] PHYS_OFFSET: 0x80000000 > > [ 3.778216] CPU features: 0x0240002,24802005 > > [ 3.781602] Memory Limit: none > > > > full test log, > > https://qa-reports.linaro.org/lkft/linux-next-oe/build/next-20200827/testrun/3123101/suite/linux-log-parser/test/check-kernel-oops-1714695/log Naresh writes later: > The reported issue is started from linux next tag next-20200825. > BAD: next-20200825 > GOOD: next-20200824 This points to Viresh's d05a7238fe1c mmc: sdhci-msm: Unconditionally call dev_pm_opp_of_remove_table() Most likely this is not the entire problem but it uncovered a preexisting bug. Arnd
