* WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3
@ 2023-07-17 12:56 Ilkka Prusi
2023-07-23 18:41 ` Wei Shuyu
0 siblings, 1 reply; 5+ messages in thread
From: Ilkka Prusi @ 2023-07-17 12:56 UTC (permalink / raw)
To: linux-kernel
Hi,
I found the following splat in kernel log. It looks to be triggered
from Chromium-based browser but I'm unsure what exactly caused it.
Kernel is 6.4.3, (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils
for Debian) 2.40) #160 SMP PREEMPT_DYNAMIC Tue Jul 11 14:19:41 EEST
2023
CPU is:
Model name: AMD Ryzen 7 5700X 8-Core Processor
CPU family: 25
Model: 33
[519077.338025] ------------[ cut here ]------------
[519077.338031] WARNING: CPU: 10 PID: 219607 at mm/gup.c:1101
__get_user_pages+0x539/0x610
[519077.338038] Modules linked in: uinput(E) snd_seq_dummy(E)
snd_hrtimer(E) snd_seq(E) binfmt_misc(E) nls_ascii(E) nls_cp850(E)
vfat(E) fat(E) amdgpu(E) intel_rapl_msr(E) intel_rapl_common(E)
iosf_mbi(E) snd_hda_codec_realtek(E) edac_mce_amd(E)
snd_hda_codec_generic(E) kvm_amd(E) ledtrig_audio(E) video(E)
snd_hda_codec_hdmi(E) kvm(E) gpu_sched(E) snd_hda_intel(E)
drm_buddy(E) drm_suballoc_helper(E) snd_intel_dspcfg(E)
drm_display_helper(E) irqbypass(E) snd_usb_audio(E) snd_hda_codec(E)
cec(E) drm_ttm_helper(E) crct10dif_pclmul(E) snd_usbmidi_lib(E)
snd_rawmidi(E) ttm(E) crc32_pclmul(E) snd_seq_device(E)
snd_hda_core(E) input_leds(E) mc(E) ghash_clmulni_intel(E)
drm_kms_helper(E) sha512_ssse3(E) joydev(E) snd_hwdep(E) snd_pcm(E)
sha512_generic(E) syscopyarea(E) snd_timer(E) aesni_intel(E) snd(E)
sysfillrect(E) k10temp(E) crypto_simd(E) sg(E) evdev(E) sysimgblt(E)
cryptd(E) soundcore(E) ccp(E) rng_core(E) tiny_power_button(E) rapl(E)
button(E) acpi_cpufreq(E) wmi_bmof(E) nfsd(E) auth_rpcgss(E)
nfs_acl(E) lockd(E) msr(E)
[519077.338078] grace(E) sunrpc(E) loop(E) fuse(E) configfs(E)
dm_mod(E) efi_pstore(E) dmi_sysfs(E) ip_tables(E) x_tables(E) ipv6(E)
autofs4(E) efivarfs(E) raid10(E) raid456(E) async_raid6_recov(E)
async_memcpy(E) async_pq(E) async_xor(E) xor(E) async_tx(E)
raid6_pq(E) libcrc32c(E) raid1(E) raid0(E) multipath(E) linear(E)
md_mod(E) hid_playstation(E) led_class_multicolor(E) ff_memless(E)
hid_generic(E) usbhid(E) hid(E) xhci_pci(E) xhci_hcd(E) sd_mod(E)
crc32c_intel(E) t10_pi(E) i2c_piix4(E) usbcore(E) igb(E)
i2c_algo_bit(E) usb_common(E) dca(E) crc64_rocksoft(E) crc64(E) wmi(E)
thermal(E)
[519077.338106] CPU: 10 PID: 219607 Comm: chrome_crashpad Tainted: G
E 6.4.3-stable #160
[519077.338109] Hardware name: Gigabyte Technology Co., Ltd. X570
AORUS ELITE/X570 AORUS ELITE, BIOS F37c 05/12/2022
[519077.338111] RIP: 0010:__get_user_pages+0x539/0x610
[519077.338114] Code: 8b 84 24 80 00 00 00 48 8d 04 d0 e9 da fd ff ff
48 89 d1 48 f7 d1 48 21 c1 f7 c1 81 01 00 00 0f 85 58 fe ff ff e9 64
ff ff ff <0f> 0b e9 2d fd ff ff f6 c3 04 0f 85 54 ff ff ff 49 8b 07 48
8b 0d
[519077.338116] RSP: 0018:ffffc90016e07cc0 EFLAGS: 00010202
[519077.338118] RAX: ffff888127e7ee70 RBX: 000000000005000a RCX:
00007fff907c8fff
[519077.338119] RDX: 00007fff907c9000 RSI: 00007fa5c180d000 RDI:
ffff888100c2bb68
[519077.338121] RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000001
[519077.338122] R10: ffff8886974aa780 R11: 0000000000000000 R12:
ffff88813ac11100
[519077.338123] R13: ffffc90016e07dd8 R14: ffff888127e7ee70 R15:
000000000005000a
[519077.338124] FS: 00007f1eea313c80(0000) GS:ffff88881ea80000(0000)
knlGS:0000000000000000
[519077.338126] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[519077.338127] CR2: 00000ed00046c030 CR3: 00000001fd22a000 CR4:
0000000000350ee0
[519077.338129] Call Trace:
[519077.338130] <TASK>
[519077.338133] ? __warn+0x6b/0xd0
[519077.338136] ? __get_user_pages+0x539/0x610
[519077.338139] ? report_bug+0x144/0x190
[519077.338142] ? handle_bug+0x3c/0x60
[519077.338145] ? exc_invalid_op+0x13/0x60
[519077.338148] ? asm_exc_invalid_op+0x16/0x20
[519077.338152] ? __get_user_pages+0x539/0x610
[519077.338155] get_user_pages_remote+0xfd/0x340
[519077.338157] ? mas_replace+0x2c1/0x340
[519077.338160] __access_remote_vm+0x163/0x360
[519077.338162] mem_rw.isra.0+0x115/0x1d0
[519077.338166] vfs_read+0x95/0x2a0
[519077.338169] ? __fget_files+0x8a/0xc0
[519077.338171] ? lock_release+0x91/0x1a0
[519077.338174] ? lock_acquire.part.0.isra.0+0x47/0x80
[519077.338176] ? __fget_files+0xa2/0xc0
[519077.338178] __x64_sys_pread64+0x6e/0xb0
[519077.338181] do_syscall_64+0x3a/0x80
[519077.338183] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[519077.338186] RIP: 0033:0x7f1ee9c361a7
[519077.338188] Code: 08 89 3c 24 48 89 4c 24 18 e8 b5 f4 f8 ff 4c 8b
54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00
00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 05 f5 f8 ff
48 8b
[519077.338189] RSP: 002b:00007ffc7f5d4100 EFLAGS: 00000293 ORIG_RAX:
0000000000000011
[519077.338191] RAX: ffffffffffffffda RBX: 0000000000001000 RCX:
00007f1ee9c361a7
[519077.338192] RDX: 0000000000001000 RSI: 00007ffc7f5d43f0 RDI:
0000000000000007
[519077.338193] RBP: 00007ffc7f5d42a0 R08: 0000000000000000 R09:
000055b4e809ade0
[519077.338195] R10: 00007fa5c180c8a0 R11: 0000000000000293 R12:
00007fa5c180c8a0
[519077.338196] R13: 00000ed00022a100 R14: 00007ffc7f5d43f0 R15:
0000000000001000
[519077.338198] </TASK>
[519077.338199] ---[ end trace 0000000000000000 ]---
The code decodes:
$ scripts/decode_stacktrace.sh vmlinux < ~/warn_get_user_pages
[519077.338025] ------------[ cut here ]------------
[519077.338031] WARNING: CPU: 10 PID: 219607 at mm/gup.c:1101
__get_user_pages (mm/gup.c:1101 (discriminator 1))
[519077.338038] Modules linked in: uinput(E) snd_seq_dummy(E)
snd_hrtimer(E) snd_seq(E) binfmt_misc(E) nls_ascii(E) nls_cp850(E)
vfat(E) fat(E) amdgpu(E) intel_rapl_msr(E) intel_rapl_common(E)
iosf_mbi(E) snd_hda_codec_realtek(E) edac_mce_amd(E)
snd_hda_codec_generic(E) kvm_amd(E) ledtrig_audio(E) video(E)
snd_hda_codec_hdmi(E) kvm(E) gpu_sched(E) snd_hda_intel(E)
drm_buddy(E) drm_suballoc_helper(E) snd_intel_dspcfg(E)
drm_display_helper(E) irqbypass(E) snd_usb_audio(E) snd_hda_codec(E)
cec(E) drm_ttm_helper(E) crct10dif_pclmul(E) snd_usbmidi_lib(E)
snd_rawmidi(E) ttm(E) crc32_pclmul(E) snd_seq_device(E)
snd_hda_core(E) input_leds(E) mc(E) ghash_clmulni_intel(E)
drm_kms_helper(E) sha512_ssse3(E) joydev(E) snd_hwdep(E) snd_pcm(E)
sha512_generic(E) syscopyarea(E) snd_timer(E) aesni_intel(E) snd(E)
sysfillrect(E) k10temp(E) crypto_simd(E) sg(E) evdev(E) sysimgblt(E)
cryptd(E) soundcore(E) ccp(E) rng_core(E) tiny_power_button(E) rapl(E)
button(E) acpi_cpufreq(E) wmi_bmof(E) nfsd(E) auth_rpcgss(E)
nfs_acl(E) lockd(E) msr(E)
[519077.338078] grace(E) sunrpc(E) loop(E) fuse(E) configfs(E)
dm_mod(E) efi_pstore(E) dmi_sysfs(E) ip_tables(E) x_tables(E) ipv6(E)
autofs4(E) efivarfs(E) raid10(E) raid456(E) async_raid6_recov(E)
async_memcpy(E) async_pq(E) async_xor(E) xor(E) async_tx(E)
raid6_pq(E) libcrc32c(E) raid1(E) raid0(E) multipath(E) linear(E)
md_mod(E) hid_playstation(E) led_class_multicolor(E) ff_memless(E)
hid_generic(E) usbhid(E) hid(E) xhci_pci(E) xhci_hcd(E) sd_mod(E)
crc32c_intel(E) t10_pi(E) i2c_piix4(E) usbcore(E) igb(E)
i2c_algo_bit(E) usb_common(E) dca(E) crc64_rocksoft(E) crc64(E) wmi(E)
thermal(E)
[519077.338106] CPU: 10 PID: 219607 Comm: chrome_crashpad Tainted: G
E 6.4.3-stable #160
[519077.338109] Hardware name: Gigabyte Technology Co., Ltd. X570
AORUS ELITE/X570 AORUS ELITE, BIOS F37c 05/12/2022
[519077.338111] RIP: 0010:__get_user_pages (mm/gup.c:1101 (discriminator 1))
[519077.338114] Code: 8b 84 24 80 00 00 00 48 8d 04 d0 e9 da fd ff ff
48 89 d1 48 f7 d1 48 21 c1 f7 c1 81 01 00 00 0f 85 58 fe ff ff e9 64
ff ff ff <0f> 0b e9 2d fd ff ff f6 c3 04 0f 85 54 ff ff ff 49 8b 07 48
8b 0d
All code
========
0: 8b 84 24 80 00 00 00 mov 0x80(%rsp),%eax
7: 48 8d 04 d0 lea (%rax,%rdx,8),%rax
b: e9 da fd ff ff jmp 0xfffffffffffffdea
10: 48 89 d1 mov %rdx,%rcx
13: 48 f7 d1 not %rcx
16: 48 21 c1 and %rax,%rcx
19: f7 c1 81 01 00 00 test $0x181,%ecx
1f: 0f 85 58 fe ff ff jne 0xfffffffffffffe7d
25: e9 64 ff ff ff jmp 0xffffffffffffff8e
2a:* 0f 0b ud2 <-- trapping instruction
2c: e9 2d fd ff ff jmp 0xfffffffffffffd5e
31: f6 c3 04 test $0x4,%bl
34: 0f 85 54 ff ff ff jne 0xffffffffffffff8e
3a: 49 8b 07 mov (%r15),%rax
3d: 48 rex.W
3e: 8b .byte 0x8b
3f: 0d .byte 0xd
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: e9 2d fd ff ff jmp 0xfffffffffffffd34
7: f6 c3 04 test $0x4,%bl
a: 0f 85 54 ff ff ff jne 0xffffffffffffff64
10: 49 8b 07 mov (%r15),%rax
13: 48 rex.W
14: 8b .byte 0x8b
15: 0d .byte 0xd
[519077.338116] RSP: 0018:ffffc90016e07cc0 EFLAGS: 00010202
[519077.338118] RAX: ffff888127e7ee70 RBX: 000000000005000a RCX:
00007fff907c8fff
[519077.338119] RDX: 00007fff907c9000 RSI: 00007fa5c180d000 RDI:
ffff888100c2bb68
[519077.338121] RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000001
[519077.338122] R10: ffff8886974aa780 R11: 0000000000000000 R12:
ffff88813ac11100
[519077.338123] R13: ffffc90016e07dd8 R14: ffff888127e7ee70 R15:
000000000005000a
[519077.338124] FS: 00007f1eea313c80(0000) GS:ffff88881ea80000(0000)
knlGS:0000000000000000
[519077.338126] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[519077.338127] CR2: 00000ed00046c030 CR3: 00000001fd22a000 CR4:
0000000000350ee0
[519077.338129] Call Trace:
[519077.338130] <TASK>
[519077.338133] ? __warn (kernel/panic.c:673)
[519077.338136] ? __get_user_pages (mm/gup.c:1101 (discriminator 1))
[519077.338139] ? report_bug (lib/bug.c:180 lib/bug.c:219)
[519077.338142] ? handle_bug (arch/x86/kernel/traps.c:324)
[519077.338145] ? exc_invalid_op (arch/x86/kernel/traps.c:345 (discriminator 1))
[519077.338148] ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:568)
[519077.338152] ? __get_user_pages (mm/gup.c:1101 (discriminator 1))
[519077.338155] get_user_pages_remote (mm/gup.c:1391 mm/gup.c:2238)
[519077.338157] ? mas_replace (lib/maple_tree.c:963
lib/maple_tree.c:1461 lib/maple_tree.c:1743 lib/maple_tree.c:1775)
[519077.338160] __access_remote_vm (mm/memory.c:5739)
[519077.338162] mem_rw.isra.0 (fs/proc/base.c:867)
[519077.338166] vfs_read (fs/read_write.c:468)
[519077.338169] ? __fget_files (./include/linux/rcupdate.h:805 fs/file.c:915)
[519077.338171] ? lock_release (kernel/locking/lockdep.c:5381
kernel/locking/lockdep.c:5725)
[519077.338174] ? lock_acquire.part.0.isra.0
(kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5707)
[519077.338176] ? __fget_files (fs/file.c:918)
[519077.338178] __x64_sys_pread64 (./include/linux/file.h:44
fs/read_write.c:666 fs/read_write.c:675 fs/read_write.c:672
fs/read_write.c:672)
[519077.338181] do_syscall_64 (arch/x86/entry/common.c:50
arch/x86/entry/common.c:80)
[519077.338183] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)
[519077.338186] RIP: 0033:0x7f1ee9c361a7
[519077.338188] Code: 08 89 3c 24 48 89 4c 24 18 e8 b5 f4 f8 ff 4c 8b
54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00
00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 05 f5 f8 ff
48 8b
All code
========
0: 08 89 3c 24 48 89 or %cl,-0x76b7dbc4(%rcx)
6: 4c 24 18 rex.WR and $0x18,%al
9: e8 b5 f4 f8 ff call 0xfffffffffff8f4c3
e: 4c 8b 54 24 18 mov 0x18(%rsp),%r10
13: 48 8b 54 24 10 mov 0x10(%rsp),%rdx
18: 41 89 c0 mov %eax,%r8d
1b: 48 8b 74 24 08 mov 0x8(%rsp),%rsi
20: 8b 3c 24 mov (%rsp),%edi
23: b8 11 00 00 00 mov $0x11,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
<-- trapping instruction
30: 77 31 ja 0x63
32: 44 89 c7 mov %r8d,%edi
35: 48 89 04 24 mov %rax,(%rsp)
39: e8 05 f5 f8 ff call 0xfffffffffff8f543
3e: 48 rex.W
3f: 8b .byte 0x8b
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 31 ja 0x39
8: 44 89 c7 mov %r8d,%edi
b: 48 89 04 24 mov %rax,(%rsp)
f: e8 05 f5 f8 ff call 0xfffffffffff8f519
14: 48 rex.W
15: 8b .byte 0x8b
[519077.338189] RSP: 002b:00007ffc7f5d4100 EFLAGS: 00000293 ORIG_RAX:
0000000000000011
[519077.338191] RAX: ffffffffffffffda RBX: 0000000000001000 RCX:
00007f1ee9c361a7
[519077.338192] RDX: 0000000000001000 RSI: 00007ffc7f5d43f0 RDI:
0000000000000007
[519077.338193] RBP: 00007ffc7f5d42a0 R08: 0000000000000000 R09:
000055b4e809ade0
[519077.338195] R10: 00007fa5c180c8a0 R11: 0000000000000293 R12:
00007fa5c180c8a0
[519077.338196] R13: 00000ed00022a100 R14: 00007ffc7f5d43f0 R15:
0000000000001000
[519077.338198] </TASK>
[519077.338199] ---[ end trace 0000000000000000 ]---
--
/**
- Ilkka Prusi
- ilkka.prusi@gmail.com
*/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3
2023-07-17 12:56 WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3 Ilkka Prusi
@ 2023-07-23 18:41 ` Wei Shuyu
2023-07-23 20:34 ` Thomas Weißschuh
0 siblings, 1 reply; 5+ messages in thread
From: Wei Shuyu @ 2023-07-23 18:41 UTC (permalink / raw)
To: ilkka.prusi; +Cc: linux-kernel
I can trigger this reliably by visiting chrome://crash/
[ 444.608793] ------------[ cut here ]------------
[ 444.608795] WARNING: CPU: 7 PID: 901 at mm/gup.c:1101
__get_user_pages+0x4c2/0x5b0
[ 444.608800] Modules linked in: nvidia_drm(PO) nvidia_modeset(PO)
nvidia(PO) nls_ascii nls_cp437 intel_rapl_msr vfat intel_rapl_common fat
iosf_mbi kvm_amd uvcvideo kvm snd_hda_codec_realtek
snd_hda_codec_generic irqbypass videobuf2_vmalloc ledtrig_audio
snd_hda_codec_hdmi videobuf2_memops crc32_pclmul uvc videobuf2_v4l2
snd_usb_audio pl2303 snd_hda_intel video snd_hwdep usbserial videodev
snd_intel_dspcfg drm_kms_helper snd_hda_codec snd_usbmidi_lib
aesni_intel snd_rawmidi snd_hda_core syscopyarea videobuf2_common
snd_seq_device sysfillrect libaes sysimgblt input_leds snd_pcm
crypto_simd mc led_class corsair_psu joydev cryptd snd_timer drm snd
asus_ec_sensors evdev drm_panel_orientation_quirks rapl soundcore
sp5100_tco pcspkr watchdog tiny_power_button wmi button loop fuse
efi_pstore pstore efivarfs dmi_sysfs ip_tables x_tables autofs4 ext4
crc32c_generic crc16 mbcache jbd2 hid_generic usbhid hid sd_mod ahci
libahci xhci_pci libata xhci_hcd crc32c_intel i2c_piix4 scsi_mod nvme
usbcore igb scsi_common usb_common
[ 444.608829] i2c_algo_bit nvme_core
[ 444.608831] CPU: 7 PID: 901 Comm: chrome_crashpad Tainted: P
O 6.4.3 #1
[ 444.608833] Hardware name: ASUS System Product Name/Pro WS X570-ACE,
BIOS 4101 03/02/2022
[ 444.608834] RIP: 0010:__get_user_pages+0x4c2/0x5b0
[ 444.608836] Code: 00 00 48 8d 04 d0 e9 61 fc ff ff 48 8b 43 38 f0 48
83 28 01 0f 85 f5 fd ff ff 48 8b 43 38 48 8d 7b 30 ff 50 08 e9 e5 fd ff
ff <0f> 0b e9 b8 fb ff ff f6 c3 04 0f 85 7b ff ff ff 49 8b 17 48 8b 05
[ 444.608837] RSP: 0018:ffff9d3466e07cd0 EFLAGS: 00010202
[ 444.608838] RAX: ffff9d344651c5a0 RBX: 000000000005000a RCX:
00007ffcc64cbfff
[ 444.608839] RDX: ffff9d3444d27100 RSI: 00007f2918bba000 RDI:
ffff9d3446c49e80
[ 444.608840] RBP: ffff9d3444fe50c0 R08: ffff9d3444d27108 R09:
0000000000000001
[ 444.608841] R10: ffff9d3444d27180 R11: ffff9d3444d2710c R12:
0000000000000000
[ 444.608841] R13: ffff9d3466e07de8 R14: ffff9d344651c5a0 R15:
ffff9d3466e07d7c
[ 444.608842] FS: 00007f7abfb5e840(0000) GS:ffff9d432ebc0000(0000)
knlGS:0000000000000000
[ 444.608843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 444.608844] CR2: 000036340030d020 CR3: 000000010fc5d000 CR4:
0000000000350ee0
[ 444.608844] Call Trace:
[ 444.608846] <TASK>
[ 444.608846] ? __warn+0x6b/0xd0
[ 444.608849] ? __get_user_pages+0x4c2/0x5b0
[ 444.608850] ? report_bug+0x143/0x190
[ 444.608853] ? handle_bug+0x36/0x70
[ 444.608854] ? exc_invalid_op+0x13/0x60
[ 444.608856] ? asm_exc_invalid_op+0x16/0x20
[ 444.608858] ? __get_user_pages+0x4c2/0x5b0
[ 444.608860] get_user_pages_remote+0xfa/0x310
[ 444.608861] __access_remote_vm+0x151/0x340
[ 444.608863] mem_rw.isra.0+0xec/0x180
[ 444.608865] vfs_read+0x8e/0x2c0
[ 444.608868] ? __count_memcg_events+0x39/0x80
[ 444.608869] ? handle_mm_fault+0xac/0x260
[ 444.608870] ? __fget_light+0x8c/0xf0
[ 444.608872] __x64_sys_pread64+0x6d/0xa0
[ 444.608874] do_syscall_64+0x35/0x80
[ 444.608875] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 444.608876] RIP: 0033:0x7f7abfc58b97
[ 444.608877] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 ee f8 ff 4c 8b 54
24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00 00 0f
05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 35 ef f8 ff 48 8b
[ 444.608878] RSP: 002b:00007fff80823d70 EFLAGS: 00000293 ORIG_RAX:
0000000000000011
[ 444.608879] RAX: ffffffffffffffda RBX: 0000000000001000 RCX:
00007f7abfc58b97
[ 444.608880] RDX: 0000000000001000 RSI: 00007fff80824060 RDI:
0000000000000004
[ 444.608881] RBP: 00007fff80823f10 R08: 0000000000000000 R09:
000055c771a571c0
[ 444.608881] R10: 00007f2918bb9880 R11: 0000000000000293 R12:
00007f2918bb9880
[ 444.608882] R13: 0000363400229880 R14: 00007fff80824060 R15:
0000000000001000
[ 444.608883] </TASK>
[ 444.608883] ---[ end trace 0000000000000000 ]---
[ 444.618816] chrome[1508]: segfault at 0 ip 000055ae15e9a2d0 sp
00007ffcc64c7bb0 error 6 in chrome[55ae11624000+a492000] likely on CPU 6
(core 6, socket 0)
[ 444.618822] Code: 41 5c 41 5e 41 5f 5d e9 de 9e 78 fb cc 0f 0b cc cc
cc cc cc cc cc cc cc cc cc 55 48 89 e5 48 8d 3d 85 be 55 06 e8 20 2a 87
fb <c7> 04 25 00 00 00 00 00 00 00 00 5d c3 cc cc cc 55 48 89 e5 53 50
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3
2023-07-23 18:41 ` Wei Shuyu
@ 2023-07-23 20:34 ` Thomas Weißschuh
2023-07-24 6:21 ` Wei Shuyu
0 siblings, 1 reply; 5+ messages in thread
From: Thomas Weißschuh @ 2023-07-23 20:34 UTC (permalink / raw)
To: Wei Shuyu; +Cc: ilkka.prusi, linux-kernel
On 2023-07-24 02:41:24+0800, Wei Shuyu wrote:
> I can trigger this reliably by visiting chrome://crash/
>
> [ 444.608793] ------------[ cut here ]------------
> [ 444.608795] WARNING: CPU: 7 PID: 901 at mm/gup.c:1101
This should be the same as
https://lore.kernel.org/lkml/202307041023.bcdbbfc0-oliver.sang@intel.com/
Which was triaged to the chrome crashpad library.
The false positive is also fixed on master with
commit 6cd06ab12d1a ("gup: make the stack expansion warning a bit more targeted").
> [..]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3
2023-07-23 20:34 ` Thomas Weißschuh
@ 2023-07-24 6:21 ` Wei Shuyu
[not found] ` <CAJuPgPPZ43=h5P8326-0bBcHadnOTGOoOTEP4yJJdDDt5fF8sw@mail.gmail.com>
0 siblings, 1 reply; 5+ messages in thread
From: Wei Shuyu @ 2023-07-24 6:21 UTC (permalink / raw)
To: Thomas Weißschuh; +Cc: ilkka.prusi, linux-kernel
On 2023-07-24 04:34, Thomas Weißschuh wrote:
>
> This should be the same as
> https://lore.kernel.org/lkml/202307041023.bcdbbfc0-oliver.sang@intel.com/
>
> Which was triaged to the chrome crashpad library.
>
> The false positive is also fixed on master with
> commit 6cd06ab12d1a ("gup: make the stack expansion warning a bit more
> targeted").
>
>> [..]
Seems safe to ignore the warning. Thanks.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3
[not found] ` <CAJuPgPPZ43=h5P8326-0bBcHadnOTGOoOTEP4yJJdDDt5fF8sw@mail.gmail.com>
@ 2023-08-16 21:32 ` Wei Shuyu
0 siblings, 0 replies; 5+ messages in thread
From: Wei Shuyu @ 2023-08-16 21:32 UTC (permalink / raw)
To: Ilkka Prusi; +Cc: Linux Kernel
On 2023-08-16 14:17, Ilkka Prusi wrote:
> Well, this does lead to crash in Xwayland and so you lose the ability
> to do anything on the computer (including switching to a virtual
> console).
> So I'd say this isn't "safe" to ignore even if it does say "warning"
> instead or "error".
>
> And it does repeat every so often. Video playback on a browser seems
> to be one way to trigger this often.
> Following is on 6.4.10.
>
> ------------[ cut here ]------------
> WARNING: CPU: 4 PID: 159964 at mm/gup.c:1101
> __get_user_pages+0x539/0x610
> Modules linked in: uinput(E) snd_seq_dummy(E) snd_hrtimer(E)
> snd_seq(E) binfmt_misc(E) nls_ascii(E) nls_cp850(E) vfat(E) fat(E)
> amdgpu(E) intel_rapl_msr(E) intel_rapl_common(E) iosf_mbi(E)
> snd_usb_audio(E) video(E) gpu_sched(E) snd_usbmidi_lib(E) drm_buddy(E)
> edac_mce_amd(E) drm_suballoc_helper(E) snd_hda_codec_realtek(E)
> kvm_amd(E) drm_display_helper(E) snd_hda_codec_generic(E)
> snd_hda_codec_hdmi(E) cec(E) drm_ttm_helper(E) ledtrig_audio(E)
> snd_rawmidi(E) kvm(E) snd_seq_device(E) snd_hda_intel(E)
> snd_intel_dspcfg(E) ttm(E) mc(E) snd_hda_codec(E) irqbypass(E)
> input_leds(E) drm_kms_helper(E) snd_hda_core(E) crct10dif_pclmul(E)
> snd_hwdep(E) joydev(E) snd_pcm(E) crc32_pclmul(E) syscopyarea(E)
> ghash_clmulni_intel(E) sysfillrect(E) snd_timer(E) sha512_ssse3(E)
> sysimgblt(E) sha512_generic(E) k10temp(E) snd(E) sg(E) ccp(E)
> rng_core(E) soundcore(E) aesni_intel(E) crypto_simd(E) cryptd(E)
> wmi_bmof(E) rapl(E) evdev(E) acpi_cpufreq(E) tiny_power_button(E)
> button(E) nfsd(E) auth_rpcgss(E) nfs_acl(E) lockd(E) grace(E)
> sunrpc(E) configfs(E) loop(E) fuse(E) dm_mod(E) msr(E) efi_pstore(E)
> dmi_sysfs(E) ip_tables(E) x_tables(E) ipv6(E) autofs4(E) efivarfs(E)
> raid10(E) raid456(E) async_raid6_recov(E) async_memcpy(E) async_pq(E)
> async_xor(E) xor(E) async_tx(E) raid6_pq(E) libcrc32c(E) raid1(E)
> raid0(E) multipath(E) linear(E) md_mod(E) hid_playstation(E)
> led_class_multicolor(E) ff_memless(E) hid_generic(E) usbhid(E) hid(E)
> xhci_pci(E) xhci_hcd(E) sd_mod(E) t10_pi(E) crc32c_intel(E)
> i2c_piix4(E) usbcore(E) igb(E) i2c_algo_bit(E) usb_common(E) dca(E)
> crc64_rocksoft(E) crc64(E) wmi(E) thermal(E)
> CPU: 4 PID: 159964 Comm: chrome_crashpad Tainted: G E
> 6.4.10-stable #167
> Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS ELITE/X570
> AORUS ELITE, BIOS F37c 05/12/2022
> RIP: 0010:__get_user_pages+0x539/0x610
> Code: 8b 84 24 c0 00 00 00 48 8d 04 d0 e9 da fd ff ff 48 89 d1 48 f7
> d1 48 21 c1 f7 c1 81 01 00 00 0f 85 58 fe ff ff e9 64 ff ff ff <0f> 0b
> e9 2d fd ff ff f6 c3 04 0f 85 54 ff ff ff 49 8b 07 48 8b 0d
> RSP: 0018:ffffc900054f7cb8 EFLAGS: 00010202
> RAX: ffff8883567d6f18 RBX: 000000000005000a RCX: 00007ffcdd723fff
> RDX: 00007ffcdd724000 RSI: 00007f7855f57000 RDI: ffff8885a93fbb68
> RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
> R10: ffff888137013780 R11: 0000000000000000 R12: ffff8881ac570000
> R13: ffffc900054f7dd8 R14: ffff8883567d6f18 R15: 000000000005000a
> FS: 00007fcf90f02c80(0000) GS:ffff88881e900000(0000)
> knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00001b8400464300 CR3: 00000004c78d2000 CR4: 0000000000350ee0
> Call Trace:
> <TASK>
> ? __warn+0x6b/0xd0
> ? __get_user_pages+0x539/0x610
> ? report_bug+0x144/0x190
> ? handle_bug+0x3c/0x60
> ? exc_invalid_op+0x13/0x60
> ? asm_exc_invalid_op+0x16/0x20
> ? __get_user_pages+0x539/0x610
> ? __get_user_pages+0x7f/0x610
> get_user_pages_remote+0xfd/0x340
> ? mtree_load+0x21/0x1f0
> __access_remote_vm+0x16d/0x370
> mem_rw.isra.0+0x115/0x1d0
> vfs_read+0x95/0x2a0
> ? __fget_files+0x8a/0xc0
> ? lock_release+0x91/0x1a0
> ? lock_acquire.part.0.isra.0+0x47/0x80
> ? __fget_files+0xa2/0xc0
> __x64_sys_pread64+0x6e/0xb0
> do_syscall_64+0x3a/0x80
> entry_SYSCALL_64_after_hwframe+0x46/0xb0
> RIP: 0033:0x7fcf909151e7
> Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f4 f8 ff 4c 8b 54 24 18 48 8b
> 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00 00 0f 05 <48> 3d
> 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 35 f5 f8 ff 48 8b
> RSP: 002b:00007ffc8a765460 EFLAGS: 00000293 ORIG_RAX: 0000000000000011
> RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 00007fcf909151e7
> RDX: 0000000000001000 RSI: 00007ffc8a765750 RDI: 0000000000000007
> RBP: 00007ffc8a765600 R08: 0000000000000000 R09: 000056045cb5ade0
> R10: 00007f7855f568a0 R11: 0000000000000293 R12: 00007f7855f568a0
> R13: 00001b840022a100 R14: 00007ffc8a765750 R15: 0000000000001000
> </TASK>
> ---[ end trace 0000000000000000 ]---
>
> $ scripts/decode_stacktrace.sh vmlinux < ~/crash_20230816
> ------------[ cut here ]------------
> WARNING: CPU: 4 PID: 159964 at mm/gup.c:1101 __get_user_pages
> (mm/gup.c:1101 (discriminator 1))
> Modules linked in: uinput(E) snd_seq_dummy(E) snd_hrtimer(E)
> snd_seq(E) binfmt_misc(E) nls_ascii(E) nls_cp850(E) vfat(E) fat(E)
> amdgpu(E) intel_rapl_msr(E) intel_rapl_common(E) iosf_mbi(E)
> snd_usb_audio(E) video(E) gpu_sched(E) snd_usbmidi_lib(E) drm_buddy(E)
> edac_mce_amd(E) drm_suballoc_helper(E) snd_hda_codec_realtek(E)
> kvm_amd(E) drm_display_helper(E) snd_hda_codec_generic(E)
> snd_hda_codec_hdmi(E) cec(E) drm_ttm_helper(E) ledtrig_audio(E)
> snd_rawmidi(E) kvm(E) snd_seq_device(E) snd_hda_intel(E)
> snd_intel_dspcfg(E) ttm(E) mc(E) snd_hda_codec(E) irqbypass(E)
> input_leds(E) drm_kms_helper(E) snd_hda_core(E) crct10dif_pclmul(E)
> snd_hwdep(E) joydev(E) snd_pcm(E) crc32_pclmul(E) syscopyarea(E)
> ghash_clmulni_intel(E) sysfillrect(E) snd_timer(E) sha512_ssse3(E)
> sysimgblt(E) sha512_generic(E) k10temp(E) snd(E) sg(E) ccp(E)
> rng_core(E) soundcore(E) aesni_intel(E) crypto_simd(E) cryptd(E)
> wmi_bmof(E) rapl(E) evdev(E) acpi_cpufreq(E) tiny_power_button(E)
> button(E) nfsd(E) auth_rpcgss(E) nfs_acl(E) lockd(E) grace(E)
> sunrpc(E) configfs(E) loop(E) fuse(E) dm_mod(E) msr(E) efi_pstore(E)
> dmi_sysfs(E) ip_tables(E) x_tables(E) ipv6(E) autofs4(E) efivarfs(E)
> raid10(E) raid456(E) async_raid6_recov(E) async_memcpy(E) async_pq(E)
> async_xor(E) xor(E) async_tx(E) raid6_pq(E) libcrc32c(E) raid1(E)
> raid0(E) multipath(E) linear(E) md_mod(E) hid_playstation(E)
> led_class_multicolor(E) ff_memless(E) hid_generic(E) usbhid(E) hid(E)
> xhci_pci(E) xhci_hcd(E) sd_mod(E) t10_pi(E) crc32c_intel(E)
> i2c_piix4(E) usbcore(E) igb(E) i2c_algo_bit(E) usb_common(E) dca(E)
> crc64_rocksoft(E) crc64(E) wmi(E) thermal(E)
> CPU: 4 PID: 159964 Comm: chrome_crashpad Tainted: G E
> 6.4.10-stable #167
> Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS ELITE/X570
> AORUS ELITE, BIOS F37c 05/12/2022
> RIP: 0010:__get_user_pages (mm/gup.c:1101 (discriminator 1))
> Code: 8b 84 24 c0 00 00 00 48 8d 04 d0 e9 da fd ff ff 48 89 d1 48 f7
> d1 48 21 c1 f7 c1 81 01 00 00 0f 85 58 fe ff ff e9 64 ff ff ff <0f> 0b
> e9 2d fd ff ff f6 c3 04 0f 85 54 ff ff ff 49 8b 07 48 8b 0d
> All code
> ========
> 0: 8b 84 24 c0 00 00 00 mov 0xc0(%rsp),%eax
> 7: 48 8d 04 d0 lea (%rax,%rdx,8),%rax
> b: e9 da fd ff ff jmp 0xfffffffffffffdea
> 10: 48 89 d1 mov %rdx,%rcx
> 13: 48 f7 d1 not %rcx
> 16: 48 21 c1 and %rax,%rcx
> 19: f7 c1 81 01 00 00 test $0x181,%ecx
> 1f: 0f 85 58 fe ff ff jne 0xfffffffffffffe7d
> 25: e9 64 ff ff ff jmp 0xffffffffffffff8e
> 2a:* 0f 0b ud2 <-- trapping
> instruction
> 2c: e9 2d fd ff ff jmp 0xfffffffffffffd5e
> 31: f6 c3 04 test $0x4,%bl
> 34: 0f 85 54 ff ff ff jne 0xffffffffffffff8e
> 3a: 49 8b 07 mov (%r15),%rax
> 3d: 48 rex.W
> 3e: 8b .byte 0x8b
> 3f: 0d .byte 0xd
>
> Code starting with the faulting instruction
> ===========================================
> 0: 0f 0b ud2
> 2: e9 2d fd ff ff jmp 0xfffffffffffffd34
> 7: f6 c3 04 test $0x4,%bl
> a: 0f 85 54 ff ff ff jne 0xffffffffffffff64
> 10: 49 8b 07 mov (%r15),%rax
> 13: 48 rex.W
> 14: 8b .byte 0x8b
> 15: 0d .byte 0xd
> RSP: 0018:ffffc900054f7cb8 EFLAGS: 00010202
> RAX: ffff8883567d6f18 RBX: 000000000005000a RCX: 00007ffcdd723fff
> RDX: 00007ffcdd724000 RSI: 00007f7855f57000 RDI: ffff8885a93fbb68
> RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
> R10: ffff888137013780 R11: 0000000000000000 R12: ffff8881ac570000
> R13: ffffc900054f7dd8 R14: ffff8883567d6f18 R15: 000000000005000a
> FS: 00007fcf90f02c80(0000) GS:ffff88881e900000(0000)
> knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00001b8400464300 CR3: 00000004c78d2000 CR4: 0000000000350ee0
> Call Trace:
> <TASK>
> ? __warn (kernel/panic.c:673)
> ? __get_user_pages (mm/gup.c:1101 (discriminator 1))
> ? report_bug (lib/bug.c:180 lib/bug.c:219)
> ? handle_bug (arch/x86/kernel/traps.c:326)
> ? exc_invalid_op (arch/x86/kernel/traps.c:347 (discriminator 1))
> ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:568)
> ? __get_user_pages (mm/gup.c:1101 (discriminator 1))
> ? __get_user_pages (mm/gup.c:1100)
> get_user_pages_remote (mm/gup.c:1391 mm/gup.c:2238)
> ? mtree_load (./include/linux/rcupdate.h:327
> ./include/linux/rcupdate.h:773 lib/maple_tree.c:6223)
> __access_remote_vm (mm/memory.c:5743)
> mem_rw.isra.0 (fs/proc/base.c:867)
> vfs_read (fs/read_write.c:468)
> ? __fget_files (./include/linux/rcupdate.h:805 fs/file.c:915)
> ? lock_release (kernel/locking/lockdep.c:5381
> kernel/locking/lockdep.c:5725)
> ? lock_acquire.part.0.isra.0 (kernel/locking/lockdep.c:467
> kernel/locking/lockdep.c:5707)
> ? __fget_files (fs/file.c:918)
> __x64_sys_pread64 (./include/linux/file.h:44 fs/read_write.c:666
> fs/read_write.c:675 fs/read_write.c:672 fs/read_write.c:672)
> do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)
> entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)
> RIP: 0033:0x7fcf909151e7
> Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f4 f8 ff 4c 8b 54 24 18 48 8b
> 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00 00 0f 05 <48> 3d
> 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 35 f5 f8 ff 48 8b
> All code
> ========
> 0: 08 89 3c 24 48 89 or %cl,-0x76b7dbc4(%rcx)
> 6: 4c 24 18 rex.WR and $0x18,%al
> 9: e8 e5 f4 f8 ff call 0xfffffffffff8f4f3
> e: 4c 8b 54 24 18 mov 0x18(%rsp),%r10
> 13: 48 8b 54 24 10 mov 0x10(%rsp),%rdx
> 18: 41 89 c0 mov %eax,%r8d
> 1b: 48 8b 74 24 08 mov 0x8(%rsp),%rsi
> 20: 8b 3c 24 mov (%rsp),%edi
> 23: b8 11 00 00 00 mov $0x11,%eax
> 28: 0f 05 syscall
> 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
> <-- trapping instruction
> 30: 77 31 ja 0x63
> 32: 44 89 c7 mov %r8d,%edi
> 35: 48 89 04 24 mov %rax,(%rsp)
> 39: e8 35 f5 f8 ff call 0xfffffffffff8f573
> 3e: 48 rex.W
> 3f: 8b .byte 0x8b
>
> Code starting with the faulting instruction
> ===========================================
> 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
> 6: 77 31 ja 0x39
> 8: 44 89 c7 mov %r8d,%edi
> b: 48 89 04 24 mov %rax,(%rsp)
> f: e8 35 f5 f8 ff call 0xfffffffffff8f549
> 14: 48 rex.W
> 15: 8b .byte 0x8b
> RSP: 002b:00007ffc8a765460 EFLAGS: 00000293 ORIG_RAX: 0000000000000011
> RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 00007fcf909151e7
> RDX: 0000000000001000 RSI: 00007ffc8a765750 RDI: 0000000000000007
> RBP: 00007ffc8a765600 R08: 0000000000000000 R09: 000056045cb5ade0
> R10: 00007f7855f568a0 R11: 0000000000000293 R12: 00007f7855f568a0
> R13: 00001b840022a100 R14: 00007ffc8a765750 R15: 0000000000001000
> </TASK>
> ---[ end trace 0000000000000000 ]---
>
In your case, it's the gpu driver that caused the chrome crash. Then
chrome_crashpad triggered the warning. Fixing this warning won't fix the
gpu driver bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-08-16 21:32 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-17 12:56 WARNING: at mm/gup.c:1101 __get_user_pages in 6.4.3 Ilkka Prusi
2023-07-23 18:41 ` Wei Shuyu
2023-07-23 20:34 ` Thomas Weißschuh
2023-07-24 6:21 ` Wei Shuyu
[not found] ` <CAJuPgPPZ43=h5P8326-0bBcHadnOTGOoOTEP4yJJdDDt5fF8sw@mail.gmail.com>
2023-08-16 21:32 ` Wei Shuyu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox