From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 81C9BC4167B for ; Sun, 1 Jan 2023 07:37:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E40098E0002; Sun, 1 Jan 2023 02:37:39 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DF00D8E0001; Sun, 1 Jan 2023 02:37:39 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CDF688E0002; Sun, 1 Jan 2023 02:37:39 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id BF7958E0001 for ; Sun, 1 Jan 2023 02:37:39 -0500 (EST) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 905F8A5419 for ; Sun, 1 Jan 2023 07:37:39 +0000 (UTC) X-FDA: 80305425438.04.15DE64B Received: from mail-pj1-f51.google.com (mail-pj1-f51.google.com [209.85.216.51]) by imf24.hostedemail.com (Postfix) with ESMTP id EBA73180005 for ; Sun, 1 Jan 2023 07:37:37 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=XdIjmK43; spf=pass (imf24.hostedemail.com: domain of 42.hyeyoo@gmail.com designates 209.85.216.51 as permitted sender) smtp.mailfrom=42.hyeyoo@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1672558658; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=MWEjzEKMcmAbvxrRrbtXpBikge1S3ux2aaGfJM/CGG8=; b=BTEEdCa2ctQcPkpx9htDKga1PdtWlq87/jBG4d/2Tbkvg4gVi3M4nJmpcM4xCIRzr8Cubc zAzbbYQO6t07A3XYqoSVmClyKlSMSvH5KB8eqhGWkcbZw7XVT8Tn52qJXxizhegHNf+6E7 2+yPrMmKa/PwHReJdQlw3yZkB4PSPvY= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=XdIjmK43; spf=pass (imf24.hostedemail.com: domain of 42.hyeyoo@gmail.com designates 209.85.216.51 as permitted sender) smtp.mailfrom=42.hyeyoo@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1672558658; a=rsa-sha256; cv=none; b=vRvd5B1WyzmOrPfZhVbk2SlmxcVXSlj3x8CGcTAmHi9CTVUnvhT18lSemGwSLqNw5urIuW cQObyokbsowN1QpugNlzuBgbwF4dJiSmSMm+yDuvhe0D0NVW4AerjsbmJpGijJTd5rdteW HMzKgAeguKOWY5vM2d0n4BOggNAq1PE= Received: by mail-pj1-f51.google.com with SMTP id u4-20020a17090a518400b00223f7eba2c4so25534162pjh.5 for ; Sat, 31 Dec 2022 23:37:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=MWEjzEKMcmAbvxrRrbtXpBikge1S3ux2aaGfJM/CGG8=; b=XdIjmK43cqk1mzlCRNkZuxHLLQKxmz/csAj4EjfvTPRHslw05qnS/roYQwp2c+8gkk SBrMkrrlF+wMivNPFlXX23nfW2nPcA2vyhr1zPAUczjsTKhzSULcPny6Fcv4NO4h1pyr 4ZfFvS7+CcwAmUliZmdJYxApAU/afGNPwQyAZBHCLF8FWihGsUnulXEVWj98zLClD3cT RTARotrhz2sPHTsaL1Sxudpc89lQytmtt1qm9oMs6FLqlHR7gDXjVNEUwdEowXV6TwNU vrnlLQuE4KI7EN5QBLVw4Ac2NQNvXtMI4meiJPEE1BVLyB6S2oysQ1MNve6sLo1yJJ9u RI1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=MWEjzEKMcmAbvxrRrbtXpBikge1S3ux2aaGfJM/CGG8=; b=7AShQ3Lfp6frMOMVIXby70H+CgdS8Xr8w+METDYKYtSBTrQN9WtPqZ0igcAw3cZOFS V5ooGzOwVVpM/akxSLy1OVad9PP+LIp+nph2ZwZoU+hJjAcdA/eR5O7TWRP6Xii5meFC PSCNNchxKazCb9msvXPZBid51uNXUeO1UAFUJE1tkyOwOSk6IHqNzY3nQRCrm8JzVBFI gZOziM5ybo26BiGZzmEiAwR6cX2owKNhzPvWteuQ1sqxgeuKXFKnBTSP0Kw1MsxVPIwZ v0Zy+tNdja74ocMM8ecSTxckEESLUjotRspi+HniL010uDZgN8XyrTtIkkbQVdkSaIdM uYmA== X-Gm-Message-State: AFqh2kqSZnzLOnkltFCMIU/mIDqsBzW0YeW9+qJgK5mbgoGkE8GPk1/K UM+ea+4ZrBuDMYZHYaswWEA= X-Google-Smtp-Source: AMrXdXt1t+EOG2ITGN8Df8z6C9zc7KW2F6DlvplBoxaBDIcy0sJFehT1daOtV6MttiJhjUsWrSPuWQ== X-Received: by 2002:a17:902:ed84:b0:189:6bda:e98f with SMTP id e4-20020a170902ed8400b001896bdae98fmr36043517plj.58.1672558656690; Sat, 31 Dec 2022 23:37:36 -0800 (PST) Received: from hyeyoo ([114.29.91.56]) by smtp.gmail.com with ESMTPSA id n3-20020a170902e54300b001745662d568sm17838326plf.278.2022.12.31.23.37.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 31 Dec 2022 23:37:35 -0800 (PST) Date: Sun, 1 Jan 2023 16:37:29 +0900 From: Hyeonggon Yoo <42.hyeyoo@gmail.com> To: kernel test robot Cc: Vlastimil Babka , oe-lkp@lists.linux.dev, lkp@intel.com, Mike Rapoport , Christoph Lameter , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Paolo Bonzini , Wanpeng Li , Vitaly Kuznetsov , Juergen Gross , "Srivatsa S. Bhat" , Alexey Makhalov , VMware PV-Drivers Reviewers , kvm@vger.kernel.org, Sean Christopherson Subject: supervisor write access in kernel mode in __pv_queued_spin_unlock_slowpath Message-ID: References: <202212312021.bc1efe86-oliver.sang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: EBA73180005 X-Stat-Signature: 7axwfhrnzwuadg7kcbruz1torxydpcjx X-Rspam-User: X-HE-Tag: 1672558657-198174 X-HE-Meta: U2FsdGVkX18Cbhltv4lapuhef03eaRcG+UIFwuNRlB2YD+bzoLl4UhYIulCOAj+eIG22sPF+YqFiunhRXCtDnsKrPzcojpHXjNEtW8cULZ4Aii/lOv9MjyKIMg1KcFZ77+/E3ZjqmRfyFTxwHaQeNys1oabEQS7a0E/uW0kxtlN7k8yDrfzOgmhM3zPKA1vKdPL5m7czeXzEHNmrkpdYvYKduSuPwAlm+Xl71tvVuQEYyr43eeYqpSkJOYWQne0t0fpUYjwHxHE6VeWT4wNnHCVpFpK6q0f/WfNn+1Yb5tAd3B06E/nSI+y2yCWL+k0+0DmsbEULgish5DK6NiLSmZC8YNU4Rv36YtoyEnArTJa3CJ0+0PE4JE5z9yFtvgxqVHSVTNZH3SA56cGE/pF81Jwz37pcIElzNzIHFQ70FQs5miaihyskHYQsT4o3vDoePZDltCEpkYQrtd5k1t7ludXHLBjArJw4X5KRXzAMdCAG/Q+cj/8dnnB9BuiWb3fwrBaQP5rjAUaPSf6QG9Ks/xp/2ZPfhm+cxklYYqFQX/H2G2CwGJD3GgK8Jdj4qyW6UgU68BfJ461ERPCkt3emb+UbHuBr/R/qB2p0Q7YjsqdmmaX6nGyCLGgt6JcH4JKViOIfSZUP+3z4GSW2aUQVmmtYztDLd7w0h7g7+6THBYi4Aq1UqGWsKQ4lCcczx7KzOEfwrJhrfnzNivK2gJzxRtMw6oN5O1DqSBXdYj+iTkImQaTZ1up1IMrzEmef6+sfEsvguWcgepV9EE7dHzsH74a1Nkm/7WMZMncw+rLgIVwV/YKqmdQstFQfs5xMkDmVM2S3jvNHnABn26ECSAeZum/9LevAUcAoWbPrcO2iVpAT62glWwmxR8k27jjoiYKUWrkCBLpd8HlYLZILtFaSDWDzgHnYn0QXD/O1EDZyYIecxszzDdp2g2+fBaVgfDzag9f7mHFetl9g2riBuvG rEKhM6wV SBWWcVXra+FqDzwAt1LD2RD1o+MV0CkDaoYEOiuPeQKvqFNDOssP/EPfhVUdoJS2dQvYT4pEqIKmk57/x+XCNvSobEGDptoLfCiU5AYQ1+Cycjz0NiVNjzMf+9d+ed+8pTgzt4n11L+DQTRf5XxkiVwz2ct1HmuCpC1lH X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Sun, Jan 01, 2023 at 03:50:28PM +0900, Hyeonggon Yoo wrote: > On Sat, Dec 31, 2022 at 11:26:25PM +0800, kernel test robot wrote: > > > > Greeting, > > > > FYI, we noticed kernel_BUG_at_include/linux/mm.h due to commit (built with gcc-11): > > > > commit: 0af8489b0216fa1dd83e264bef8063f2632633d7 ("mm, slub: remove percpu slabs with CONFIG_SLUB_TINY") > > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master > > > > [test failed on linux-next/master c76083fac3bae1a87ae3d005b5cb1cbc761e31d5] > > > > in testcase: rcutorture > > version: > > with following parameters: > > > > runtime: 300s > > test: default > > torture_type: tasks-tracing > > > > test-description: rcutorture is rcutorture kernel module load/unload test. > > test-url: https://www.kernel.org/doc/Documentation/RCU/torture.txt > > > > > > on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G > > > > caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): > > > > > > If you fix the issue, kindly add following tag > > | Reported-by: kernel test robot > > | Link: https://lore.kernel.org/oe-lkp/202212312021.bc1efe86-oliver.sang@intel.com > > > > > > > > > > > > > To reproduce: > > > > # build kernel > > cd linux > > cp config-6.1.0-rc2-00014-g0af8489b0216 .config > > make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules > > make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH= modules_install > > cd > > find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz > > > > > > git clone https://github.com/intel/lkp-tests.git > > cd lkp-tests > > bin/lkp qemu -k -m modules.cgz job-script # job-script is attached in this email > > > > # if come across any failure that blocks the test, > > # please remove ~/.lkp and /lkp dir to run from a clean state. > > > I was unable to reproduce in the same way as described above > because some files referenced in job-script couldn't be downloaded from > download.01.org/0day :( > > So I just built rcutorture module as builtin > and I got weird spinlock bug on commit: 0af8489b0216 > ("mm, slub: remove percpu slabs with CONFIG_SLUB_TINY") (+Cc KVM/Paravirt experts) > full dmesg added as attachment > > [ 1387.564837][ T57] BUG: unable to handle page fault for address: c108f5f4 > [ 1387.566649][ T57] #PF: supervisor write access in kernel mode > [ 1387.567965][ T57] #PF: error_code(0x0003) - permissions violation > [ 1387.569439][ T57] *pde = 010001e1 > [ 1387.570276][ T57] Oops: 0003 [#1] SMP > [ 1387.571149][ T57] CPU: 2 PID: 57 Comm: rcu_torture_rea Tainted: G S 6.1.0-rc2-00010-g0af8489b0216 #2130 63d19ac2b985fca570c354d8750f489755de37ed > [ 1387.574673][ T57] EIP: kvm_kick_cpu+0x54/0x90 > [ 1387.575802][ T57] Code: 2f c5 01 8b 04 9d e0 d4 4e c4 83 15 14 7b 2f c5 00 83 05 08 6d 2f c5 01 0f b7 0c 30 b8 05 00 00 00 83 15 0c 6d 2f c5 00 31 db <0f> 01 c1 83 05 10 6d 2f c5 01 8b 5d f8 8b 75 fc 83 15 14 6d 2f c5 > [ 1387.580456][ T57] EAX: 00000005 EBX: 00000000 ECX: 00000003 EDX: c108f5a0 > [ 1387.582071][ T57] ESI: c5153580 EDI: 00000046 EBP: c69cddf8 ESP: c69cddf0 > [ 1387.583775][ T57] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010046 > [ 1387.585643][ T57] CR0: 80050033 CR2: c108f5f4 CR3: 0776b000 CR4: 00350e90 > [ 1387.587492][ T57] Call Trace: > [ 1387.588365][ T57] __pv_queued_spin_unlock_slowpath+0x66/0x110 > [ 1387.589898][ T57] __pv_queued_spin_unlock+0x4b/0x60 > [ 1387.591040][ T57] __raw_callee_save___pv_queued_spin_unlock+0x9/0x10 > [ 1387.592771][ T57] do_raw_spin_unlock+0x49/0xa0 > [ 1387.593805][ T57] _raw_spin_unlock_irqrestore+0x53/0xd0 > [ 1387.594927][ T57] swake_up_one+0x4f/0x70 > [ 1387.595739][ T57] __rcu_report_exp_rnp+0x26b/0x470 > [ 1387.596730][ T57] rcu_report_exp_cpu_mult+0x82/0x2f0 > [ 1387.597770][ T57] rcu_qs+0xac/0x160 > [ 1387.598503][ T57] rcu_note_context_switch+0x31/0x1e0 > [ 1387.599460][ T57] __schedule+0xc5/0x770 > [ 1387.600195][ T57] __cond_resched+0x7a/0x100 > [ 1387.600996][ T57] stutter_wait+0x9e/0x2c0 > [ 1387.601956][ T57] rcu_torture_reader+0x162/0x3e0 > [ 1387.603048][ T57] ? rcu_torture_reader+0x3e0/0x3e0 > [ 1387.604269][ T57] ? __kthread_parkme+0xab/0xf0 > [ 1387.605420][ T57] kthread+0x167/0x1d0 > [ 1387.606383][ T57] ? rcu_torture_read_exit_child+0xa0/0xa0 > [ 1387.607516][ T57] ? kthread_exit+0x50/0x50 > [ 1387.608517][ T57] ret_from_fork+0x19/0x24 > [ 1387.609548][ T57] Modules linked in: > [ 1387.610187][ T57] CR2: 00000000c108f5f4 > [ 1387.610873][ T57] ---[ end trace 0000000000000000 ]--- > [ 1387.611829][ T57] EIP: kvm_kick_cpu+0x54/0x90 > [ 1387.612653][ T57] Code: 2f c5 01 8b 04 9d e0 d4 4e c4 83 15 14 7b 2f c5 00 83 05 08 6d 2f c5 01 0f b7 0c 30 b8 05 00 00 00 83 15 0c 6d 2f c5 00 31 db <0f> 01 c1 83 05 10 6d 2f c5 01 8b 5d f8 8b 75 fc 83 15 14 6d 2f c5 > [ 1387.616715][ T57] EAX: 00000005 EBX: 00000000 ECX: 00000003 EDX: c108f5a0 > [ 1387.618242][ T57] ESI: c5153580 EDI: 00000046 EBP: c69cddf8 ESP: c69cddf0 > [ 1387.619912][ T57] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010046 > [ 1387.621666][ T57] CR0: 80050033 CR2: c108f5f4 CR3: 0776b000 CR4: 00350e90 > [ 1387.623128][ T57] Kernel panic - not syncing: Fatal exception > [ 1389.285045][ T57] Shutting down cpus with NMI > [ 1389.297949][ T57] Kernel Offset: disabled > [ 1389.299174][ T57] ---[ end Kernel panic - not syncing: Fatal exception ]---