* powerpc: BUG: Kernel NULL pointer when running with bcc tools
@ 2026-01-07 9:23 Shrikanth Hegde
2026-01-12 3:14 ` Venkat Rao Bagalkote
0 siblings, 1 reply; 2+ messages in thread
From: Shrikanth Hegde @ 2026-01-07 9:23 UTC (permalink / raw)
To: Madhavan Srinivasan, linuxppc-dev
Cc: Ritesh Harjani, Athira Rajeev, Venkat Rao Bagalkote, hbathini,
Christophe Leroy (CS GROUP)
Hello.
While doing some tracing, observed this kernel panic on powerpc.
It is quite easy reproduce this.
- keep it preempt=full/lazy
- enable some bcc tools. for example: ./stackcount nohz_balance_exit_idle
- Run some workload such as "hackbench 10 process 1000 loops"
I remember seeing this across other bcc tools.
Seen this on tip/master:
commit 5d3b0106245d467fd5ba0bd9a373a13356684f6e (HEAD -> master, origin/master, origin/HEAD)
Merge: 93368366738f e21279b73ef6
Author: Ingo Molnar <mingo@kernel.org>
Date: Tue Jan 6 09:04:47 2026 +0100
Merge branch into tip/master: 'x86/sev'
Panic log:
attempted to read user page (6b8) - exploit attempt? (uid: 0)
BUG: Kernel NULL pointer dereference on read at 0x000006b8
Faulting instruction address: 0xc00000000013cf10
Oops: Kernel access of bad area, sig: 11 [#1]
CPU: 38 UID: 0 PID: 2938 Comm: hackbench Kdump: loaded Not tainted 6.19.0-rc4+ #326 PREEMPT(full)
NIP: c00000000013cf10 LR: c00000000013ced0 CTR: c0000000004a7f08
REGS: c0000000a7f96b60 TRAP: 0300 Not tainted (6.19.0-rc4+)
MSR: 8000000000001033 <SF,ME,IR,DR,RI,LE> CR: 88022828 XER: 20040000
CFAR: c00000000050490c DAR: 00000000000006b8 DSISR: 40000000 IRQMASK: 3
GPR00: c00000000013ced0 c0000000a7f96e00 c000000001c38100 0000000000000000
GPR04: 00007fffda01fea8 0000000000000008 0000000000000000 00007fff94f05e84
GPR08: c0000000a7f90000 0000000000000000 00007fffda0205d0 0000000000004000
GPR12: c000000002dbdddc c0000017fd891c80 c0000000001e08f4 0000000000000000
GPR16: 0000000000000000 0000000000000000 0000000000000000 00000d9842ecbda0
GPR20: c0000000c5c54a00 0000000000000026 0000000000000000 0000000000000000
GPR24: 0000000000000001 fffffffffffffe00 c0000000c5c54a00 000ffffffffffff8
GPR28: 00007fffffffffdf 0000000000000000 00007fffda01fea0 c0000000a7f96ef0
NIP [c00000000013cf10] perf_callchain_user_64+0x1b0/0x4f0
LR [c00000000013ced0] perf_callchain_user_64+0x170/0x4f0
Call Trace:
perf_callchain_user_64+0x170/0x4f0 (unreliable)
perf_callchain_user+0x20/0x3c
get_perf_callchain+0x1b0/0x3dc
bpf_get_stackid+0x94/0xec
bpf_prog_1ca8f9c0bc38eaa6_trace_count+0x70/0x1bc
trace_call_bpf+0x124/0x3c4
kprobe_perf_func+0x54/0x2f8
kprobe_ftrace_handler+0x1dc/0x298
ftrace_regs_call+0x4/0xa0
nohz_balance_exit_idle+0x10/0x120
nohz_balancer_kick+0x50/0x3e4
sched_tick+0x140/0x334
update_process_times+0xf0/0x144
tick_nohz_handler+0xc4/0x274
__hrtimer_run_queues+0x1c4/0x480
hrtimer_interrupt+0x12c/0x30c
timer_interrupt+0x140/0x394
__replay_soft_interrupts+0xa0/0x154
arch_local_irq_restore.part.0+0x1ac/0x224
_raw_spin_unlock_irqrestore+0x50/0xa0
try_to_wake_up+0x3e8/0xa58
wake_up_q+0x88/0xe4
rwsem_wake.isra.0+0x98/0xd8
up_write+0xa8/0xb4
unlink_file_vma_batch_process+0xc8/0xf0
unlink_file_vma_batch_add+0x5c/0xa4
free_pgtables+0x110/0x394
exit_mmap+0x1a0/0x5a8
__mmput+0x64/0x194
exit_mm+0xe0/0x170
do_exit+0x21c/0x5d0
do_group_exit+0x4c/0xc0
pid_child_should_wake+0x0/0x7c
system_call_exception+0x128/0x390
system_call_vectored_common+0x15c/0x2ec
Looks like venkat had reported similar one earlier.
https://lore.kernel.org/all/49cb29fc-003c-422a-98bd-dee8f13aa0b4@linux.ibm.com/
Venkat, can you give above mentioned steps a try on linux-next latest?
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: powerpc: BUG: Kernel NULL pointer when running with bcc tools
2026-01-07 9:23 powerpc: BUG: Kernel NULL pointer when running with bcc tools Shrikanth Hegde
@ 2026-01-12 3:14 ` Venkat Rao Bagalkote
0 siblings, 0 replies; 2+ messages in thread
From: Venkat Rao Bagalkote @ 2026-01-12 3:14 UTC (permalink / raw)
To: Shrikanth Hegde, Madhavan Srinivasan, linuxppc-dev
Cc: Ritesh Harjani, Athira Rajeev, hbathini,
Christophe Leroy (CS GROUP)
On 07/01/26 2:53 pm, Shrikanth Hegde wrote:
> Hello.
>
> While doing some tracing, observed this kernel panic on powerpc.
>
> It is quite easy reproduce this.
> - keep it preempt=full/lazy
> - enable some bcc tools. for example: ./stackcount nohz_balance_exit_idle
> - Run some workload such as "hackbench 10 process 1000 loops"
>
> I remember seeing this across other bcc tools.
>
Hello Shrikanth,
Thanks for the repro steps. I am hitting this issue on the latest
linux-next kernel.
Regards,
Venkat.
>
>
> Seen this on tip/master:
> commit 5d3b0106245d467fd5ba0bd9a373a13356684f6e (HEAD -> master,
> origin/master, origin/HEAD)
> Merge: 93368366738f e21279b73ef6
> Author: Ingo Molnar <mingo@kernel.org>
> Date: Tue Jan 6 09:04:47 2026 +0100
>
> Merge branch into tip/master: 'x86/sev'
>
>
>
> Panic log:
> attempted to read user page (6b8) - exploit attempt? (uid: 0)
> BUG: Kernel NULL pointer dereference on read at 0x000006b8
> Faulting instruction address: 0xc00000000013cf10
> Oops: Kernel access of bad area, sig: 11 [#1]
> CPU: 38 UID: 0 PID: 2938 Comm: hackbench Kdump: loaded Not tainted
> 6.19.0-rc4+ #326 PREEMPT(full)
> NIP: c00000000013cf10 LR: c00000000013ced0 CTR: c0000000004a7f08
> REGS: c0000000a7f96b60 TRAP: 0300 Not tainted (6.19.0-rc4+)
> MSR: 8000000000001033 <SF,ME,IR,DR,RI,LE> CR: 88022828 XER: 20040000
> CFAR: c00000000050490c DAR: 00000000000006b8 DSISR: 40000000 IRQMASK: 3
> GPR00: c00000000013ced0 c0000000a7f96e00 c000000001c38100
> 0000000000000000
> GPR04: 00007fffda01fea8 0000000000000008 0000000000000000
> 00007fff94f05e84
> GPR08: c0000000a7f90000 0000000000000000 00007fffda0205d0
> 0000000000004000
> GPR12: c000000002dbdddc c0000017fd891c80 c0000000001e08f4
> 0000000000000000
> GPR16: 0000000000000000 0000000000000000 0000000000000000
> 00000d9842ecbda0
> GPR20: c0000000c5c54a00 0000000000000026 0000000000000000
> 0000000000000000
> GPR24: 0000000000000001 fffffffffffffe00 c0000000c5c54a00
> 000ffffffffffff8
> GPR28: 00007fffffffffdf 0000000000000000 00007fffda01fea0
> c0000000a7f96ef0
> NIP [c00000000013cf10] perf_callchain_user_64+0x1b0/0x4f0
> LR [c00000000013ced0] perf_callchain_user_64+0x170/0x4f0
> Call Trace:
> perf_callchain_user_64+0x170/0x4f0 (unreliable)
> perf_callchain_user+0x20/0x3c
> get_perf_callchain+0x1b0/0x3dc
> bpf_get_stackid+0x94/0xec
> bpf_prog_1ca8f9c0bc38eaa6_trace_count+0x70/0x1bc
> trace_call_bpf+0x124/0x3c4
> kprobe_perf_func+0x54/0x2f8
> kprobe_ftrace_handler+0x1dc/0x298
> ftrace_regs_call+0x4/0xa0
> nohz_balance_exit_idle+0x10/0x120
> nohz_balancer_kick+0x50/0x3e4
> sched_tick+0x140/0x334
> update_process_times+0xf0/0x144
> tick_nohz_handler+0xc4/0x274
> __hrtimer_run_queues+0x1c4/0x480
> hrtimer_interrupt+0x12c/0x30c
> timer_interrupt+0x140/0x394
> __replay_soft_interrupts+0xa0/0x154
> arch_local_irq_restore.part.0+0x1ac/0x224
> _raw_spin_unlock_irqrestore+0x50/0xa0
> try_to_wake_up+0x3e8/0xa58
> wake_up_q+0x88/0xe4
> rwsem_wake.isra.0+0x98/0xd8
> up_write+0xa8/0xb4
> unlink_file_vma_batch_process+0xc8/0xf0
> unlink_file_vma_batch_add+0x5c/0xa4
> free_pgtables+0x110/0x394
> exit_mmap+0x1a0/0x5a8
> __mmput+0x64/0x194
> exit_mm+0xe0/0x170
> do_exit+0x21c/0x5d0
> do_group_exit+0x4c/0xc0
> pid_child_should_wake+0x0/0x7c
> system_call_exception+0x128/0x390
> system_call_vectored_common+0x15c/0x2ec
>
>
>
> Looks like venkat had reported similar one earlier.
> https://lore.kernel.org/all/49cb29fc-003c-422a-98bd-dee8f13aa0b4@linux.ibm.com/
>
>
> Venkat, can you give above mentioned steps a try on linux-next latest?
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-01-12 3:15 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-07 9:23 powerpc: BUG: Kernel NULL pointer when running with bcc tools Shrikanth Hegde
2026-01-12 3:14 ` Venkat Rao Bagalkote
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox