From: Jeff Layton <jlayton@kernel.org>
To: kernel test robot <oliver.sang@intel.com>
Cc: oe-lkp@lists.linux.dev, lkp@intel.com, linux-mm@kvack.org
Subject: Re: [jlayton:mgtime] [tmpfs] 6602c8010f: BUG:unable_to_handle_page_fault_for_address
Date: Sun, 14 Jul 2024 08:01:37 -0400 [thread overview]
Message-ID: <36685366de25fffa8a817ba5766eead2f4f791f9.camel@kernel.org> (raw)
In-Reply-To: <202407141802.19588609-lkp@intel.com>
On Sun, 2024-07-14 at 19:02 +0800, kernel test robot wrote:
>
> Hello,
>
> kernel test robot noticed "BUG:unable_to_handle_page_fault_for_address" on:
>
> commit: 6602c8010ff4cabd759599c11175fa4d1bcd7800 ("tmpfs: add support for multigrain timestamps")
> https://git.kernel.org/cgit/linux/kernel/git/jlayton/linux.git mgtime
>
> in testcase: boot
>
> compiler: gcc-13
> test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
>
> (please refer to attached dmesg/kmsg for entire log/backtrace)
>
>
> +---------------------------------------------+------------+------------+
> > | ff453163c6 | 6602c8010f |
> +---------------------------------------------+------------+------------+
> > boot_successes | 6 | 0 |
> > boot_failures | 0 | 7 |
> > BUG:unable_to_handle_page_fault_for_address | 0 | 7 |
> > Oops | 0 | 7 |
> > EIP:percpu_counter_add_batch | 0 | 7 |
> > Kernel_panic-not_syncing:Fatal_exception | 0 | 7 |
> +---------------------------------------------+------------+------------+
>
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> > Reported-by: kernel test robot <oliver.sang@intel.com>
> > Closes: https://lore.kernel.org/oe-lkp/202407141802.19588609-lkp@intel.com
>
>
> [ 0.638478][ T0] BUG: unable to handle page fault for address: 20c4e000
> [ 0.639256][ T0] #PF: supervisor read access in kernel mode
> [ 0.639920][ T0] #PF: error_code(0x0000) - not-present page
> [ 0.640224][ T0] *pdpt = 0000000000000000 *pde = 0000000000000000
> [ 0.640224][ T0] Oops: Oops: 0000 [#1] PREEMPT SMP PTI
> [ 0.640224][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-rc7-00242-g6602c8010ff4 #1
> [ 0.640224][ T0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
> [ 0.640224][ T0] EIP: percpu_counter_add_batch (lib/percpu_counter.c:93 (discriminator 4))
> [ 0.640224][ T0] Code: 00 8b 5d f4 8b 75 f8 8b 7d fc 89 ec 5d 31 c0 31 d2 31 c9 e9 3e 7d 8b 00 8d b4 26 00 00 00 00 8d 76 00 e8 f7 22 91 ff 8b 4b 3c <64> 8b 01 89 45 e0 89 c6 89 c7 c1 ff 1f 03 75 ec 13 7d f0 89 f2 f7
> All code
> ========
> 0: 00 8b 5d f4 8b 75 add %cl,0x758bf45d(%rbx)
> 6: f8 clc
> 7: 8b 7d fc mov -0x4(%rbp),%edi
> a: 89 ec mov %ebp,%esp
> c: 5d pop %rbp
> d: 31 c0 xor %eax,%eax
> f: 31 d2 xor %edx,%edx
> 11: 31 c9 xor %ecx,%ecx
> 13: e9 3e 7d 8b 00 jmp 0x8b7d56
> 18: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
> 1f: 8d 76 00 lea 0x0(%rsi),%esi
> 22: e8 f7 22 91 ff call 0xffffffffff91231e
> 27: 8b 4b 3c mov 0x3c(%rbx),%ecx
> 2a:* 64 8b 01 mov %fs:(%rcx),%eax <-- trapping instruction
> 2d: 89 45 e0 mov %eax,-0x20(%rbp)
> 30: 89 c6 mov %eax,%esi
> 32: 89 c7 mov %eax,%edi
> 34: c1 ff 1f sar $0x1f,%edi
> 37: 03 75 ec add -0x14(%rbp),%esi
> 3a: 13 7d f0 adc -0x10(%rbp),%edi
> 3d: 89 f2 mov %esi,%edx
> 3f: f7 .byte 0xf7
>
> Code starting with the faulting instruction
> ===========================================
> 0: 64 8b 01 mov %fs:(%rcx),%eax
> 3: 89 45 e0 mov %eax,-0x20(%rbp)
> 6: 89 c6 mov %eax,%esi
> 8: 89 c7 mov %eax,%edi
> a: c1 ff 1f sar $0x1f,%edi
> d: 03 75 ec add -0x14(%rbp),%esi
> 10: 13 7d f0 adc -0x10(%rbp),%edi
> 13: 89 f2 mov %esi,%edx
> 15: f7 .byte 0xf7
> [ 0.640224][ T0] EAX: 00000000 EBX: c38590e0 ECX: 00000000 EDX: 00000000
> [ 0.640224][ T0] ESI: c3d440d8 EDI: c28d9e20 EBP: c28d9d68 ESP: c28d9d48
> [ 0.640224][ T0] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00210046
> [ 0.640224][ T0] CR0: 80050033 CR2: 20c4e000 CR3: 03112000 CR4: 000406b0
> [ 0.640224][ T0] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [ 0.640224][ T0] DR6: fffe0ff0 DR7: 00000400
> [ 0.640224][ T0] Call Trace:
> [ 0.640224][ T0] ? show_regs (arch/x86/kernel/dumpstack.c:479)
> [ 0.640224][ T0] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)
> [ 0.640224][ T0] ? oops_enter (kernel/panic.c:582 kernel/panic.c:640)
> [ 0.640224][ T0] ? page_fault_oops (arch/x86/mm/fault.c:715 (discriminator 1))
> [ 0.640224][ T0] ? kernelmode_fixup_or_oops+0x78/0x94
> [ 0.640224][ T0] ? __bad_area_nosemaphore+0x145/0x280
> [ 0.640224][ T0] ? coarse_ctime (fs/inode.c:2164)
> [ 0.640224][ T0] ? kvm_sched_clock_read (arch/x86/kernel/kvmclock.c:91 (discriminator 2))
> [ 0.640224][ T0] ? sched_clock_noinstr (arch/x86/kernel/tsc.c:267)
> [ 0.640224][ T0] ? local_clock_noinstr (kernel/sched/clock.c:270 kernel/sched/clock.c:306)
> [ 0.640224][ T0] ? bad_area_nosemaphore (arch/x86/mm/fault.c:835)
> [ 0.640224][ T0] ? do_user_addr_fault (arch/x86/mm/fault.c:1452)
> [ 0.640224][ T0] ? coarse_ctime (fs/inode.c:2164)
> [ 0.640224][ T0] ? local_clock (arch/x86/include/asm/preempt.h:94 (discriminator 1) kernel/sched/clock.c:316 (discriminator 1))
> [ 0.640224][ T0] ? exc_page_fault (arch/x86/include/asm/irqflags.h:26 arch/x86/include/asm/irqflags.h:67 arch/x86/include/asm/irqflags.h:127 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539)
> [ 0.640224][ T0] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1494)
> [ 0.640224][ T0] ? handle_exception (arch/x86/entry/entry_32.S:1047)
> [ 0.640224][ T0] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1494)
> [ 0.640224][ T0] ? percpu_counter_add_batch (lib/percpu_counter.c:93 (discriminator 4))
> [ 0.640224][ T0] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1494)
> [ 0.640224][ T0] ? percpu_counter_add_batch (lib/percpu_counter.c:93 (discriminator 4))
> [ 0.640224][ T0] inode_set_ctime_current (fs/inode.c:2681)
Ahh, looks like I'm initializing the percpu vars a bit too late
(late_initcall). I'll move the initialization to fs_initcall().
> [ 0.640224][ T0] ? get_random_u32 (drivers/char/random.c:532 (discriminator 1))
> [ 0.640224][ T0] ? _raw_spin_unlock (arch/x86/include/asm/preempt.h:94 (discriminator 1) include/linux/spinlock_api_smp.h:143 (discriminator 1) kernel/locking/spinlock.c:186 (discriminator 1))
> [ 0.640224][ T0] simple_inode_init_ts (fs/libfs.c:2101)
> [ 0.640224][ T0] __shmem_get_inode (mm/shmem.c:2526 (discriminator 3))
> [ 0.640224][ T0] shmem_get_inode (mm/shmem.c:2586 (discriminator 1))
> [ 0.640224][ T0] shmem_fill_super (mm/shmem.c:4432 (discriminator 1))
> [ 0.640224][ T0] ? shmem_add_to_page_cache+0x2dc/0x2dc
> [ 0.640224][ T0] get_tree_nodev (fs/super.c:1270 fs/super.c:1288)
> [ 0.640224][ T0] shmem_get_tree (mm/shmem.c:4451)
> [ 0.640224][ T0] vfs_get_tree (fs/super.c:1790)
> [ 0.640224][ T0] vfs_kern_mount (fs/namespace.c:1281)
> [ 0.640224][ T0] kern_mount (fs/namespace.c:5487 (discriminator 1))
> [ 0.640224][ T0] shmem_init (mm/shmem.c:4686 (discriminator 1))
> [ 0.640224][ T0] ? shmem_parse_one (mm/shmem.c:4500)
> [ 0.640224][ T0] mnt_init (fs/namespace.c:5471)
> [ 0.640224][ T0] ? files_init (fs/file_table.c:519)
> [ 0.640224][ T0] vfs_caches_init (fs/dcache.c:3217)
> [ 0.640224][ T0] start_kernel (init/main.c:1086)
> [ 0.640224][ T0] ? obsolete_checksetup (init/main.c:544)
> [ 0.640224][ T0] i386_start_kernel (arch/x86/kernel/head32.c:69)
> [ 0.640224][ T0] startup_32_smp (arch/x86/kernel/head_32.S:292)
> [ 0.640224][ T0] Modules linked in:
> [ 0.640224][ T0] CR2: 0000000020c4e000
> [ 0.640224][ T0] ---[ end trace 0000000000000000 ]---
> [ 0.640224][ T0] EIP: percpu_counter_add_batch (lib/percpu_counter.c:93 (discriminator 4))
> [ 0.640224][ T0] Code: 00 8b 5d f4 8b 75 f8 8b 7d fc 89 ec 5d 31 c0 31 d2 31 c9 e9 3e 7d 8b 00 8d b4 26 00 00 00 00 8d 76 00 e8 f7 22 91 ff 8b 4b 3c <64> 8b 01 89 45 e0 89 c6 89 c7 c1 ff 1f 03 75 ec 13 7d f0 89 f2 f7
> All code
> ========
> 0: 00 8b 5d f4 8b 75 add %cl,0x758bf45d(%rbx)
> 6: f8 clc
> 7: 8b 7d fc mov -0x4(%rbp),%edi
> a: 89 ec mov %ebp,%esp
> c: 5d pop %rbp
> d: 31 c0 xor %eax,%eax
> f: 31 d2 xor %edx,%edx
> 11: 31 c9 xor %ecx,%ecx
> 13: e9 3e 7d 8b 00 jmp 0x8b7d56
> 18: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
> 1f: 8d 76 00 lea 0x0(%rsi),%esi
> 22: e8 f7 22 91 ff call 0xffffffffff91231e
> 27: 8b 4b 3c mov 0x3c(%rbx),%ecx
> 2a:* 64 8b 01 mov %fs:(%rcx),%eax <-- trapping instruction
> 2d: 89 45 e0 mov %eax,-0x20(%rbp)
> 30: 89 c6 mov %eax,%esi
> 32: 89 c7 mov %eax,%edi
> 34: c1 ff 1f sar $0x1f,%edi
> 37: 03 75 ec add -0x14(%rbp),%esi
> 3a: 13 7d f0 adc -0x10(%rbp),%edi
> 3d: 89 f2 mov %esi,%edx
> 3f: f7 .byte 0xf7
>
> Code starting with the faulting instruction
> ===========================================
> 0: 64 8b 01 mov %fs:(%rcx),%eax
> 3: 89 45 e0 mov %eax,-0x20(%rbp)
> 6: 89 c6 mov %eax,%esi
> 8: 89 c7 mov %eax,%edi
> a: c1 ff 1f sar $0x1f,%edi
> d: 03 75 ec add -0x14(%rbp),%esi
> 10: 13 7d f0 adc -0x10(%rbp),%edi
> 13: 89 f2 mov %esi,%edx
> 15: f7 .byte 0xf7
>
>
> The kernel config and materials to reproduce are available at:
> https://download.01.org/0day-ci/archive/20240714/202407141802.19588609-lkp@intel.com
>
>
>
--
Jeff Layton <jlayton@kernel.org>
prev parent reply other threads:[~2024-07-14 12:01 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-14 11:02 [jlayton:mgtime] [tmpfs] 6602c8010f: BUG:unable_to_handle_page_fault_for_address kernel test robot
2024-07-14 12:01 ` Jeff Layton [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=36685366de25fffa8a817ba5766eead2f4f791f9.camel@kernel.org \
--to=jlayton@kernel.org \
--cc=linux-mm@kvack.org \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
--cc=oliver.sang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).