From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 482C3C021AB for ; Wed, 19 Feb 2025 08:41:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D09C228020E; Wed, 19 Feb 2025 03:41:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id C1D2628020C; Wed, 19 Feb 2025 03:41:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id ABF5128020E; Wed, 19 Feb 2025 03:41:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 85E4128020C for ; Wed, 19 Feb 2025 03:41:41 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 03B3A161242 for ; Wed, 19 Feb 2025 08:41:40 +0000 (UTC) X-FDA: 83136050802.26.DA707B7 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by imf13.hostedemail.com (Postfix) with ESMTP id 375A320003 for ; Wed, 19 Feb 2025 08:41:39 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=arm.com; spf=pass (imf13.hostedemail.com: domain of ryan.roberts@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=ryan.roberts@arm.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739954499; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MwiXKg5kZZ+bylblYqCvLo5zVWLY4+l4Kvm8YiJdYiw=; b=Myp6vKGPnwo/TeVTOEz+R6Xc27eqlOtlolttwqasJWHmM7CUaZE/uY9iG7ft9VPc/EhlIh 1DweJttuYmCmOT8hFmssRRce8HUUb/5YmWNw2DrbWT3MFDHveYg6U3B/ww7xgscFChA9SL bEpy5/r2rVS2Ea4VdCodZREJAxY/gLY= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=arm.com; spf=pass (imf13.hostedemail.com: domain of ryan.roberts@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=ryan.roberts@arm.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739954499; a=rsa-sha256; cv=none; b=ejcV/G+dmnh/6MEMMs/yeYxYZ2bkv9yrigVJ6cgKgcF6sEorbTyXjEF3LaRe68ICh68QXN B8bJn3Mvukiui4jyqtuZxzKzp3jn0oOtfQ1mAMvR+QgCjop/DcfA20J1/EvbsI/8wi+69w GBTw5lyHfg5kSf58RyUBH4YEFY7yikk= Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1FCE41682; Wed, 19 Feb 2025 00:41:57 -0800 (PST) Received: from [10.57.84.233] (unknown [10.57.84.233]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D45833F5A1; Wed, 19 Feb 2025 00:41:37 -0800 (PST) Message-ID: Date: Wed, 19 Feb 2025 08:41:36 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: kernel BUG at arch/arm64/mm/mmu.c:185! Content-Language: en-GB To: Luiz Capitulino , LKML , linux-mm@kvack.org Cc: ardb@kernel.org References: From: Ryan Roberts In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspam-User: X-Stat-Signature: idxifyettwk6dwng551j4uskeg1inx4o X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 375A320003 X-HE-Tag: 1739954499-186283 X-HE-Meta: U2FsdGVkX19Zg6lbWACsY7qMsN3IhtNtabqUiloblhzs7qZheEGepLmsb6EXUJuVbpemUQ826LXXFBhJdoSrxilxsBKvvMmZGRYkw5xKjLPliDhP9k2NUI9CzEgTyWvhyQvJ/UWujVcxB6lQR+M1McJfubcwJGMBA+LYfjO75F/JCl6oKmR6i2TgkL07zegs8A3VYerarW+UqIWosBa14hD9wQDAzK7cK3G0CITfUM0Df6EKdVcadHtAPdqbIdpFqxn8RJCvu60Jr8Pw7wa5BAd/Aj5mpxNAqmmGBHnvKH5z+tZpUEDZtuU4lDI/123fUykWzWb2NGLkqWc2+xc+AoLcAQCwohv2z6UUt85AhbLyMYQBCHvbcvSnLMCEUZZuNNAxXsXEv1PdHg3ftOrfZHPOnuOehfwz6j1R+uSfB+Vz5a+oHd30+XovzjWrvzLF27p2YzMvsZGLRDKxc8yie27jKAM1ERWwiizxYJBzaUDSzcq4xrhJEoRFLM2kccY7rxbhJ6D2ciBcWQj4KV4JNzYbtNTbrvVLCOTeQHVejcztBKn6ZGr9oAWyx2xe3vMh+vg3nTGXHaZDtxQC8ClbuO+n698B1twzuTFHI69uBW0u2EpXq6783MYJixqHjaTLy1FOceyl85vZG/8h/h7F1//T+gme62lHg5xIArvUeVd2ZZAaAg39IWCLDn7csIvt994FiMBCaE57u3YFw09bMdlBa9djmIYN4x0BafbGyBwSZunrALMeHdtwWZAgEhk9EXKPeAJkdBG4m1JLttx8+LXa+nDZOyxor+xGpAjFjqurxR/lmDP0f1+UPJGM+PGsHSrfJKYb8ZrtnMRmoiMfBI26vhVOZZqud9zpRWmc+3XCFg8px+mhb5F6QXrth1mjYp668ZRr3aOz73g66oBaQOOHJn4xGoalX9QRy6Na79VWs2w6umeXY6JC6wUKXjpp4jFGWyN3SEMkF9CzKsu uGchm0tg hRzhdfuycG5eBH8zvZ1e0D+evv4Z1hl3vfbtb1riBC69ZRcPUEConqek8H10OLKhTcKkBTVu5BrQAHj8Ih/L+wPGQZ75nZD//eSxKr5pFWk/P6crNSh/KwWkPjG1eLX7N0a/GzaSuFOsk39jZ/3iA/OMOjvWyrf7PIMD/VKuPpN+TGtvF76L5M6cdcv6zebw/EdSpl7DKlPWnsholCczHTS8+/A== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 19/02/2025 02:27, Luiz Capitulino wrote: > Hi, > > I'm getting the crash below with Linus tree commit > 2408a807bfc3f738850ef5ad5e3fd59d66168996 on a Ampere Mt. Jade with two sockets > (backtrace below). Thanks for the bug report, I'll take a look this morning, but I'm off work tomorrow and Friday so if I can't figure it out before end of day I won't be able to look again until Monday, unless someone can pick it up in the meantime. Anyway, is there a specific config you're compiling for? And what about kernel command line args? Is it 100% reproducible for you? How much RAM does your system have? (I have 2 socket Mt. Jade with 512G; I'll try to repro on that). > > It happens very early during boot. Passing 'nokaslr' in the command-line works > around the issue (ie. I can boot and use the system normally). Doesn't seem to > happen with 6.13. I tried bisecting it but got nowhere... > > [    0.000000] ------------[ cut here ]------------ > [    0.000000] kernel BUG at arch/arm64/mm/mmu.c:185! This is: /* * After the PTE entry has been populated once, we * only allow updates to the permission attributes. */ BUG_ON(!pgattr_change_is_safe(pte_val(old_pte), pte_val(__ptep_get(ptep)))); So we have a valid -> valid PTE transition where either the PFNs are changing, we are trying to change permissions on a contiguous entry, we are trying to transition from non-global to global, or we are trying to change other explicitly disallowed bits. > [    0.000000] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP > [    0.000000] Modules linked in: > [    0.000000] CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 6.14.0-rc3+ #8 > [    0.000000] pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) > [    0.000000] pc : alloc_init_cont_pte+0x20c/0x3d0 > [    0.000000] lr : alloc_init_cont_pte+0x204/0x3d0 > [    0.000000] sp : ffffb45836ec78b0 > [    0.000000] x29: ffffb45836ec7940 x28: ffff6fea00000000 x27: 0068000000000f07 > [    0.000000] x26: ffff6fea00200000 x25: 0000400000000000 x24: ffffffffff433000 > [    0.000000] x23: dfff800000000000 x22: 0000d01600000000 x21: 0068000000000f07 > [    0.000000] x20: ffff6fea00000000 x19: ffff6fea00010000 x18: 00000000ae5a3fb1 > [    0.000000] x17: 0000000000001114 x16: 00000000bfc60000 x15: 0000000000000200 > [    0.000000] x14: 0000000000000000 x13: 1ffff68b06dd8f1c x12: 00000000f1f1f1f1 > [    0.000000] x11: ffff768b06dd8f1c x10: ffffb45835a1ca38 x9 : 0000000000000000 > [    0.000000] x8 : 0000000041b58ab3 x7 : 0000000000000000 x6 : 0000000000000000 > [    0.000000] x5 : 006840000a861f07 x4 : 000000000000a861 x3 : 000000000000a861 > [    0.000000] x2 : 006840000a861f03 x1 : 0068400000000f07 x0 : 0000000000000000 > [    0.000000] Call trace: > [    0.000000]  alloc_init_cont_pte+0x20c/0x3d0 (P) > [    0.000000]  alloc_init_cont_pmd+0x20c/0x4d0 > [    0.000000]  alloc_init_pud+0x244/0x400 > [    0.000000]  create_kpti_ng_temp_pgd+0xf8/0x1c8 This is an alias for __create_pgd_mapping_locked() so I suspect we are actually in __map_memblock(). > [    0.000000]  map_mem.constprop.0+0x1d8/0x3b8 > [    0.000000]  paging_init+0x98/0x330 > [    0.000000]  setup_arch+0xac/0x170 > [    0.000000]  start_kernel+0x74/0x3c8 > [    0.000000]  __primary_switched+0x8c/0xa0 > [    0.000000] Code: f9400301 97ffff64 72001c1f 54fffe21 (d4210000) > [    0.000000] ---[ end trace 0000000000000000 ]--- > [    0.000000] Kernel panic - not syncing: Oops - BUG: Fatal exception > [    0.000000] ---[ end Kernel panic - not syncing: Oops - BUG: Fatal > exception ]--- > So I guess either we are setting a PTE entry into a table for the first time, where somehow the table has not been initially cleared (very unlikely) or we are trying to update the permissions of an already mapped pte. In that latter case, I think we should only be remapping the kernel image portion of the linear map. I can't see any obvious recent changes in this area. I'll see if I can repro and poke around a bit more. Thanks, Ryan