[LTP] LTP: hugemmap19: PF: supervisor read access in kernel mode
Naresh Kamboju
naresh.kamboju@linaro.org
Mon Aug 26 15:57:55 CEST 2024
The following kernel BUG noticed on x86_64 and qemu-x86_64 while running
LTP hugetlb test cases on Linux next-20240823 and next-20240826 intermittently
This is been noticed with compat mode running 64 bit kernel on 32-bit rootfs.
We will re-investigate these test plan combinations with HUGE_PAGE on
compat mode.
First seen on - not sure - intermittent
Good: not sure
BAD: next-20240826 (intermittent)
Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
Crash log:
--------
hugemmap15.c:123: TINFO: SIGBUS at 0xf5200000 (sig_expected=0xf51fff80)
hugemmap15.c:123: TINFO: SIG[ 63.974604] hugemmap19 (460): drop_caches: 3
BUS at 0xf4e00000 (sig_expected=0xf4dfff80)
hugemmap15.c:123: TINFO: SIGBUS at 0xf4a00000 (sig_[ 63.987273] BUG:
kernel NULL pointer dereference, address: 0000000000000000
[ 63.995130] #PF: supervisor read access in kernel mode
[ 64.000269] #PF: error_code(0x0000) - not-present page
[ 64.005400] PGD 8000000105996067 P4D 8000000105996067 PUD 0
[ 64.011061] Oops: Oops: 0000 [#1] PREEMPT SMP PTI
[ 64.015765] CPU: 3 UID: 0 PID: 461 Comm: hugemmap19 Not tainted
6.11.0-rc5-next-20240826 #1
[ 64.024111] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
2.7 12/07/2021
[ 64.031518] RIP: 0010:mmap_region+0x443/0xcf0
[ 64.035908] Code: cd 29 00 85 c0 0f 84 c0 04 00 00 49 c7 c0 f4 ff
ff ff 48 83 7d a0 00 74 af 80 7d 9d 00 0f 85 af 00 00 00 48 8b 9d 50
ff ff ff <48> 8b 04 25 00 00 00 00 83 7b 38 01 74 14 48 3b 43 08 0f 82
fb 00
[ 64.054653] RSP: 0018:ffff9fcdc0647ba0 EFLAGS: 00010246
[ 64.059879] RAX: 0000000000000000 RBX: ffff9fcdc0647c28 RCX: 000000000000000a
[ 64.067012] RDX: ffffffff9d892a02 RSI: ffffffff9d892a02 RDI: ffffffff9d89274f
[ 64.074142] RBP: ffff9fcdc0647d90 R08: ffffffffffffffea R09: 00000000f7a00000
[ 64.081268] R10: 00000000f7c00000 R11: ffff94ea42ba6000 R12: 00000000f7a00000
[ 64.088400] R13: ffff94ea40064ec0 R14: 0000000000000073 R15: ffff94ea428e91e0
[ 64.095533] FS: 0000000000000000(0000) GS:ffff94ebafb80000(0063)
knlGS:00000000f7f525c0
[ 64.103618] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 64.109356] CR2: 0000000000000000 CR3: 0000000102ba6005 CR4: 00000000003706f0
[ 64.116486] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 64.123610] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 64.130736] Call Trace:
[ 64.133180] <TASK>
[ 64.135277] ? show_regs+0x68/0x80
[ 64.138709] ? __die+0x28/0x70
[ 64.141766] ? page_fault_oops+0x17b/0x560
[ 64.145858] ? free_pgtables+0x23e/0x2c0
[ 64.149777] ? do_user_addr_fault+0x2e0/0x600
[ 64.154136] ? exc_page_fault+0x71/0x170
[ 64.158060] ? asm_exc_page_fault+0x2b/0x30
[ 64.162247] ? call_rcu+0x12/0x20
[ 64.165564] ? call_rcu+0x12/0x20
[ 64.168876] ? __call_rcu_common.constprop.0+0x12f/0x390
[ 64.174187] ? mmap_region+0x443/0xcf0
[ 64.177938] do_mmap+0x327/0x5b0
[ 64.181201] vm_mmap_pgoff+0xe6/0x1b0
[ 64.184865] ksys_mmap_pgoff+0x15c/0x1f0
[ 64.188784] __ia32_sys_mmap_pgoff+0x29/0x30
[ 64.193056] ia32_sys_call+0x1ebe/0x27c0
[ 64.196981] __do_fast_syscall_32+0x6e/0x120
[ 64.201255] do_fast_syscall_32+0x37/0x80
[ 64.205266] do_SYSENTER_32+0x23/0x30
[ 64.208924] entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 64.214410] RIP: 0023:0xf7f57579
[ 64.217641] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08
03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f
34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00
00 00
[ 64.236378] RSP: 002b:00000000ffc4c3a0 EFLAGS: 00000286 ORIG_RAX:
00000000000000c0
[ 64.243936] RAX: ffffffffffffffda RBX: 00000000f7a00000 RCX: 0000000000200000
[ 64.251059] RDX: 0000000000000003 RSI: 0000000000000012 RDI: 0000000000000003
[ 64.258184] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 64.265306] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[ 64.272432] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 64.279558] </TASK>
[ 64.281749] Modules linked in: x86_pkg_temp_thermal
[ 64.286627] CR2: 0000000000000000
[ 64.289937] ---[ end trace 0000000000000000 ]---
[ 64.294547] RIP: 0010:mmap_region+0x443/0xcf0
[ 64.298898] Code: cd 29 00 85 c0 0f 84 c0 04 00 00 49 c7 c0 f4 ff
ff ff 48 83 7d a0 00 74 af 80 7d 9d 00 0f 85 af 00 00 00 48 8b 9d 50
ff ff ff <48> 8b 04 25 00 00 00 00 83 7b 38 01 74 14 48 3b 43 08 0f 82
fb 00
[ 64.317636] RSP: 0018:ffff9fcdc0647ba0 EFLAGS: 00010246
[ 64.322861] RAX: 0000000000000000 RBX: ffff9fcdc0647c28 RCX: 000000000000000a
[ 64.329986] RDX: ffffffff9d892a02 RSI: ffffffff9d892a02 RDI: ffffffff9d89274f
[ 64.337117] RBP: ffff9fcdc0647d90 R08: ffffffffffffffea R09: 00000000f7a00000
[ 64.344240] R10: 00000000f7c00000 R11: ffff94ea42ba6000 R12: 00000000f7a00000
[ 64.351364] R13: ffff94ea40064ec0 R14: 0000000000000073 R15: ffff94ea428e91e0
[ 64.358512] FS: 0000000000000000(0000) GS:ffff94ebafb80000(0063)
knlGS:00000000f7f525c0
[ 64.366592] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 64.372329] CR2: 0000000000000000 CR3: 0000000102ba6005 CR4: 00000000003706f0
[ 64.379469] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 64.386604] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 64.393728] note: hugemmap19[461] exited with irqs disabled
expected=0xf49fff80)
hugemmap15.c:123: TINFO: SIGBUS at 0xf4600000 (sig_expected=0xf45fff80)
Crash Log links,
--------
x86_64 device log -
https://lkft.validation.linaro.org/scheduler/job/7821061#L2049
x86_64 device log -
https://lkft.validation.linaro.org/scheduler/job/7821898#L2102
Qemu-x86_64 log -
https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20240826/testrun/24952975/suite/log-parser-test/test/check-kernel-oops-oops-oops-preempt-smp-pti/log
Crash failed comparison:
----------
- https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20240826/testrun/24954436/suite/log-parser-test/test/check-kernel-oops-oops-oops-preempt-smp-pti/history/
metadata:
----
git describe: next-20240826
git repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next
git sha: 1ca4237ad9ce29b0c66fe87862f1da54ac56a1e8
kernel config:
https://storage.tuxsuite.com/public/linaro/lkft/builds/2lC5Io63H0fgSxxgMVk7RTlr00F/config
artifact location:
https://storage.tuxsuite.com/public/linaro/lkft/builds/2lC5Io63H0fgSxxgMVk7RTlr00F/
build url: https://storage.tuxsuite.com/public/linaro/lkft/builds/2lC5Io63H0fgSxxgMVk7RTlr00F/
toolchain: gcc-13
arch: x86_64
LTP url: https://storage.tuxboot.com/overlays/debian/trixie/i386/ltp/20240524/ltp.tar.xz
rootfs url: https://storage.tuxboot.com/debian/trixie/i386/rootfs.tar.xz
Steps to reproduce:
---------
- https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2lC5MBjPoo5vifL9EXfsMWCSHfN/reproducer
- https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2lC5MBjPoo5vifL9EXfsMWCSHfN/tux_plan
- https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2lC5MDbvH0o3j1TMpyOSDF4alXR/reproducer
- https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2lC5MDbvH0o3j1TMpyOSDF4alXR/tux_plan
Please let me know if you need more information.
--
Linaro LKFT
https://lkft.linaro.org
More information about the ltp
mailing list