From: kernel test robot <oliver.sang@intel.com>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>,
<linux-kernel@vger.kernel.org>, <oliver.sang@intel.com>
Subject: [ardb:x86-startup-confine-v4] [x86/cpu] 287f9245fe: BUG:unable_to_handle_page_fault_for_address
Date: Wed, 21 May 2025 16:42:46 +0800 [thread overview]
Message-ID: <202505211627.1f9b653f-lkp@intel.com> (raw)
Hello,
kernel test robot noticed "BUG:unable_to_handle_page_fault_for_address" on:
commit: 287f9245fe1003a1cdb1462ad7a7da1f33622d91 ("x86/cpu: Move CPU capability override arrays from BSS to __ro_after_init")
https://git.kernel.org/cgit/linux/kernel/git/ardb/linux.git x86-startup-confine-v4
in testcase: rcutorture
version:
with following parameters:
runtime: 300s
test: cpuhotplug
torture_type: tasks-rude
config: x86_64-randconfig-001-20250518
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+---------------------------------------------+------------+------------+
| | d38f99f00e | 287f9245fe |
+---------------------------------------------+------------+------------+
| boot_successes | 6 | 0 |
| boot_failures | 0 | 6 |
| BUG:unable_to_handle_page_fault_for_address | 0 | 6 |
| Oops | 0 | 6 |
| RIP:clear_feature | 0 | 6 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 6 |
+---------------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202505211627.1f9b653f-lkp@intel.com
[ 86.680641][ T0] BUG: unable to handle page fault for address: ffffffff8393e998
[ 86.682137][ T0] #PF: supervisor write access in kernel mode
[ 86.683176][ T0] #PF: error_code(0x0003) - permissions violation
[ 86.684292][ T0] PGD 3af1067 P4D 3af1067 PUD 3af2063 PMD 15eb4b163 PTE 800000000393e021
[ 86.685847][ T0] Oops: Oops: 0003 [#1] SMP KASAN PTI
[ 86.686846][ T0] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-rc6-00373-g287f9245fe10 #1 PREEMPTLAZY
[ 86.688595][ T0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 86.690483][ T0] RIP: 0010:clear_feature (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/include/asm/bitops.h:60 kbuild/obj/consumer/x86_64-randconfig-001-20250518/include/asm-generic/bitops/instrumented-atomic.h:29 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/cpuid-deps.c:104 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/cpuid-deps.c:95)
[ 86.691951][ T0] Code: 48 c1 fb 06 48 c1 e3 03 48 85 ff 75 28 48 c7 c7 60 17 b0 84 e8 3a 00 00 00 48 8d bb 98 e9 93 83 be 08 00 00 00 e8 1f 7e 5d 00 <f0> 4c 0f ab 25 d7 9d 6a 02 eb 19 48 8d 6f 30 be 08 00 00 00 48 8d
All code
========
0: 48 c1 fb 06 sar $0x6,%rbx
4: 48 c1 e3 03 shl $0x3,%rbx
8: 48 85 ff test %rdi,%rdi
b: 75 28 jne 0x35
d: 48 c7 c7 60 17 b0 84 mov $0xffffffff84b01760,%rdi
14: e8 3a 00 00 00 call 0x53
19: 48 8d bb 98 e9 93 83 lea -0x7c6c1668(%rbx),%rdi
20: be 08 00 00 00 mov $0x8,%esi
25: e8 1f 7e 5d 00 call 0x5d7e49
2a:* f0 4c 0f ab 25 d7 9d lock bts %r12,0x26a9dd7(%rip) # 0x26a9e0a <-- trapping instruction
31: 6a 02
33: eb 19 jmp 0x4e
35: 48 8d 6f 30 lea 0x30(%rdi),%rbp
39: be 08 00 00 00 mov $0x8,%esi
3e: 48 rex.W
3f: 8d .byte 0x8d
Code starting with the faulting instruction
===========================================
0: f0 4c 0f ab 25 d7 9d lock bts %r12,0x26a9dd7(%rip) # 0x26a9de0
7: 6a 02
9: eb 19 jmp 0x24
b: 48 8d 6f 30 lea 0x30(%rdi),%rbp
f: be 08 00 00 00 mov $0x8,%esi
14: 48 rex.W
15: 8d .byte 0x8d
[ 86.693646][ T0] RSP: 0000:ffffc9000013fc40 EFLAGS: 00010046
[ 86.694204][ T0] RAX: fffffbfff0727d01 RBX: 0000000000000000 RCX: fffffbfff0727d34
[ 86.694858][ T0] RDX: fffffbfff0727d34 RSI: 0000000000000008 RDI: ffffffff8393e998
[ 86.695516][ T0] RBP: 1ffff92000027f8e R08: fffffbfff0727d34 R09: 0000000000000001
[ 86.696174][ T0] R10: ffffffff81294bb8 R11: fffffbfff0727d33 R12: 000000000000001b
[ 86.696611][ T0] R13: ffff8883af027188 R14: ffff8883af027120 R15: dffffc0000000000
[ 86.697022][ T0] FS: 0000000000000000(0000) GS:ffff888429d78000(0000) knlGS:0000000000000000
[ 86.697483][ T0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.697825][ T0] CR2: ffffffff8393e998 CR3: 0000000003aee000 CR4: 00000000000406b0
[ 86.698235][ T0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 86.698645][ T0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 86.699053][ T0] Call Trace:
[ 86.699231][ T0] <TASK>
[ 86.699390][ T0] do_clear_cpu_cap (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/cpuid-deps.c:128 (discriminator 1))
[ 86.699646][ T0] ? clear_feature (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/cpuid-deps.c:114)
[ 86.699891][ T0] ? topology_get_logical_id (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/include/asm/bitops.h:227 (discriminator 8) kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/include/asm/bitops.h:239 (discriminator 8) kbuild/obj/consumer/x86_64-randconfig-001-20250518/include/asm-generic/bitops/instrumented-non-atomic.h:142 (discriminator 8) kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/topology.c:333 (discriminator 8))
[ 86.700177][ T0] ? topo_set_ids (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/topology_common.c:188)
[ 86.700467][ T0] early_init_intel (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/include/asm/bitops.h:206 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/include/asm/bitops.h:238 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/intel.c:336)
[ 86.700731][ T0] init_intel (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/intel.c:542)
[ 86.700959][ T0] ? early_init_intel (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/intel.c:537)
[ 86.701227][ T0] ? get_cpu_cap (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/common.c:1052)
[ 86.701473][ T0] identify_cpu (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/common.c:1959)
[ 86.701715][ T0] ? get_cpu_address_sizes (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/common.c:1905)
[ 86.702011][ T0] ? __set_pages_p (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/mm/pat/set_memory.c:851)
[ 86.702267][ T0] identify_secondary_cpu (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/common.c:2091)
[ 86.702551][ T0] start_secondary (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/smpboot.c:199 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/smpboot.c:283)
[ 86.702803][ T0] common_startup_64 (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/head_64.S:419)
[ 86.703068][ T0] </TASK>
[ 86.703233][ T0] Modules linked in: rcutorture torture polyval_clmulni polyval_generic processor ghash_clmulni_intel sha1_ssse3 ipmi_devintf ipmi_msghandler drm drm_panel_orientation_quirks dm_mod dax qemu_fw_cfg autofs4
[ 86.704298][ T0] CR2: ffffffff8393e998
[ 86.704523][ T0] ---[ end trace 0000000000000000 ]---
[ 86.704807][ T0] RIP: 0010:clear_feature (kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/include/asm/bitops.h:60 kbuild/obj/consumer/x86_64-randconfig-001-20250518/include/asm-generic/bitops/instrumented-atomic.h:29 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/cpuid-deps.c:104 kbuild/obj/consumer/x86_64-randconfig-001-20250518/arch/x86/kernel/cpu/cpuid-deps.c:95)
[ 86.705083][ T0] Code: 48 c1 fb 06 48 c1 e3 03 48 85 ff 75 28 48 c7 c7 60 17 b0 84 e8 3a 00 00 00 48 8d bb 98 e9 93 83 be 08 00 00 00 e8 1f 7e 5d 00 <f0> 4c 0f ab 25 d7 9d 6a 02 eb 19 48 8d 6f 30 be 08 00 00 00 48 8d
All code
========
0: 48 c1 fb 06 sar $0x6,%rbx
4: 48 c1 e3 03 shl $0x3,%rbx
8: 48 85 ff test %rdi,%rdi
b: 75 28 jne 0x35
d: 48 c7 c7 60 17 b0 84 mov $0xffffffff84b01760,%rdi
14: e8 3a 00 00 00 call 0x53
19: 48 8d bb 98 e9 93 83 lea -0x7c6c1668(%rbx),%rdi
20: be 08 00 00 00 mov $0x8,%esi
25: e8 1f 7e 5d 00 call 0x5d7e49
2a:* f0 4c 0f ab 25 d7 9d lock bts %r12,0x26a9dd7(%rip) # 0x26a9e0a <-- trapping instruction
31: 6a 02
33: eb 19 jmp 0x4e
35: 48 8d 6f 30 lea 0x30(%rdi),%rbp
39: be 08 00 00 00 mov $0x8,%esi
3e: 48 rex.W
3f: 8d .byte 0x8d
Code starting with the faulting instruction
===========================================
0: f0 4c 0f ab 25 d7 9d lock bts %r12,0x26a9dd7(%rip) # 0x26a9de0
7: 6a 02
9: eb 19 jmp 0x24
b: 48 8d 6f 30 lea 0x30(%rdi),%rbp
f: be 08 00 00 00 mov $0x8,%esi
14: 48 rex.W
15: 8d .byte 0x8d
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250521/202505211627.1f9b653f-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
reply other threads:[~2025-05-21 8:43 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202505211627.1f9b653f-lkp@intel.com \
--to=oliver.sang@intel.com \
--cc=ardb@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.