* Re: BUG: unable to handle page fault for address: 0000000000030368
[not found] ` <CANpmjNMAfLDZtHaZBZk_tZ-oM5FgYTSOgfbJLTFN7JE-mq0u_A@mail.gmail.com>
@ 2024-03-26 12:44 ` Paul Menzel
2024-03-28 16:17 ` Paul Menzel
0 siblings, 1 reply; 3+ messages in thread
From: Paul Menzel @ 2024-03-26 12:44 UTC (permalink / raw)
To: Marco Elver
Cc: kasan-dev, Thomas Gleixner, Borislav Petkov, Peter Zijlstra,
Josh Poimboeuf, Ingo Molnar, Dave Hansen, x86, LKML
[Cc: +X86 maintainers]
Dear Marco,
Thank you for your quick reply. (Note, that your mailer wrapped the
pasted lines.)
Am 26.03.24 um 11:07 schrieb Marco Elver:
> On Tue, 26 Mar 2024 at 10:23, Paul Menzel wrote:
>> Trying KCSAN the first time – configuration attached –, it fails to boot
>> on the Dell XPS 13 9360 and QEMU q35. I couldn’t get logs on the Dell
>> XPS 13 9360, so here are the QEMU ones:
>
> If there's a bad access somewhere which is instrumented by KCSAN, it
> will unfortunately still crash inside KCSAN.
>
> What happens if you compile with CONFIG_KCSAN_EARLY_ENABLE=n? It
> disables KCSAN (but otherwise the kernel image is the same) and
> requires turning it on manually with "echo on >
> /sys/kernel/debug/kcsan" after boot.
>
> If it still crashes, then there's definitely a bug elsewhere. If it
> doesn't crash, and only crashes with KCSAN enabled, my guess is that
> KCSAN's delays of individual threads are perturbing execution to
> trigger previously undetected bugs.
Such a Linux kernel booted with a warning on the Dell XPS 13 9360 (but
booted with *no* warning on QEMU q35) [1], but enabling KCSAN on the
laptop hangs the laptop right away. I couldn’t get any logs of the laptop.
> At least I can't explain it any other way.
How do you test KCSAN?
Kind regards,
Paul
>> ```
>> $ qemu-system-x86_64 -M q35 -enable-kvm -smp cpus=2 -m 1G -serial stdio -net nic -net user,hostfwd=tcp::22222-:22 -kernel boot/vmlinuz-6.9.0-rc1+ -append "root=/dev/sda1 console=ttyS0"
>> [ 0.000000] Linux version 6.9.0-rc1+ (build@bohemianrhapsody.molgen.mpg.de) (gcc (Debian 13.2.0-19) 13.2.0, GNU ld (GNU Binutils for Debian) 2.42) #75 SMP PREEMPT_DYNAMIC Tue Mar 26 07:03:41 CET 2024
>> [ 0.000000] Command line: root=/dev/sda1 console=ttyS0
>> [ 0.000000] BIOS-provided physical RAM map:
>> [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
>> [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
>> [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
>> [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdefff] usable
>> [ 0.000000] BIOS-e820: [mem 0x000000003ffdf000-0x000000003fffffff] reserved
>> [ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved
>> [ 0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
>> [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
>> [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
>> [ 0.000000] NX (Execute Disable) protection: active
>> [ 0.000000] APIC: Static calls initialized
>> [ 0.000000] SMBIOS 3.0.0 present.
>> [ 0.000000] DMI: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
>> [ 0.000000] Hypervisor detected: KVM
>> [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
>> [ 0.000001] kvm-clock: using sched offset of 1376980956 cycles
>> [ 0.000006] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
>> [ 0.000014] tsc: Detected 2904.008 MHz processor
>> [ 0.004273] last_pfn = 0x3ffdf max_arch_pfn = 0x400000000
>> [ 0.004315] MTRR map: 4 entries (3 fixed + 1 variable; max 19), built from 8 variable MTRRs
>> [ 0.004323] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
>> [ 0.012972] found SMP MP-table at [mem 0x000f5480-0x000f548f]
>> [ 0.013243] ACPI: Early table checksum verification disabled
>> [ 0.013252] ACPI: RSDP 0x00000000000F52C0 000014 (v00 BOCHS )
>> [ 0.013265] ACPI: RSDT 0x000000003FFE2357 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013283] ACPI: FACP 0x000000003FFE2147 0000F4 (v03 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013304] ACPI: DSDT 0x000000003FFE0040 002107 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013319] ACPI: FACS 0x000000003FFE0000 000040
>> [ 0.013331] ACPI: APIC 0x000000003FFE223B 000080 (v03 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013346] ACPI: HPET 0x000000003FFE22BB 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013361] ACPI: MCFG 0x000000003FFE22F3 00003C (v01 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013375] ACPI: WAET 0x000000003FFE232F 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>> [ 0.013388] ACPI: Reserving FACP table memory at [mem 0x3ffe2147-0x3ffe223a]
>> [ 0.013393] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe2146]
>> [ 0.013398] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f]
>> [ 0.013402] ACPI: Reserving APIC table memory at [mem 0x3ffe223b-0x3ffe22ba]
>> [ 0.013407] ACPI: Reserving HPET table memory at [mem 0x3ffe22bb-0x3ffe22f2]
>> [ 0.013411] ACPI: Reserving MCFG table memory at [mem 0x3ffe22f3-0x3ffe232e]
>> [ 0.013416] ACPI: Reserving WAET table memory at [mem 0x3ffe232f-0x3ffe2356]
>> [ 0.013746] No NUMA configuration found
>> [ 0.013750] Faking a node at [mem 0x0000000000000000-0x000000003ffdefff]
>> [ 0.013762] NODE_DATA(0) allocated [mem 0x3ffb4000-0x3ffdefff]
>> [ 0.015042] Zone ranges:
>> [ 0.015047] DMA [mem 0x0000000000001000-0x0000000000ffffff]
>> [ 0.015056] DMA32 [mem 0x0000000001000000-0x000000003ffdefff]
>> [ 0.015067] Normal empty
>> [ 0.015073] Device empty
>> [ 0.015080] Movable zone start for each node
>> [ 0.015113] Early memory node ranges
>> [ 0.015116] node 0: [mem 0x0000000000001000-0x000000000009efff]
>> [ 0.015122] node 0: [mem 0x0000000000100000-0x000000003ffdefff]
>> [ 0.015128] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdefff]
>> [ 0.015177] On node 0, zone DMA: 1 pages in unavailable ranges
>> [ 0.015913] On node 0, zone DMA: 97 pages in unavailable ranges
>> [ 0.028914] On node 0, zone DMA32: 33 pages in unavailable ranges
>> [ 0.029456] ACPI: PM-Timer IO Port: 0x608
>> [ 0.029493] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
>> [ 0.029547] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
>> [ 0.029558] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
>> [ 0.029564] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
>> [ 0.029569] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
>> [ 0.029575] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
>> [ 0.029580] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
>> [ 0.029597] ACPI: Using ACPI (MADT) for SMP configuration information
>> [ 0.029602] ACPI: HPET id: 0x8086a201 base: 0xfed00000
>> [ 0.029624] CPU topo: Max. logical packages: 1
>> [ 0.029628] CPU topo: Max. logical dies: 1
>> [ 0.029631] CPU topo: Max. dies per package: 1
>> [ 0.029644] CPU topo: Max. threads per core: 1
>> [ 0.029647] CPU topo: Num. cores per package: 2
>> [ 0.029650] CPU topo: Num. threads per package: 2
>> [ 0.029653] CPU topo: Allowing 2 present CPUs plus 0 hotplug CPUs
>> [ 0.029679] kvm-guest: APIC: eoi() replaced with kvm_guest_apic_eoi_write()
>> [ 0.029726] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
>> [ 0.029734] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
>> [ 0.029738] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
>> [ 0.029742] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
>> [ 0.029749] [mem 0x40000000-0xafffffff] available for PCI devices
>> [ 0.029753] Booting paravirtualized kernel on KVM
>> [ 0.029758] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
>> [ 0.035898] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:2 nr_cpu_ids:2 nr_node_ids:1
>> [ 0.036314] percpu: Embedded 65 pages/cpu s229376 r8192 d28672 u1048576
>> [ 0.036436] kvm-guest: PV spinlocks disabled, no host support
>> [ 0.036440] Kernel command line: root=/dev/sda1 console=ttyS0
>> [ 0.036669] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
>> [ 0.036739] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
>> [ 0.036830] Fallback order for Node 0: 0
>> [ 0.036839] Built 1 zonelists, mobility grouping on. Total pages: 257759
>> [ 0.036844] Policy zone: DMA32
>> [ 0.036875] mem auto-init: stack:all(zero), heap alloc:on, heap free:off
>> [ 0.042521] Memory: 260860K/1048052K available (22528K kernel code, 2386K rwdata, 6124K rodata, 6304K init, 8064K bss, 70584K reserved, 0K cma-reserved)
>> [ 0.056267] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1
>> [ 0.056279] kmemleak: Kernel memory leak detector disabled
>> [ 0.056484] Kernel/User page tables isolation: enabled
>> [ 0.056631] ftrace: allocating 43400 entries in 170 pages
>> [ 0.065090] ftrace: allocated 170 pages with 4 groups
>> [ 0.066107] Dynamic Preempt: voluntary
>> [ 0.066496] rcu: Preemptible hierarchical RCU implementation.
>> [ 0.066500] rcu: RCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=2.
>> [ 0.066505] Trampoline variant of Tasks RCU enabled.
>> [ 0.066508] Rude variant of Tasks RCU enabled.
>> [ 0.066510] Tracing variant of Tasks RCU enabled.
>> [ 0.066513] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
>> [ 0.066517] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2
>> [ 0.066535] RCU Tasks: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1.
>> [ 0.066541] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1.
>> [ 0.066546] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1.
>> [ 0.079398] NR_IRQS: 524544, nr_irqs: 440, preallocated irqs: 16
>> [ 0.079764] rcu: srcu_init: Setting srcu_struct sizes based on contention.
>> [ 0.091718] Console: colour VGA+ 80x25
>> [ 0.091774] printk: legacy console [ttyS0] enabled
>> [ 0.232004] ACPI: Core revision 20230628
>> [ 0.233211] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
>> [ 0.234715] APIC: Switch to symmetric I/O mode setup
>> [ 0.235721] x2apic enabled
>> [ 0.236578] APIC: Switched APIC routing to: physical x2apic
>> [ 0.239656] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
>> [ 0.241221] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x29dc0d988f1, max_idle_ns: 440795328788 ns
>> [ 0.243872] Calibrating delay loop (skipped) preset value.. 5808.01 BogoMIPS (lpj=11616032)
>> [ 0.246030] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
>> [ 0.247870] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
>> [ 0.248788] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
>> [ 0.250127] Spectre V2 : Mitigation: Retpolines
>> [ 0.251176] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
>> [ 0.251868] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
>> [ 0.253483] Speculative Store Bypass: Vulnerable
>> [ 0.255878] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
>> [ 0.257191] MMIO Stale Data: Unknown: No mitigations
>> [ 0.258243] x86/fpu: x87 FPU will use FXSAVE
>> [ 0.327550] Freeing SMP alternatives memory: 36K
>> [ 0.327884] pid_max: default: 32768 minimum: 301
>> [ 0.330232] LSM: initializing lsm=capability,landlock,apparmor,tomoyo,bpf,ima,evm
>> [ 0.332326] landlock: Up and running.
>> [ 0.333534] AppArmor: AppArmor initialized
>> [ 0.334523] TOMOYO Linux initialized
>> [ 0.335895] LSM support for eBPF active
>> [ 0.337311] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
>> [ 0.339886] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
>> [ 0.344459] kcsan: enabled early
>> [ 0.345245] kcsan: non-strict mode configured - use CONFIG_KCSAN_STRICT=y to see all data races
>> [ 0.375873] BUG: unable to handle page fault for address: 0000000000030368
>> [ 0.377316] #PF: supervisor read access in kernel mode
>> [ 0.378506] #PF: error_code(0x0000) - not-present page
>> [ 0.379647] PGD 0 P4D 0
>> [ 0.379861] Oops: 0000 [#1] PREEMPT SMP PTI
>> [ 0.379861] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc1+ #75
>> [ 0.379861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
>> [ 0.379861] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
>> [ 0.379861] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 a2 6e 02 b9
>> [ 0.379861] RSP: 0000:ffff9fed80003de0 EFLAGS: 00010046
>> [ 0.379861] RAX: 0000000000000000 RBX: ffff8c2d3ec302c0 RCX: 0000000000000030
>> [ 0.379861] RDX: 0000000000000001 RSI: ffffffff995ff0f0 RDI: 0000000000000000
>> [ 0.379861] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
>> [ 0.379861] R10: 0000000000030368 R11: 0008000000030368 R12: 0000000000030368
>> [ 0.379861] R13: 0000000000000031 R14: 0000000000000000 R15: 0000000000000000
>> [ 0.379861] FS: 0000000000000000(0000) GS:ffff8c2d3ec00000(0000) knlGS:0000000000000000
>> [ 0.379861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 0.379861] CR2: 0000000000030368 CR3: 0000000030a20000 CR4: 00000000000006f0
>> [ 0.379861] Call Trace:
>> [ 0.379861] <IRQ>
>> [ 0.379861] ? __die+0x23/0x70
>> [ 0.379861] ? page_fault_oops+0x173/0x4f0
>> [ 0.379861] ? exc_page_fault+0x81/0x190
>> [ 0.379861] ? asm_exc_page_fault+0x26/0x30
>> [ 0.379861] ? perf_event_task_tick+0x40/0x130
>> [ 0.379861] ? kcsan_setup_watchpoint+0x3cc/0x400
>> [ 0.379861] ? update_load_avg+0x7e/0x7e0
>> [ 0.379861] ? __hrtimer_run_queues+0x3e/0x4b0
>> [ 0.379861] ? hrtimer_active+0x88/0xc0
>> [ 0.379861] perf_event_task_tick+0x40/0x130
>> [ 0.379861] scheduler_tick+0xe3/0x2a0
>> [ 0.379861] update_process_times+0xb4/0xe0
>> [ 0.379861] tick_periodic+0x4e/0x110
>> [ 0.379861] tick_handle_periodic+0x39/0x90
>> [ 0.379861] ? __pfx_timer_interrupt+0x10/0x10
>> [ 0.379861] timer_interrupt+0x18/0x30
>> [ 0.379861] __handle_irq_event_percpu+0x7b/0x280
>> [ 0.379861] handle_irq_event+0x78/0xf0
>> [ 0.379861] handle_edge_irq+0x11e/0x400
>> [ 0.379861] __common_interrupt+0x3f/0xa0
>> [ 0.379861] common_interrupt+0x80/0xa0
>> [ 0.379861] </IRQ>
>> [ 0.379861] <TASK>
>> [ 0.379861] asm_common_interrupt+0x26/0x40
>> [ 0.379861] RIP: 0010:__tsan_read4+0x34/0x110
>> [ 0.379861] Code: 4c 8b 1c 24 48 b9 ff ff ff ff ff ff 01 00 48 c1 e8 09 49 21 ca 25 f8 01 00 00 4c 8d 80 60 e8 cc 9b 48 05 78 e8 cc 9b 4d 8b 08 <4d> 85 c9 79 2a 4c 89 ca 4c 89 ce 48 c1 ea 31 48 21 ce 81 e2 ff 3f
>> [ 0.379861] RSP: 0000:ffff9fed80013e18 EFLAGS: 00000296
>> [ 0.379861] RAX: ffffffff9bcce890 RBX: 000000012dbb5ed6 RCX: 0001ffffffffffff
>> [ 0.379861] RDX: 0000000000098472 RSI: ffffffff9b65df00 RDI: ffffffff9b043f64
>> [ 0.379861] RBP: 0000000000b13f20 R08: ffffffff9bcce878 R09: 0000000000000000
>> [ 0.379861] R10: 0001ffff9b043f64 R11: ffffffff9b65df00 R12: 00000000fffedb23
>> [ 0.379861] R13: 0000000000000000 R14: ffff8c2d3ec00000 R15: 00000000002c4fc8
>> [ 0.379861] ? setup_boot_APIC_clock+0x180/0x8f0
>> [ 0.379861] ? setup_boot_APIC_clock+0x180/0x8f0
>> [ 0.379861] setup_boot_APIC_clock+0x180/0x8f0
>> [ 0.379861] native_smp_prepare_cpus+0x2b/0xc0
>> [ 0.379861] kernel_init_freeable+0x41e/0x7d0
>> [ 0.379861] ? __pfx_kernel_init+0x10/0x10
>> [ 0.379861] kernel_init+0x1f/0x230
>> [ 0.379861] ret_from_fork+0x34/0x50
>> [ 0.379861] ? __pfx_kernel_init+0x10/0x10
>> [ 0.379861] ret_from_fork_asm+0x1a/0x30
>> [ 0.379861] </TASK>
>> [ 0.379861] Modules linked in:
>> [ 0.379861] CR2: 0000000000030368
>> [ 0.379861] ---[ end trace 0000000000000000 ]---
>> [ 0.379861] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
>> [ 0.379861] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 a2 6e 02 b9
>> [ 0.379861] RSP: 0000:ffff9fed80003de0 EFLAGS: 00010046
>> [ 0.379861] RAX: 0000000000000000 RBX: ffff8c2d3ec302c0 RCX: 0000000000000030
>> [ 0.379861] RDX: 0000000000000001 RSI: ffffffff995ff0f0 RDI: 0000000000000000
>> [ 0.379861] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
>> [ 0.379861] R10: 0000000000030368 R11: 0008000000030368 R12: 0000000000030368
>> [ 0.379861] R13: 0000000000000031 R14: 0000000000000000 R15: 0000000000000000
>> [ 0.379861] FS: 0000000000000000(0000) GS:ffff8c2d3ec00000(0000) knlGS:0000000000000000
>> [ 0.379861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 0.379861] CR2: 0000000000030368 CR3: 0000000030a20000 CR4: 00000000000006f0
>> [ 0.379861] Kernel panic - not syncing: Fatal exception in interrupt
>> [ 0.379861] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
>> ```
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: BUG: unable to handle page fault for address: 0000000000030368
2024-03-26 12:44 ` BUG: unable to handle page fault for address: 0000000000030368 Paul Menzel
@ 2024-03-28 16:17 ` Paul Menzel
2024-04-09 19:21 ` Marco Elver
0 siblings, 1 reply; 3+ messages in thread
From: Paul Menzel @ 2024-03-28 16:17 UTC (permalink / raw)
To: Marco Elver
Cc: kasan-dev, Thomas Gleixner, Borislav Petkov, Peter Zijlstra,
Josh Poimboeuf, Ingo Molnar, Dave Hansen, x86, LKML
[-- Attachment #1: Type: text/plain, Size: 21427 bytes --]
Dear Marco, dear Linux folks,
Am 26.03.24 um 13:44 schrieb Paul Menzel:
> [Cc: +X86 maintainers]
> Thank you for your quick reply. (Note, that your mailer wrapped the
> pasted lines.)
>
> Am 26.03.24 um 11:07 schrieb Marco Elver:
>> On Tue, 26 Mar 2024 at 10:23, Paul Menzel wrote:
>
>>> Trying KCSAN the first time – configuration attached –, it fails to boot
>>> on the Dell XPS 13 9360 and QEMU q35. I couldn’t get logs on the Dell
>>> XPS 13 9360, so here are the QEMU ones:
>>
>> If there's a bad access somewhere which is instrumented by KCSAN, it
>> will unfortunately still crash inside KCSAN.
>>
>> What happens if you compile with CONFIG_KCSAN_EARLY_ENABLE=n? It
>> disables KCSAN (but otherwise the kernel image is the same) and
>> requires turning it on manually with "echo on >
>> /sys/kernel/debug/kcsan" after boot.
>>
>> If it still crashes, then there's definitely a bug elsewhere. If it
>> doesn't crash, and only crashes with KCSAN enabled, my guess is that
>> KCSAN's delays of individual threads are perturbing execution to
>> trigger previously undetected bugs.
>
> Such a Linux kernel booted with a warning on the Dell XPS 13 9360 (but
> booted with *no* warning on QEMU q35) [1], but enabling KCSAN on the
> laptop hangs the laptop right away. I couldn’t get any logs of the laptop.
In the QEMU q35 virtual machine `echo on | sudo tee
/sys/kernel/debug/kcsan` also locks up the system. Please find the logs
attached.
[ 78.241245] BUG: unable to handle page fault for address:
0000000000019a18
[ 78.242815] #PF: supervisor read access in kernel mode
[ 78.244001] #PF: error_code(0x0000) - not-present page
[ 78.245186] PGD 0 P4D 0
[ 78.245828] Oops: 0000 [#1] PREEMPT SMP NOPTI
[ 78.246878] CPU: 4 PID: 783 Comm: sudo Not tainted 6.9.0-rc1+ #83
[ 78.248289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),
BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 78.250763] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 78.252108] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b
05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd
00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 78.256284] RSP: 0018:ffffbae1c0f5bc48 EFLAGS: 00010046
[ 78.257548] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX:
0000000000000019
[ 78.259158] RDX: 0000000000000001 RSI: ffffffffb0f82d36 RDI:
0000000000000000
[ 78.260781] RBP: 0000000000000008 R08: 00000000aaaaaaab R09:
0000000000000000
[ 78.262417] R10: 0000000000000086 R11: 0010000000019a18 R12:
0000000000019a18
[ 78.264040] R13: 000000000000001a R14: 0000000000000000 R15:
0000000000000000
[ 78.265658] FS: 00007f65e3a91f00(0000)
GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 78.267480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.268804] CR2: 0000000000019a18 CR3: 0000000102e26000 CR4:
00000000003506f0
[ 78.270424] Call Trace:
[ 78.271036] <TASK>
[ 78.271572] ? __die+0x23/0x70
[ 78.272344] ? page_fault_oops+0x173/0x4f0
[ 78.273400] ? exc_page_fault+0x81/0x190
[ 78.274373] ? asm_exc_page_fault+0x26/0x30
[ 78.275395] ? refill_obj_stock+0x36/0x2e0
[ 78.276410] ? kcsan_setup_watchpoint+0x2b3/0x400
[ 78.277556] refill_obj_stock+0x36/0x2e0
[ 78.278540] obj_cgroup_uncharge+0x13/0x20
[ 78.279596] __memcg_slab_free_hook+0xac/0x140
[ 78.280661] ? free_pipe_info+0x135/0x150
[ 78.281631] kfree+0x2de/0x310
[ 78.282419] free_pipe_info+0x135/0x150
[ 78.283395] pipe_release+0x188/0x1a0
[ 78.284303] __fput+0x127/0x4e0
[ 78.285114] __fput_sync+0x35/0x40
[ 78.285958] __x64_sys_close+0x54/0xa0
[ 78.286914] do_syscall_64+0x88/0x1a0
[ 78.287810] ? fpregs_assert_state_consistent+0x7e/0x90
[ 78.289185] ? srso_return_thunk+0x5/0x5f
[ 78.290203] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
[ 78.291568] ? srso_return_thunk+0x5/0x5f
[ 78.292518] ? syscall_exit_to_user_mode+0x40/0xe0
[ 78.293651] ? srso_return_thunk+0x5/0x5f
[ 78.294606] ? do_syscall_64+0x94/0x1a0
[ 78.295516] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
[ 78.296876] ? srso_return_thunk+0x5/0x5f
Can you reproduce this?
>> At least I can't explain it any other way.
>
> How do you test KCSAN?
Kind regards,
Paul
>>> ```
>>> $ qemu-system-x86_64 -M q35 -enable-kvm -smp cpus=2 -m 1G -serial
>>> stdio -net nic -net user,hostfwd=tcp::22222-:22 -kernel
>>> boot/vmlinuz-6.9.0-rc1+ -append "root=/dev/sda1 console=ttyS0"
>>> [ 0.000000] Linux version 6.9.0-rc1+ (build@bohemianrhapsody.molgen.mpg.de) (gcc (Debian 13.2.0-19) 13.2.0, GNU ld (GNU Binutils for Debian) 2.42) #75 SMP PREEMPT_DYNAMIC Tue Mar 26 07:03:41 CET 2024
>>> [ 0.000000] Command line: root=/dev/sda1 console=ttyS0
>>> [ 0.000000] BIOS-provided physical RAM map:
>>> [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
>>> [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
>>> [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
>>> [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdefff] usable
>>> [ 0.000000] BIOS-e820: [mem 0x000000003ffdf000-0x000000003fffffff] reserved
>>> [ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved
>>> [ 0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
>>> [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
>>> [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
>>> [ 0.000000] NX (Execute Disable) protection: active
>>> [ 0.000000] APIC: Static calls initialized
>>> [ 0.000000] SMBIOS 3.0.0 present.
>>> [ 0.000000] DMI: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
>>> [ 0.000000] Hypervisor detected: KVM
>>> [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
>>> [ 0.000001] kvm-clock: using sched offset of 1376980956 cycles
>>> [ 0.000006] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
>>> [ 0.000014] tsc: Detected 2904.008 MHz processor
>>> [ 0.004273] last_pfn = 0x3ffdf max_arch_pfn = 0x400000000
>>> [ 0.004315] MTRR map: 4 entries (3 fixed + 1 variable; max 19), built from 8 variable MTRRs
>>> [ 0.004323] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WPUC- WT
>>> [ 0.012972] found SMP MP-table at [mem 0x000f5480-0x000f548f]
>>> [ 0.013243] ACPI: Early table checksum verification disabled
>>> [ 0.013252] ACPI: RSDP 0x00000000000F52C0 000014 (v00 BOCHS )
>>> [ 0.013265] ACPI: RSDT 0x000000003FFE2357 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013283] ACPI: FACP 0x000000003FFE2147 0000F4 (v03 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013304] ACPI: DSDT 0x000000003FFE0040 002107 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013319] ACPI: FACS 0x000000003FFE0000 000040
>>> [ 0.013331] ACPI: APIC 0x000000003FFE223B 000080 (v03 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013346] ACPI: HPET 0x000000003FFE22BB 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013361] ACPI: MCFG 0x000000003FFE22F3 00003C (v01 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013375] ACPI: WAET 0x000000003FFE232F 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
>>> [ 0.013388] ACPI: Reserving FACP table memory at [mem 0x3ffe2147-0x3ffe223a]
>>> [ 0.013393] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe2146]
>>> [ 0.013398] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f]
>>> [ 0.013402] ACPI: Reserving APIC table memory at [mem 0x3ffe223b-0x3ffe22ba]
>>> [ 0.013407] ACPI: Reserving HPET table memory at [mem 0x3ffe22bb-0x3ffe22f2]
>>> [ 0.013411] ACPI: Reserving MCFG table memory at [mem 0x3ffe22f3-0x3ffe232e]
>>> [ 0.013416] ACPI: Reserving WAET table memory at [mem 0x3ffe232f-0x3ffe2356]
>>> [ 0.013746] No NUMA configuration found
>>> [ 0.013750] Faking a node at [mem 0x0000000000000000-0x000000003ffdefff]
>>> [ 0.013762] NODE_DATA(0) allocated [mem 0x3ffb4000-0x3ffdefff]
>>> [ 0.015042] Zone ranges:
>>> [ 0.015047] DMA [mem 0x0000000000001000-0x0000000000ffffff]
>>> [ 0.015056] DMA32 [mem 0x0000000001000000-0x000000003ffdefff]
>>> [ 0.015067] Normal empty
>>> [ 0.015073] Device empty
>>> [ 0.015080] Movable zone start for each node
>>> [ 0.015113] Early memory node ranges
>>> [ 0.015116] node 0: [mem 0x0000000000001000-0x000000000009efff]
>>> [ 0.015122] node 0: [mem 0x0000000000100000-0x000000003ffdefff]
>>> [ 0.015128] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdefff]
>>> [ 0.015177] On node 0, zone DMA: 1 pages in unavailable ranges
>>> [ 0.015913] On node 0, zone DMA: 97 pages in unavailable ranges
>>> [ 0.028914] On node 0, zone DMA32: 33 pages in unavailable ranges
>>> [ 0.029456] ACPI: PM-Timer IO Port: 0x608
>>> [ 0.029493] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
>>> [ 0.029547] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
>>> [ 0.029558] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
>>> [ 0.029564] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
>>> [ 0.029569] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
>>> [ 0.029575] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
>>> [ 0.029580] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
>>> [ 0.029597] ACPI: Using ACPI (MADT) for SMP configuration information
>>> [ 0.029602] ACPI: HPET id: 0x8086a201 base: 0xfed00000
>>> [ 0.029624] CPU topo: Max. logical packages: 1
>>> [ 0.029628] CPU topo: Max. logical dies: 1
>>> [ 0.029631] CPU topo: Max. dies per package: 1
>>> [ 0.029644] CPU topo: Max. threads per core: 1
>>> [ 0.029647] CPU topo: Num. cores per package: 2
>>> [ 0.029650] CPU topo: Num. threads per package: 2
>>> [ 0.029653] CPU topo: Allowing 2 present CPUs plus 0 hotplug CPUs
>>> [ 0.029679] kvm-guest: APIC: eoi() replaced with kvm_guest_apic_eoi_write()
>>> [ 0.029726] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
>>> [ 0.029734] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
>>> [ 0.029738] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
>>> [ 0.029742] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
>>> [ 0.029749] [mem 0x40000000-0xafffffff] available for PCI devices
>>> [ 0.029753] Booting paravirtualized kernel on KVM
>>> [ 0.029758] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
>>> [ 0.035898] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:2 nr_cpu_ids:2 nr_node_ids:1
>>> [ 0.036314] percpu: Embedded 65 pages/cpu s229376 r8192 d28672 u1048576
>>> [ 0.036436] kvm-guest: PV spinlocks disabled, no host support
>>> [ 0.036440] Kernel command line: root=/dev/sda1 console=ttyS0
>>> [ 0.036669] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
>>> [ 0.036739] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
>>> [ 0.036830] Fallback order for Node 0: 0
>>> [ 0.036839] Built 1 zonelists, mobility grouping on. Total pages: 257759
>>> [ 0.036844] Policy zone: DMA32
>>> [ 0.036875] mem auto-init: stack:all(zero), heap alloc:on, heap free:off
>>> [ 0.042521] Memory: 260860K/1048052K available (22528K kernel code, 2386K rwdata, 6124K rodata, 6304K init, 8064K bss, 70584K reserved, 0K cma-reserved)
>>> [ 0.056267] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1
>>> [ 0.056279] kmemleak: Kernel memory leak detector disabled
>>> [ 0.056484] Kernel/User page tables isolation: enabled
>>> [ 0.056631] ftrace: allocating 43400 entries in 170 pages
>>> [ 0.065090] ftrace: allocated 170 pages with 4 groups
>>> [ 0.066107] Dynamic Preempt: voluntary
>>> [ 0.066496] rcu: Preemptible hierarchical RCU implementation.
>>> [ 0.066500] rcu: RCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=2.
>>> [ 0.066505] Trampoline variant of Tasks RCU enabled.
>>> [ 0.066508] Rude variant of Tasks RCU enabled.
>>> [ 0.066510] Tracing variant of Tasks RCU enabled.
>>> [ 0.066513] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
>>> [ 0.066517] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2
>>> [ 0.066535] RCU Tasks: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1.
>>> [ 0.066541] RCU Tasks Rude: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1.
>>> [ 0.066546] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1.
>>> [ 0.079398] NR_IRQS: 524544, nr_irqs: 440, preallocated irqs: 16
>>> [ 0.079764] rcu: srcu_init: Setting srcu_struct sizes based on contention.
>>> [ 0.091718] Console: colour VGA+ 80x25
>>> [ 0.091774] printk: legacy console [ttyS0] enabled
>>> [ 0.232004] ACPI: Core revision 20230628
>>> [ 0.233211] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
>>> [ 0.234715] APIC: Switch to symmetric I/O mode setup
>>> [ 0.235721] x2apic enabled
>>> [ 0.236578] APIC: Switched APIC routing to: physical x2apic
>>> [ 0.239656] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
>>> [ 0.241221] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x29dc0d988f1, max_idle_ns: 440795328788 ns
>>> [ 0.243872] Calibrating delay loop (skipped) preset value.. 5808.01 BogoMIPS (lpj=11616032)
>>> [ 0.246030] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
>>> [ 0.247870] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
>>> [ 0.248788] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
>>> [ 0.250127] Spectre V2 : Mitigation: Retpolines
>>> [ 0.251176] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
>>> [ 0.251868] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
>>> [ 0.253483] Speculative Store Bypass: Vulnerable
>>> [ 0.255878] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
>>> [ 0.257191] MMIO Stale Data: Unknown: No mitigations
>>> [ 0.258243] x86/fpu: x87 FPU will use FXSAVE
>>> [ 0.327550] Freeing SMP alternatives memory: 36K
>>> [ 0.327884] pid_max: default: 32768 minimum: 301
>>> [ 0.330232] LSM: initializing lsm=capability,landlock,apparmor,tomoyo,bpf,ima,evm
>>> [ 0.332326] landlock: Up and running.
>>> [ 0.333534] AppArmor: AppArmor initialized
>>> [ 0.334523] TOMOYO Linux initialized
>>> [ 0.335895] LSM support for eBPF active
>>> [ 0.337311] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
>>> [ 0.339886] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
>>> [ 0.344459] kcsan: enabled early
>>> [ 0.345245] kcsan: non-strict mode configured - use CONFIG_KCSAN_STRICT=y to see all data races
>>> [ 0.375873] BUG: unable to handle page fault for address: 0000000000030368
>>> [ 0.377316] #PF: supervisor read access in kernel mode
>>> [ 0.378506] #PF: error_code(0x0000) - not-present page
>>> [ 0.379647] PGD 0 P4D 0
>>> [ 0.379861] Oops: 0000 [#1] PREEMPT SMP PTI
>>> [ 0.379861] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc1+ #75
>>> [ 0.379861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
>>> [ 0.379861] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
>>> [ 0.379861] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 a2 6e 02 b9
>>> [ 0.379861] RSP: 0000:ffff9fed80003de0 EFLAGS: 00010046
>>> [ 0.379861] RAX: 0000000000000000 RBX: ffff8c2d3ec302c0 RCX: 0000000000000030
>>> [ 0.379861] RDX: 0000000000000001 RSI: ffffffff995ff0f0 RDI: 0000000000000000
>>> [ 0.379861] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
>>> [ 0.379861] R10: 0000000000030368 R11: 0008000000030368 R12: 0000000000030368
>>> [ 0.379861] R13: 0000000000000031 R14: 0000000000000000 R15: 0000000000000000
>>> [ 0.379861] FS: 0000000000000000(0000) GS:ffff8c2d3ec00000(0000) knlGS:0000000000000000
>>> [ 0.379861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>>> [ 0.379861] CR2: 0000000000030368 CR3: 0000000030a20000 CR4: 00000000000006f0
>>> [ 0.379861] Call Trace:
>>> [ 0.379861] <IRQ>
>>> [ 0.379861] ? __die+0x23/0x70
>>> [ 0.379861] ? page_fault_oops+0x173/0x4f0
>>> [ 0.379861] ? exc_page_fault+0x81/0x190
>>> [ 0.379861] ? asm_exc_page_fault+0x26/0x30
>>> [ 0.379861] ? perf_event_task_tick+0x40/0x130
>>> [ 0.379861] ? kcsan_setup_watchpoint+0x3cc/0x400
>>> [ 0.379861] ? update_load_avg+0x7e/0x7e0
>>> [ 0.379861] ? __hrtimer_run_queues+0x3e/0x4b0
>>> [ 0.379861] ? hrtimer_active+0x88/0xc0
>>> [ 0.379861] perf_event_task_tick+0x40/0x130
>>> [ 0.379861] scheduler_tick+0xe3/0x2a0
>>> [ 0.379861] update_process_times+0xb4/0xe0
>>> [ 0.379861] tick_periodic+0x4e/0x110
>>> [ 0.379861] tick_handle_periodic+0x39/0x90
>>> [ 0.379861] ? __pfx_timer_interrupt+0x10/0x10
>>> [ 0.379861] timer_interrupt+0x18/0x30
>>> [ 0.379861] __handle_irq_event_percpu+0x7b/0x280
>>> [ 0.379861] handle_irq_event+0x78/0xf0
>>> [ 0.379861] handle_edge_irq+0x11e/0x400
>>> [ 0.379861] __common_interrupt+0x3f/0xa0
>>> [ 0.379861] common_interrupt+0x80/0xa0
>>> [ 0.379861] </IRQ>
>>> [ 0.379861] <TASK>
>>> [ 0.379861] asm_common_interrupt+0x26/0x40
>>> [ 0.379861] RIP: 0010:__tsan_read4+0x34/0x110
>>> [ 0.379861] Code: 4c 8b 1c 24 48 b9 ff ff ff ff ff ff 01 00 48 c1 e8 09 49 21 ca 25 f8 01 00 00 4c 8d 80 60 e8 cc 9b 48 05 78 e8 cc 9b 4d 8b 08 <4d> 85 c9 79 2a 4c 89 ca 4c 89 ce 48 c1 ea 31 48 21 ce 81 e2 ff 3f
>>> [ 0.379861] RSP: 0000:ffff9fed80013e18 EFLAGS: 00000296
>>> [ 0.379861] RAX: ffffffff9bcce890 RBX: 000000012dbb5ed6 RCX: 0001ffffffffffff
>>> [ 0.379861] RDX: 0000000000098472 RSI: ffffffff9b65df00 RDI: ffffffff9b043f64
>>> [ 0.379861] RBP: 0000000000b13f20 R08: ffffffff9bcce878 R09: 0000000000000000
>>> [ 0.379861] R10: 0001ffff9b043f64 R11: ffffffff9b65df00 R12: 00000000fffedb23
>>> [ 0.379861] R13: 0000000000000000 R14: ffff8c2d3ec00000 R15: 00000000002c4fc8
>>> [ 0.379861] ? setup_boot_APIC_clock+0x180/0x8f0
>>> [ 0.379861] ? setup_boot_APIC_clock+0x180/0x8f0
>>> [ 0.379861] setup_boot_APIC_clock+0x180/0x8f0
>>> [ 0.379861] native_smp_prepare_cpus+0x2b/0xc0
>>> [ 0.379861] kernel_init_freeable+0x41e/0x7d0
>>> [ 0.379861] ? __pfx_kernel_init+0x10/0x10
>>> [ 0.379861] kernel_init+0x1f/0x230
>>> [ 0.379861] ret_from_fork+0x34/0x50
>>> [ 0.379861] ? __pfx_kernel_init+0x10/0x10
>>> [ 0.379861] ret_from_fork_asm+0x1a/0x30
>>> [ 0.379861] </TASK>
>>> [ 0.379861] Modules linked in:
>>> [ 0.379861] CR2: 0000000000030368
>>> [ 0.379861] ---[ end trace 0000000000000000 ]---
>>> [ 0.379861] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
>>> [ 0.379861] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 a2 6e 02 b9
>>> [ 0.379861] RSP: 0000:ffff9fed80003de0 EFLAGS: 00010046
>>> [ 0.379861] RAX: 0000000000000000 RBX: ffff8c2d3ec302c0 RCX: 0000000000000030
>>> [ 0.379861] RDX: 0000000000000001 RSI: ffffffff995ff0f0 RDI: 0000000000000000
>>> [ 0.379861] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
>>> [ 0.379861] R10: 0000000000030368 R11: 0008000000030368 R12: 0000000000030368
>>> [ 0.379861] R13: 0000000000000031 R14: 0000000000000000 R15: 0000000000000000
>>> [ 0.379861] FS: 0000000000000000(0000) GS:ffff8c2d3ec00000(0000) knlGS:0000000000000000
>>> [ 0.379861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>>> [ 0.379861] CR2: 0000000000030368 CR3: 0000000030a20000 CR4: 00000000000006f0
>>> [ 0.379861] Kernel panic - not syncing: Fatal exception in interrupt
>>> [ 0.379861] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
>>> ```
[-- Attachment #2: 20240328--linux-6.9-rc1+-messages--kcsan.txt --]
[-- Type: text/plain, Size: 46912 bytes --]
[ 78.241245] BUG: unable to handle page fault for address: 0000000000019a18
[ 78.242815] #PF: supervisor read access in kernel mode
[ 78.244001] #PF: error_code(0x0000) - not-present page
[ 78.245186] PGD 0 P4D 0
[ 78.245828] Oops: 0000 [#1] PREEMPT SMP NOPTI
[ 78.246878] CPU: 4 PID: 783 Comm: sudo Not tainted 6.9.0-rc1+ #83
[ 78.248289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 78.250763] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 78.252108] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 78.256284] RSP: 0018:ffffbae1c0f5bc48 EFLAGS: 00010046
[ 78.257548] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000019
[ 78.259158] RDX: 0000000000000001 RSI: ffffffffb0f82d36 RDI: 0000000000000000
[ 78.260781] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 78.262417] R10: 0000000000000086 R11: 0010000000019a18 R12: 0000000000019a18
[ 78.264040] R13: 000000000000001a R14: 0000000000000000 R15: 0000000000000000
[ 78.265658] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 78.267480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.268804] CR2: 0000000000019a18 CR3: 0000000102e26000 CR4: 00000000003506f0
[ 78.270424] Call Trace:
[ 78.271036] <TASK>
[ 78.271572] ? __die+0x23/0x70
[ 78.272344] ? page_fault_oops+0x173/0x4f0
[ 78.273400] ? exc_page_fault+0x81/0x190
[ 78.274373] ? asm_exc_page_fault+0x26/0x30
[ 78.275395] ? refill_obj_stock+0x36/0x2e0
[ 78.276410] ? kcsan_setup_watchpoint+0x2b3/0x400
[ 78.277556] refill_obj_stock+0x36/0x2e0
[ 78.278540] obj_cgroup_uncharge+0x13/0x20
[ 78.279596] __memcg_slab_free_hook+0xac/0x140
[ 78.280661] ? free_pipe_info+0x135/0x150
[ 78.281631] kfree+0x2de/0x310
[ 78.282419] free_pipe_info+0x135/0x150
[ 78.283395] pipe_release+0x188/0x1a0
[ 78.284303] __fput+0x127/0x4e0
[ 78.285114] __fput_sync+0x35/0x40
[ 78.285958] __x64_sys_close+0x54/0xa0
[ 78.286914] do_syscall_64+0x88/0x1a0
[ 78.287810] ? fpregs_assert_state_consistent+0x7e/0x90
[ 78.289185] ? srso_return_thunk+0x5/0x5f
[ 78.290203] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
[ 78.291568] ? srso_return_thunk+0x5/0x5f
[ 78.292518] ? syscall_exit_to_user_mode+0x40/0xe0
[ 78.293651] ? srso_return_thunk+0x5/0x5f
[ 78.294606] ? do_syscall_64+0x94/0x1a0
[ 78.295516] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
[ 78.296876] ? srso_return_thunk+0x5/0x5f
[ 78.297815] BUG: unable to handle page fault for address: 0000000000019a18
[ 78.299325] #PF: supervisor read access in kernel mode
[ 78.300527] #PF: error_code(0x0000) - not-present page
[ 78.301674] PGD 0 P4D 0
[ 78.302381] Oops: 0000 [#2] PREEMPT SMP NOPTI
[ 78.303389] CPU: 4 PID: 783 Comm: sudo Not tainted 6.9.0-rc1+ #83
[ 78.304743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 78.307177] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 78.308457] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 78.311886] RSP: 0018:ffffbae1c0f5b788 EFLAGS: 00010046
[ 78.312542] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000019
[ 78.313310] RDX: 0000000000000003 RSI: ffffffffb0bb1b8b RDI: 0000000000000000
[ 78.314081] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 78.314846] R10: 0000000000000086 R11: 0010000000019a18 R12: 0000000000019a18
[ 78.315582] R13: 0000000000000019 R14: 0000000000000000 R15: 0000000000000000
[ 78.316372] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 78.317404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.318110] CR2: 0000000000019a18 CR3: 0000000102e26000 CR4: 00000000003506f0
[ 78.319006] Call Trace:
[ 78.319297] <TASK>
[ 78.319592] ? __die+0x23/0x70
[ 78.320003] ? page_fault_oops+0x173/0x4f0
[ 78.320458] ? srso_return_thunk+0x5/0x5f
[ 78.320890] ? prb_first_seq+0x7c/0xb0
[ 78.321357] ? exc_page_fault+0x81/0x190
[ 78.321736] ? asm_exc_page_fault+0x26/0x30
[ 78.322144] ? vprintk_store+0x17b/0x750
[ 78.322574] ? kcsan_setup_watchpoint+0x2b3/0x400
[ 78.323019] ? srso_return_thunk+0x5/0x5f
[ 78.323400] ? prb_first_seq+0x7c/0xb0
[ 78.323760] vprintk_store+0x17b/0x750
[ 78.324193] ? srso_return_thunk+0x5/0x5f
[ 78.324652] vprintk_emit.part.0+0x136/0x330
[ 78.325080] ? irqentry_exit_to_user_mode+0x36/0xd0
[ 78.325546] ? irqentry_exit_to_user_mode+0x36/0xd0
[ 78.326021] vprintk_default+0x44/0x60
[ 78.326406] vprintk+0x5e/0x70
[ 78.326701] _printk+0x64/0x80
[ 78.327140] ? srso_return_thunk+0x5/0x5f
[ 78.327531] ? irqentry_exit_to_user_mode+0x36/0xd0
[ 78.327992] show_trace_log_lvl+0x1b9/0x470
[ 78.328407] ? entry_SYSCALL_64_after_hwframe+0x6c/0x74
[ 78.328937] __die+0x23/0x70
[ 78.329227] page_fault_oops+0x173/0x4f0
[ 78.329610] exc_page_fault+0x81/0x190
[ 78.329995] asm_exc_page_fault+0x26/0x30
[ 78.330368] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 78.330819] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 78.332436] RSP: 0018:ffffbae1c0f5bc48 EFLAGS: 00010046
[ 78.332871] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000019
[ 78.333462] RDX: 0000000000000001 RSI: ffffffffb0f82d36 RDI: 0000000000000000
[ 78.334045] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 78.334631] R10: 0000000000000086 R11: 0010000000019a18 R12: 0000000000019a18
[ 78.335263] R13: 000000000000001a R14: 0000000000000000 R15: 0000000000000000
[ 78.335938] ? refill_obj_stock+0x36/0x2e0
[ 78.336311] refill_obj_stock+0x36/0x2e0
[ 78.336741] obj_cgroup_uncharge+0x13/0x20
[ 78.337101] __memcg_slab_free_hook+0xac/0x140
[ 78.337500] ? free_pipe_info+0x135/0x150
[ 78.337846] kfree+0x2de/0x310
[ 78.338213] free_pipe_info+0x135/0x150
[ 78.338554] pipe_release+0x188/0x1a0
[ 78.338919] __fput+0x127/0x4e0
[ 78.339217] __fput_sync+0x35/0x40
[ 78.339644] __x64_sys_close+0x54/0xa0
[ 78.340108] do_syscall_64+0x88/0x1a0
[ 78.340532] ? fpregs_assert_state_consistent+0x7e/0x90
[ 78.341176] ? srso_return_thunk+0x5/0x5f
[ 78.341559] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
[ 78.342098] ? srso_return_thunk+0x5/0x5f
[ 78.342481] ? syscall_exit_to_user_mode+0x40/0xe0
[ 78.342994] ? srso_return_thunk+0x5/0x5f
[ 78.343432] ? do_syscall_64+0x94/0x1a0
[ 78.343803] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
[ 78.344376] ? srso_return_thunk+0x5/0x5f
[ 78.344726] ? irqentry_exit_to_user_mode+0x36/0xd0
[ 78.345154] entry_SYSCALL_64_after_hwframe+0x6c/0x74
[ 78.345599] RIP: 0033:0x7f65e3c30240
[ 78.345909] Code: 0d 00 00 00 eb b2 e8 1f 02 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 80 3d a1 33 0e 00 00 74 17 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 8c
[ 78.347393] RSP: 002b:00007ffc8ae74e18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 78.348083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f65e3c30240
[ 78.348664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 78.349327] RBP: 0000563ac0e0c060 R08: 000000000000001d R09: 00007ffc8ae74d00
[ 78.349906] R10: 00007f65e3a91da0 R11: 0000000000000202 R12: 0000563ac0e0c060
[ 78.350499] R13: 0000000000000208 R14: 00007f65e3d33045 R15: 00007ffc8ae75220
[ 78.351132] </TASK>
[ 78.351336] Modules linked in: cfg80211 intel_rapl_msr intel_rapl_common crc32_pclmul ghash_clmulni_intel sha512_ssse3 sha512_generic sha256_ssse3 sha1_ssse3 rfkill ppdev aesni_intel parport_pc evdev crypto_s
[ 78.355550] CR2: 0000000000019a18
[ 78.355834] ---[ end trace 0000000000000000 ]---
[ 78.356229] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 78.356678] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 78.358342] RSP: 0018:ffffbae1c0f5bc48 EFLAGS: 00010046
[ 78.358797] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000019
[ 78.359545] RDX: 0000000000000001 RSI: ffffffffb0f82d36 RDI: 0000000000000000
[ 78.360261] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 78.360901] R10: 0000000000000086 R11: 0010000000019a18 R12: 0000000000019a18
[ 78.361559] R13: 000000000000001a R14: 0000000000000000 R15: 0000000000000000
[ 78.362265] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 78.363168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.363676] CR2: 0000000000019a18 CR3: 0000000102e26000 CR4: 00000000003506f0
[ 78.364309] note: sudo[783] exited with irqs disabled
[ 100.479297] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 100.480692] rcu: 4-...!: (0 ticks this GP) idle=de5c/1/0x4000000000000000 softirq=553/553 fqs=69
[ 100.482596] rcu: (detected by 14, t=5561 jiffies, g=1513, q=53 ncpus=32)
[ 100.484032] Sending NMI from CPU 14 to CPUs 4:
[ 100.485030] NMI backtrace for cpu 4
[ 100.485048] CPU: 4 PID: 783 Comm: sudo Tainted: G D 6.9.0-rc1+ #83
[ 100.485067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 100.485081] RIP: 0010:__kcsan_check_access+0x58/0x180
[ 100.485115] Code: ff ff ff 01 00 48 c1 e8 09 41 83 e5 01 25 f8 01 00 00 48 21 dd 4c 8d 80 60 f8 6d b3 4c 8d 64 3d ff 48 05 78 f8 6d b3 4d 8b 08 <49> 83 f9 01 76 30 4c 89 ca 4c 89 c9 48 c1 ea 31 48 21 d9 81 ef
[ 100.485131] RSP: 0018:ffffbae1c0f5b800 EFLAGS: 00000096
[ 100.485146] RAX: ffffffffb36dfa50 RBX: 0001ffffffffffff RCX: 0001ffffffffffff
[ 100.485157] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000004
[ 100.485168] RBP: 0001ffffb363b80c R08: ffffffffb36dfa38 R09: 0000000000000000
[ 100.485179] R10: ffffffffb363b80c R11: ffffffffb1c8b871 R12: 0001ffffb363b80f
[ 100.485194] R13: 0000000000000000 R14: ffff9b9d1f0363c8 R15: 0000000000000004
[ 100.485207] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 100.485221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 100.485233] CR2: 000000000003478c CR3: 0000000102e26000 CR4: 00000000003506f0
[ 100.485245] Call Trace:
[ 100.485253] <NMI>
[ 100.485274] ? nmi_cpu_backtrace+0xee/0x190
[ 100.485311] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 100.485332] ? nmi_handle+0x61/0x150
[ 100.485357] ? default_do_nmi+0x42/0x100
[ 100.485389] ? exc_nmi+0x122/0x1a0
[ 100.485408] ? end_repeat_nmi+0xf/0x53
[ 100.485435] ? __pv_queued_spin_lock_slowpath+0x111/0x660
[ 100.485470] ? __kcsan_check_access+0x58/0x180
[ 100.485491] ? __kcsan_check_access+0x58/0x180
[ 100.485513] ? __kcsan_check_access+0x58/0x180
[ 100.485555] </NMI>
[ 100.485561] <TASK>
[ 100.485570] __pv_queued_spin_lock_slowpath+0x111/0x660
[ 100.485598] ? srso_return_thunk+0x5/0x5f
[ 100.485620] oops_begin+0x8c/0x90
[ 100.485638] page_fault_oops+0x62/0x4f0
[ 100.485676] ? srso_return_thunk+0x5/0x5f
[ 100.485704] ? get_page_from_freelist+0x1274/0x1400
[ 100.485736] exc_page_fault+0x81/0x190
[ 100.485778] asm_exc_page_fault+0x26/0x30
[ 100.485795] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
[ 100.485814] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 b2 8f 09
[ 100.485829] RSP: 0018:ffffbae1c0f5b9f0 EFLAGS: 00010046
[ 100.485843] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000034
[ 100.485854] RDX: 0000000000000001 RSI: ffffffffb0f81714 RDI: 0000000000000000
[ 100.485864] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
[ 100.485875] R10: 0000000000000286 R11: 000800000003478c R12: 000000000003478c
[ 100.485886] R13: 0000000000000035 R14: 0000000000000000 R15: 0000000000000000
[ 100.485918] ? __mod_memcg_lruvec_state+0x214/0x220
[ 100.485954] __mod_memcg_lruvec_state+0x214/0x220
[ 100.485980] __mod_lruvec_state+0x41/0x50
[ 100.486021] __lruvec_stat_mod_folio+0xb9/0x110
[ 100.486046] folio_remove_rmap_ptes+0xaa/0x160
[ 100.486081] unmap_page_range+0x128c/0x2240
[ 100.486138] unmap_single_vma+0xbe/0x130
[ 100.486174] unmap_vmas+0x16b/0x2d0
[ 100.486208] exit_mmap+0x141/0x530
[ 100.486260] __mmput+0x86/0x1d0
[ 100.486306] mmput+0x3f/0x50
[ 100.486330] do_exit+0x4d0/0x12f0
[ 100.486371] make_task_dead+0xe0/0x200
[ 100.486403] rewind_stack_and_make_dead+0x16/0x20
[ 100.486426] RIP: 0033:0x7f65e3c30240
[ 100.486442] Code: Unable to access opcode bytes at 0x7f65e3c30216.
[ 100.486452] RSP: 002b:00007ffc8ae74e18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 100.486477] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f65e3c30240
[ 100.486490] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 100.486502] RBP: 0000563ac0e0c060 R08: 000000000000001d R09: 00007ffc8ae74d00
[ 100.486516] R10: 00007f65e3a91da0 R11: 0000000000000202 R12: 0000563ac0e0c060
[ 100.486528] R13: 0000000000000208 R14: 00007f65e3d33045 R15: 00007ffc8ae75220
[ 100.486561] </TASK>
[ 100.486570] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.543 msecs
[ 100.487016] rcu: rcu_preempt kthread starved for 5424 jiffies! g1513 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=7
[ 100.563364] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 100.564286] rcu: RCU grace-period kthread stack dump:
[ 100.564857] task:rcu_preempt state:R running task stack:0 pid:16 tgid:16 ppid:2 flags:0x00004000
[ 100.566016] Call Trace:
[ 100.566308] <TASK>
[ 100.566555] __schedule+0x3eb/0xab0
[ 100.566981] schedule+0x27/0xf0
[ 100.567388] schedule_timeout+0xe0/0x200
[ 100.567889] ? __pfx_process_timeout+0x10/0x10
[ 100.568457] rcu_gp_fqs_loop+0x1e1/0x850
[ 100.568953] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 100.569499] rcu_gp_kthread+0x190/0x2a0
[ 100.569995] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 100.570524] kthread+0x179/0x1b0
[ 100.570917] ? __pfx_kthread+0x10/0x10
[ 100.571387] ret_from_fork+0x34/0x50
[ 100.571812] ? __pfx_kthread+0x10/0x10
[ 100.572265] ret_from_fork_asm+0x1a/0x30
[ 100.572752] </TASK>
[ 100.573017] rcu: Stack dump where RCU GP kthread last ran:
[ 100.573643] Sending NMI from CPU 14 to CPUs 7:
[ 100.574235] NMI backtrace for cpu 7
[ 100.574254] CPU: 7 PID: 0 Comm: swapper/7 Tainted: G D 6.9.0-rc1+ #83
[ 100.574275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 100.574288] RIP: 0010:__kcsan_check_access+0x95/0x180
[ 100.574322] Code: 81 e2 ff 3f 00 00 4d 85 c9 78 05 45 84 ed 74 13 49 39 cc 72 0e 48 8d 54 11 ff 48 39 ea 0f 83 d0 00 00 00 49 83 c0 08 49 39 c0 <75> be 65 8b 15 1a f6 24 4f f7 c2 00 01 ff 00 74 4c 65 48 8b 0a
[ 100.574348] RSP: 0018:ffffbae1c00e3b50 EFLAGS: 00000046
[ 100.574362] RAX: ffffffffb36dfa50 RBX: 0001ffffffffffff RCX: 0001ffffffffffff
[ 100.574374] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000004
[ 100.574384] RBP: 0001ffffb363b80c R08: ffffffffb36dfa50 R09: 0000000000000000
[ 100.574395] R10: ffffffffb363b80c R11: ffffffffb1c8b871 R12: 0001ffffb363b80f
[ 100.574406] R13: 0000000000000000 R14: ffff9b9d1f1b63c8 R15: 0000000000000007
[ 100.574419] FS: 0000000000000000(0000) GS:ffff9b9d1f180000(0000) knlGS:0000000000000000
[ 100.574433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 100.574445] CR2: 0000000000025f30 CR3: 000000056e220000 CR4: 00000000003506f0
[ 100.574458] Call Trace:
[ 100.574467] <NMI>
[ 100.574492] ? nmi_cpu_backtrace+0xee/0x190
[ 100.574525] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 100.574548] ? nmi_handle+0x61/0x150
[ 100.574574] ? default_do_nmi+0x42/0x100
[ 100.574601] ? exc_nmi+0x122/0x1a0
[ 100.574620] ? end_repeat_nmi+0xf/0x53
[ 100.574649] ? __pv_queued_spin_lock_slowpath+0x111/0x660
[ 100.574684] ? __kcsan_check_access+0x95/0x180
[ 100.574705] ? __kcsan_check_access+0x95/0x180
[ 100.574727] ? __kcsan_check_access+0x95/0x180
[ 100.574761] </NMI>
[ 100.574767] <TASK>
[ 100.574776] __pv_queued_spin_lock_slowpath+0x111/0x660
[ 100.574804] ? srso_return_thunk+0x5/0x5f
[ 100.574825] oops_begin+0x8c/0x90
[ 100.574844] page_fault_oops+0x62/0x4f0
[ 100.574868] ? srso_return_thunk+0x5/0x5f
[ 100.574891] exc_page_fault+0x81/0x190
[ 100.574922] asm_exc_page_fault+0x26/0x30
[ 100.574939] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 100.574976] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 100.574992] RSP: 0018:ffffbae1c00e3d40 EFLAGS: 00010046
[ 100.575005] RAX: 0000000000000000 RBX: ffff9b95c08713b0 RCX: 0000000000000025
[ 100.575016] RDX: 0000000000000001 RSI: ffffffffb0c40cdf RDI: 0000000000000000
[ 100.575026] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 100.575037] R10: 0000000000000082 R11: 0010000000025f30 R12: 0000000000025f30
[ 100.575047] R13: 0000000000000026 R14: 0000000000000000 R15: 0000000000000000
[ 100.575068] ? tick_program_event+0x1f/0xa0
[ 100.575117] ? rb_insert_color+0x32/0x340
[ 100.575136] ? srso_return_thunk+0x5/0x5f
[ 100.575152] ? tick_program_event+0x58/0xa0
[ 100.575175] tick_program_event+0x1f/0xa0
[ 100.575195] hrtimer_reprogram+0x16e/0x180
[ 100.575219] hrtimer_start_range_ns+0x420/0x5d0
[ 100.575265] ? srso_return_thunk+0x5/0x5f
[ 100.575289] tick_nohz_restart_sched_tick+0xc7/0x100
[ 100.575314] tick_nohz_idle_exit+0xb7/0x150
[ 100.575342] do_idle+0x13e/0x240
[ 100.575364] ? complete+0x54/0x80
[ 100.575384] cpu_startup_entry+0x29/0x30
[ 100.575406] start_secondary+0x11c/0x140
[ 100.575427] common_startup_64+0x13e/0x141
[ 100.575478] </TASK>
[ 192.475299] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 192.476938] rcu: 4-...!: (0 ticks this GP) idle=de5c/1/0x4000000000000000 softirq=553/553 fqs=69
[ 192.479152] rcu: (detected by 13, t=28559 jiffies, g=1513, q=55 ncpus=32)
[ 192.480855] Sending NMI from CPU 13 to CPUs 4:
[ 192.482000] NMI backtrace for cpu 4
[ 192.482014] CPU: 4 PID: 783 Comm: sudo Tainted: G D 6.9.0-rc1+ #83
[ 192.482057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 192.482073] RIP: 0010:__tsan_unaligned_volatile_read4+0x3c/0x130
[ 192.482111] Code: 4c 8b 5c 24 08 83 e3 03 48 b9 ff ff ff ff ff ff 01 00 25 f8 01 00 00 49 21 ca 4c 8d 80 60 f8 6d b3 48 05 78 f8 6d b3 4d 8b 08 <4d> 85 c9 79 2a 4c 89 ca 4c 89 ce 48 c1 ea 31 48 21 ce 81 e2 ff
[ 192.482131] RSP: 0018:ffffbae1c0f5b818 EFLAGS: 00000096
[ 192.482148] RAX: ffffffffb36dfa50 RBX: 0000000000000000 RCX: 0001ffffffffffff
[ 192.482161] RDX: 0000000080000001 RSI: 0000000000000004 RDI: ffffffffb363b80c
[ 192.482175] RBP: 0000000000000000 R08: ffffffffb36dfa38 R09: 0000000000000000
[ 192.482187] R10: 0001ffffb363b80c R11: ffffffffb1c8b879 R12: 0000000000000001
[ 192.482211] R13: 0000000000000000 R14: ffff9b9d1f0363c8 R15: 0000000000000004
[ 192.482226] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 192.482243] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 192.482257] CR2: 000000000003478c CR3: 0000000102e26000 CR4: 00000000003506f0
[ 192.482271] Call Trace:
[ 192.482280] <NMI>
[ 192.482292] ? nmi_cpu_backtrace+0xee/0x190
[ 192.482330] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 192.482356] ? nmi_handle+0x61/0x150
[ 192.482407] ? default_do_nmi+0x42/0x100
[ 192.482435] ? exc_nmi+0x122/0x1a0
[ 192.482458] ? end_repeat_nmi+0xf/0x53
[ 192.482489] ? __pv_queued_spin_lock_slowpath+0x119/0x660
[ 192.482531] ? __tsan_unaligned_volatile_read4+0x3c/0x130
[ 192.482562] ? __tsan_unaligned_volatile_read4+0x3c/0x130
[ 192.482595] ? __tsan_unaligned_volatile_read4+0x3c/0x130
[ 192.482628] </NMI>
[ 192.482636] <TASK>
[ 192.482644] __pv_queued_spin_lock_slowpath+0x119/0x660
[ 192.482678] ? srso_return_thunk+0x5/0x5f
[ 192.482719] oops_begin+0x8c/0x90
[ 192.482740] page_fault_oops+0x62/0x4f0
[ 192.482767] ? srso_return_thunk+0x5/0x5f
[ 192.482786] ? get_page_from_freelist+0x1274/0x1400
[ 192.482825] exc_page_fault+0x81/0x190
[ 192.482863] asm_exc_page_fault+0x26/0x30
[ 192.482901] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
[ 192.482931] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 b2 8f 09
[ 192.482949] RSP: 0018:ffffbae1c0f5b9f0 EFLAGS: 00010046
[ 192.482974] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000034
[ 192.483004] RDX: 0000000000000001 RSI: ffffffffb0f81714 RDI: 0000000000000000
[ 192.483017] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
[ 192.483030] R10: 0000000000000286 R11: 000800000003478c R12: 000000000003478c
[ 192.483043] R13: 0000000000000035 R14: 0000000000000000 R15: 0000000000000000
[ 192.483067] ? __mod_memcg_lruvec_state+0x214/0x220
[ 192.483110] __mod_memcg_lruvec_state+0x214/0x220
[ 192.483153] __mod_lruvec_state+0x41/0x50
[ 192.483180] __lruvec_stat_mod_folio+0xb9/0x110
[ 192.483209] folio_remove_rmap_ptes+0xaa/0x160
[ 192.483246] unmap_page_range+0x128c/0x2240
[ 192.483306] unmap_single_vma+0xbe/0x130
[ 192.483353] unmap_vmas+0x16b/0x2d0
[ 192.483392] exit_mmap+0x141/0x530
[ 192.483448] __mmput+0x86/0x1d0
[ 192.483493] mmput+0x3f/0x50
[ 192.483517] do_exit+0x4d0/0x12f0
[ 192.483557] make_task_dead+0xe0/0x200
[ 192.483588] rewind_stack_and_make_dead+0x16/0x20
[ 192.483612] RIP: 0033:0x7f65e3c30240
[ 192.483628] Code: Unable to access opcode bytes at 0x7f65e3c30216.
[ 192.483644] RSP: 002b:00007ffc8ae74e18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 192.483672] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f65e3c30240
[ 192.483685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 192.483698] RBP: 0000563ac0e0c060 R08: 000000000000001d R09: 00007ffc8ae74d00
[ 192.483710] R10: 00007f65e3a91da0 R11: 0000000000000202 R12: 0000563ac0e0c060
[ 192.483723] R13: 0000000000000208 R14: 00007f65e3d33045 R15: 00007ffc8ae75220
[ 192.483756] </TASK>
[ 192.483764] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.766 msecs
[ 192.483987] rcu: rcu_preempt kthread starved for 28423 jiffies! g1513 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=7
[ 192.562051] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 192.562913] rcu: RCU grace-period kthread stack dump:
[ 192.563385] task:rcu_preempt state:R running task stack:0 pid:16 tgid:16 ppid:2 flags:0x00004000
[ 192.564400] Call Trace:
[ 192.564646] <TASK>
[ 192.564872] __schedule+0x3eb/0xab0
[ 192.565250] schedule+0x27/0xf0
[ 192.565578] schedule_timeout+0xe0/0x200
[ 192.565983] ? __pfx_process_timeout+0x10/0x10
[ 192.566443] rcu_gp_fqs_loop+0x1e1/0x850
[ 192.566849] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 192.567299] rcu_gp_kthread+0x190/0x2a0
[ 192.567689] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 192.568124] kthread+0x179/0x1b0
[ 192.568458] ? __pfx_kthread+0x10/0x10
[ 192.568852] ret_from_fork+0x34/0x50
[ 192.569208] ? __pfx_kthread+0x10/0x10
[ 192.569584] ret_from_fork_asm+0x1a/0x30
[ 192.569997] </TASK>
[ 192.570217] rcu: Stack dump where RCU GP kthread last ran:
[ 192.570717] Sending NMI from CPU 13 to CPUs 7:
[ 192.571165] NMI backtrace for cpu 7
[ 192.571185] CPU: 7 PID: 0 Comm: swapper/7 Tainted: G D 6.9.0-rc1+ #83
[ 192.571208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 192.571223] RIP: 0010:__pv_queued_spin_lock_slowpath+0xff/0x660
[ 192.571264] Code: 01 00 00 00 48 89 04 24 e8 1e 92 15 ff c6 45 14 00 48 89 6c 24 08 eb 12 81 fd ff ff 00 00 76 54 81 e5 00 ff 00 00 75 4c f3 90 <ba> 04 00 00 00 be 04 00 00 00 48 89 df e8 5f 98 15 ff 48 89 d8
[ 192.571298] RSP: 0018:ffffbae1c00e3b78 EFLAGS: 00000046
[ 192.571324] RAX: ffff9b95c08713b0 RBX: ffffffffb363b80c RCX: 0001ffffffffffff
[ 192.571337] RDX: ffff9b95c0870000 RSI: 0000000000000004 RDI: ffffffffb363b80c
[ 192.571349] RBP: 0000000000000000 R08: ffffffffb36dfa50 R09: 0000000000000000
[ 192.571362] R10: 0001ffffb363b80c R11: ffffffffb1c8b879 R12: 0000000000000001
[ 192.571375] R13: 0000000000000000 R14: ffff9b9d1f1b63c8 R15: 0000000000000007
[ 192.571400] FS: 0000000000000000(0000) GS:ffff9b9d1f180000(0000) knlGS:0000000000000000
[ 192.571416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 192.571450] CR2: 0000000000025f30 CR3: 000000056e220000 CR4: 00000000003506f0
[ 192.571465] Call Trace:
[ 192.571474] <NMI>
[ 192.571488] ? nmi_cpu_backtrace+0xee/0x190
[ 192.571526] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 192.571552] ? nmi_handle+0x61/0x150
[ 192.571581] ? default_do_nmi+0x42/0x100
[ 192.571606] ? exc_nmi+0x122/0x1a0
[ 192.571628] ? end_repeat_nmi+0xf/0x53
[ 192.571657] ? __pv_queued_spin_lock_slowpath+0x119/0x660
[ 192.571730] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 192.571771] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 192.571806] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 192.571847] </NMI>
[ 192.571855] <TASK>
[ 192.571864] ? srso_return_thunk+0x5/0x5f
[ 192.571890] oops_begin+0x8c/0x90
[ 192.571911] page_fault_oops+0x62/0x4f0
[ 192.571938] ? srso_return_thunk+0x5/0x5f
[ 192.571966] exc_page_fault+0x81/0x190
[ 192.572008] asm_exc_page_fault+0x26/0x30
[ 192.572029] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 192.572052] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 192.572071] RSP: 0018:ffffbae1c00e3d40 EFLAGS: 00010046
[ 192.572086] RAX: 0000000000000000 RBX: ffff9b95c08713b0 RCX: 0000000000000025
[ 192.572099] RDX: 0000000000000001 RSI: ffffffffb0c40cdf RDI: 0000000000000000
[ 192.572111] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 192.572124] R10: 0000000000000082 R11: 0010000000025f30 R12: 0000000000025f30
[ 192.572137] R13: 0000000000000026 R14: 0000000000000000 R15: 0000000000000000
[ 192.572178] ? tick_program_event+0x1f/0xa0
[ 192.572208] ? rb_insert_color+0x32/0x340
[ 192.572230] ? srso_return_thunk+0x5/0x5f
[ 192.572260] ? tick_program_event+0x58/0xa0
[ 192.572287] tick_program_event+0x1f/0xa0
[ 192.572311] hrtimer_reprogram+0x16e/0x180
[ 192.572338] hrtimer_start_range_ns+0x420/0x5d0
[ 192.572360] ? srso_return_thunk+0x5/0x5f
[ 192.572389] tick_nohz_restart_sched_tick+0xc7/0x100
[ 192.572421] tick_nohz_idle_exit+0xb7/0x150
[ 192.572451] do_idle+0x13e/0x240
[ 192.572475] ? complete+0x54/0x80
[ 192.572499] cpu_startup_entry+0x29/0x30
[ 192.572525] start_secondary+0x11c/0x140
[ 192.572554] common_startup_64+0x13e/0x141
[ 192.572600] </TASK>
[ 260.495301] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 260.496934] rcu: 4-...!: (0 ticks this GP) idle=de5c/1/0x4000000000000000 softirq=553/553 fqs=69
[ 260.499148] rcu: (detected by 24, t=45565 jiffies, g=1513, q=55 ncpus=32)
[ 260.500840] Sending NMI from CPU 24 to CPUs 4:
[ 260.501976] NMI backtrace for cpu 4
[ 260.501990] CPU: 4 PID: 783 Comm: sudo Tainted: G D 6.9.0-rc1+ #83
[ 260.502012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 260.502028] RIP: 0010:__pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.502068] Code: 01 00 00 00 48 89 04 24 e8 1e 92 15 ff c6 45 14 00 48 89 6c 24 08 eb 12 81 fd ff ff 00 00 76 54 81 e5 00 ff 00 00 75 4c f3 90 <ba> 04 00 00 00 be 04 00 00 00 48 89 df e8 5f 98 15 ff 48 89 d8
[ 260.502087] RSP: 0018:ffffbae1c0f5b828 EFLAGS: 00000046
[ 260.502104] RAX: ffff9b95c4ba93b0 RBX: ffffffffb363b80c RCX: 0001ffffffffffff
[ 260.502118] RDX: ffff9b95c4ba8000 RSI: 0000000000000004 RDI: ffffffffb363b80c
[ 260.502151] RBP: 0000000000000000 R08: ffffffffb36dfa50 R09: 0000000000000000
[ 260.502164] R10: 0001ffffb363b80c R11: ffffffffb1c8b879 R12: 0000000000000001
[ 260.502177] R13: 0000000000000000 R14: ffff9b9d1f0363c8 R15: 0000000000000004
[ 260.502198] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 260.502215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 260.502229] CR2: 000000000003478c CR3: 0000000102e26000 CR4: 00000000003506f0
[ 260.502244] Call Trace:
[ 260.502253] <NMI>
[ 260.502265] ? nmi_cpu_backtrace+0xee/0x190
[ 260.502308] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 260.502337] ? nmi_handle+0x61/0x150
[ 260.502367] ? default_do_nmi+0x42/0x100
[ 260.502399] ? exc_nmi+0x122/0x1a0
[ 260.502421] ? end_repeat_nmi+0xf/0x53
[ 260.502451] ? __pv_queued_spin_lock_slowpath+0x119/0x660
[ 260.502494] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.502533] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.502596] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.502630] </NMI>
[ 260.502637] <TASK>
[ 260.502647] ? srso_return_thunk+0x5/0x5f
[ 260.502672] oops_begin+0x8c/0x90
[ 260.502693] page_fault_oops+0x62/0x4f0
[ 260.502719] ? srso_return_thunk+0x5/0x5f
[ 260.502752] ? get_page_from_freelist+0x1274/0x1400
[ 260.502803] exc_page_fault+0x81/0x190
[ 260.502841] asm_exc_page_fault+0x26/0x30
[ 260.502861] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
[ 260.502885] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 b2 8f 09
[ 260.502904] RSP: 0018:ffffbae1c0f5b9f0 EFLAGS: 00010046
[ 260.502919] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000034
[ 260.502933] RDX: 0000000000000001 RSI: ffffffffb0f81714 RDI: 0000000000000000
[ 260.502945] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
[ 260.502958] R10: 0000000000000286 R11: 000800000003478c R12: 000000000003478c
[ 260.502971] R13: 0000000000000035 R14: 0000000000000000 R15: 0000000000000000
[ 260.503012] ? __mod_memcg_lruvec_state+0x214/0x220
[ 260.503054] __mod_memcg_lruvec_state+0x214/0x220
[ 260.503090] __mod_lruvec_state+0x41/0x50
[ 260.503117] __lruvec_stat_mod_folio+0xb9/0x110
[ 260.503147] folio_remove_rmap_ptes+0xaa/0x160
[ 260.503183] unmap_page_range+0x128c/0x2240
[ 260.503262] unmap_single_vma+0xbe/0x130
[ 260.503295] unmap_vmas+0x16b/0x2d0
[ 260.503355] exit_mmap+0x141/0x530
[ 260.503412] __mmput+0x86/0x1d0
[ 260.503460] mmput+0x3f/0x50
[ 260.503494] do_exit+0x4d0/0x12f0
[ 260.503534] make_task_dead+0xe0/0x200
[ 260.503566] rewind_stack_and_make_dead+0x16/0x20
[ 260.503594] RIP: 0033:0x7f65e3c30240
[ 260.503610] Code: Unable to access opcode bytes at 0x7f65e3c30216.
[ 260.503620] RSP: 002b:00007ffc8ae74e18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 260.503642] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f65e3c30240
[ 260.503656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 260.503668] RBP: 0000563ac0e0c060 R08: 000000000000001d R09: 00007ffc8ae74d00
[ 260.503681] R10: 00007f65e3a91da0 R11: 0000000000000202 R12: 0000563ac0e0c060
[ 260.503694] R13: 0000000000000208 R14: 00007f65e3d33045 R15: 00007ffc8ae75220
[ 260.503727] </TASK>
[ 260.503963] rcu: rcu_preempt kthread starved for 45428 jiffies! g1513 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=7
[ 260.583746] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 260.584570] rcu: RCU grace-period kthread stack dump:
[ 260.585042] task:rcu_preempt state:R running task stack:0 pid:16 tgid:16 ppid:2 flags:0x00004000
[ 260.586069] Call Trace:
[ 260.586311] <TASK>
[ 260.586531] __schedule+0x3eb/0xab0
[ 260.586900] schedule+0x27/0xf0
[ 260.587222] schedule_timeout+0xe0/0x200
[ 260.587655] ? __pfx_process_timeout+0x10/0x10
[ 260.588098] rcu_gp_fqs_loop+0x1e1/0x850
[ 260.588489] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 260.588928] rcu_gp_kthread+0x190/0x2a0
[ 260.589308] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 260.589751] kthread+0x179/0x1b0
[ 260.590081] ? __pfx_kthread+0x10/0x10
[ 260.590455] ret_from_fork+0x34/0x50
[ 260.590811] ? __pfx_kthread+0x10/0x10
[ 260.591193] ret_from_fork_asm+0x1a/0x30
[ 260.591598] </TASK>
[ 260.591820] rcu: Stack dump where RCU GP kthread last ran:
[ 260.592321] Sending NMI from CPU 24 to CPUs 7:
[ 260.592785] NMI backtrace for cpu 7
[ 260.592805] CPU: 7 PID: 0 Comm: swapper/7 Tainted: G D 6.9.0-rc1+ #83
[ 260.592828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 260.592844] RIP: 0010:__pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.592894] Code: 01 00 00 00 48 89 04 24 e8 1e 92 15 ff c6 45 14 00 48 89 6c 24 08 eb 12 81 fd ff ff 00 00 76 54 81 e5 00 ff 00 00 75 4c f3 90 <ba> 04 00 00 00 be 04 00 00 00 48 89 df e8 5f 98 15 ff 48 89 d8
[ 260.592913] RSP: 0018:ffffbae1c00e3b78 EFLAGS: 00000046
[ 260.592930] RAX: ffff9b95c08713b0 RBX: ffffffffb363b80c RCX: 0001ffffffffffff
[ 260.592943] RDX: ffff9b95c0870000 RSI: 0000000000000004 RDI: ffffffffb363b80c
[ 260.592956] RBP: 0000000000000000 R08: ffffffffb36dfa50 R09: 0000000000000000
[ 260.592969] R10: 0001ffffb363b80c R11: ffffffffb1c8b879 R12: 0000000000000001
[ 260.592982] R13: 0000000000000000 R14: ffff9b9d1f1b63c8 R15: 0000000000000007
[ 260.592997] FS: 0000000000000000(0000) GS:ffff9b9d1f180000(0000) knlGS:0000000000000000
[ 260.593014] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 260.593027] CR2: 0000000000025f30 CR3: 000000056e220000 CR4: 00000000003506f0
[ 260.593057] Call Trace:
[ 260.593066] <NMI>
[ 260.593080] ? nmi_cpu_backtrace+0xee/0x190
[ 260.593116] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 260.593147] ? nmi_handle+0x61/0x150
[ 260.593179] ? default_do_nmi+0x42/0x100
[ 260.593204] ? exc_nmi+0x122/0x1a0
[ 260.593226] ? end_repeat_nmi+0xf/0x53
[ 260.593255] ? __pv_queued_spin_lock_slowpath+0x119/0x660
[ 260.593293] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.593336] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.593371] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 260.593420] </NMI>
[ 260.593427] <TASK>
[ 260.593436] ? srso_return_thunk+0x5/0x5f
[ 260.593463] oops_begin+0x8c/0x90
[ 260.593484] page_fault_oops+0x62/0x4f0
[ 260.593511] ? srso_return_thunk+0x5/0x5f
[ 260.593539] exc_page_fault+0x81/0x190
[ 260.593570] asm_exc_page_fault+0x26/0x30
[ 260.593601] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 260.593624] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 260.593650] RSP: 0018:ffffbae1c00e3d40 EFLAGS: 00010046
[ 260.593665] RAX: 0000000000000000 RBX: ffff9b95c08713b0 RCX: 0000000000000025
[ 260.593678] RDX: 0000000000000001 RSI: ffffffffb0c40cdf RDI: 0000000000000000
[ 260.593691] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 260.593703] R10: 0000000000000082 R11: 0010000000025f30 R12: 0000000000025f30
[ 260.593725] R13: 0000000000000026 R14: 0000000000000000 R15: 0000000000000000
[ 260.593749] ? tick_program_event+0x1f/0xa0
[ 260.593798] ? rb_insert_color+0x32/0x340
[ 260.593822] ? srso_return_thunk+0x5/0x5f
[ 260.593841] ? tick_program_event+0x58/0xa0
[ 260.593875] tick_program_event+0x1f/0xa0
[ 260.593899] hrtimer_reprogram+0x16e/0x180
[ 260.593926] hrtimer_start_range_ns+0x420/0x5d0
[ 260.593948] ? srso_return_thunk+0x5/0x5f
[ 260.593977] tick_nohz_restart_sched_tick+0xc7/0x100
[ 260.594008] tick_nohz_idle_exit+0xb7/0x150
[ 260.594042] do_idle+0x13e/0x240
[ 260.594067] ? complete+0x54/0x80
[ 260.594093] cpu_startup_entry+0x29/0x30
[ 260.594119] start_secondary+0x11c/0x140
[ 260.594143] common_startup_64+0x13e/0x141
[ 260.594188] </TASK>
[ 323.527289] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 323.528135] rcu: 4-...!: (0 ticks this GP) idle=de5c/1/0x4000000000000000 softirq=553/553 fqs=69
[ 323.529214] rcu: (detected by 24, t=61323 jiffies, g=1513, q=86 ncpus=32)
[ 323.530031] Sending NMI from CPU 24 to CPUs 4:
[ 323.530593] NMI backtrace for cpu 4
[ 323.530607] CPU: 4 PID: 783 Comm: sudo Tainted: G D 6.9.0-rc1+ #83
[ 323.530631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 323.530647] RIP: 0010:__kcsan_check_access+0x9e/0x180
[ 573.907289] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: ff 48 39 ea 0f 83 d0 00 00 00 49 83 c0 08 49 39 c0 75 be 65 8b 15 1a f6 24 4f <f7> c2 09605] </TASK>
[ 573.908228] rcu: 4-...!: (0 ticks this GP) idle=de5c/1/0x4000000000000000 softirq=553/553 fqs=69
[ 573.909496] rcu: (detected by 21, t=123918 jiffies, g=1513, q=86 ncpus=32)
[ 573.910480] Sending NMI from CPU 21 to CPUs 4:
[ 573.911131] NMI backtrace for cpu 4
[ 573.911145] CPU: 4 PID: 783 Comm: sudo Tainted: G D 6.9.0-rc1+ #83
[ 573.911170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 573.911188] RIP: 0010:__pv_queued_spin_lock_slowpath+0xff/0x660
[ 573.911249] Code: 01 00 00 00 48 89 04 24 e8 1e 92 15 ff c6 45 14 00 48 89 6c 24 08 eb 12 81 fd ff ff 00 00 76 54 81 e5 00 ff 00 00 75 4c f3 90 <ba> 04 00 00 00 be 04 00 00 00 48 89 df e8 5f 98 15 ff 48 89 d8
[ 573.911270] RSP: 0018:ffffbae1c0f5b828 EFLAGS: 00000046
[ 573.911291] RAX: ffff9b95c4ba93b0 RBX: ffffffffb363b80c RCX: 0001ffffffffffff
[ 573.911306] RDX: ffff9b95c4ba8000 RSI: 0000000000000004 RDI: ffffffffb363b80c
[ 573.911321] RBP: 0000000000000000 R08: ffffffffb36dfa50 R09: 0000000000000000
[ 573.911337] R10: 0001ffffb363b80c R11: ffffffffb1c8b879 R12: 0000000000000001
[ 573.911361] R13: 0000000000000000 R14: ffff9b9d1f0363c8 R15: 0000000000000004
[ 573.911378] FS: 00007f65e3a91f00(0000) GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
[ 573.911398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 573.911414] CR2: 000000000003478c CR3: 0000000102e26000 CR4: 00000000003506f0
[ 573.911430] Call Trace:
[ 573.911449] <NMI>
[ 573.911465] ? nmi_cpu_backtrace+0xee/0x190
[ 573.911507] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 573.911538] ? nmi_handle+0x61/0x150
[ 573.911586] ? default_do_nmi+0x42/0x100
[ 573.911616] ? exc_nmi+0x122/0x1a0
[ 573.911643] ? end_repeat_nmi+0xf/0x53
[ 573.911697] ? __pv_queued_spin_lock_slowpath+0x119/0x660
[ 573.911750] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 573.911790] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 573.911831] ? __pv_queued_spin_lock_slowpath+0xff/0x660
[ 573.911870] </NMI>
[ 573.911879] <TASK>
[ 573.911890] ? srso_return_thunk+0x5/0x5f
[ 573.911919] oops_begin+0x8c/0x90
[ 573.911943] page_fault_oops+0x62/0x4f0
[ 573.911974] ? srso_return_thunk+0x5/0x5f
[ 573.911996] ? get_page_from_freelist+0x1274/0x1400
[ 573.912061] exc_page_fault+0x81/0x190
[ 573.912098] asm_exc_page_fault+0x26/0x30
[ 573.912122] RIP: 0010:kcsan_setup_watchpoint+0x3cc/0x400
[ 573.912155] Code: 8b 04 24 4c 89 c2 48 31 c2 e9 69 fe ff ff 45 31 c0 e9 c3 fd ff ff 4c 89 c2 31 c0 e9 57 fe ff ff 45 0f b6 04 24 e9 af fd ff ff <45> 8b 04 24 e9 a6 fd ff ff 85 c9 74 08 f0 48 ff 05 b7 b2 8f 09
[ 573.912176] RSP: 0018:ffffbae1c0f5b9f0 EFLAGS: 00010046
[ 573.912195] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX: 0000000000000034
[ 573.912210] RDX: 0000000000000001 RSI: ffffffffb0f81714 RDI: 0000000000000000
[ 573.912238] RBP: 0000000000000004 R08: 00000000aaaaaaab R09: 0000000000000000
[ 573.912254] R10: 0000000000000286 R11: 000800000003478c R12: 000000000003478c
[ 573.912268] R13: 0000000000000035 R14: 0000000000000000 R15: 0000000000000000
[ 573.912296] ? __mod_memcg_lruvec_state+0x214/0x220
[ 573.912345] __mod_memcg_lruvec_state+0x214/0x220
[ 573.912393] __mod_lruvec_state+0x41/0x50
[ 573.912423] __lruvec_stat_mod_folio+0xb9/0x110
[ 573.912472] folio_remove_rmap_ptes+0xaa/0x160
[ 573.912514] unmap_page_range+0x128c/0x2240
[ 573.912582] unmap_single_vma+0xbe/0x130
[ 573.912625] unmap_vmas+0x16b/0x2d0
[ 573.912670] exit_mmap+0x141/0x530
[ 573.912735] __mmput+0x86/0x1d0
[ 573.912769] mmput+0x3f/0x50
[ 573.912807] do_exit+0x4d0/0x12f0
[ 573.912860] make_task_dead+0xe0/0x200
[ 573.912897] rewind_stack_and_make_dead+0x16/0x20
[ 573.912923] RIP: 0033:0x7f65e3c30240
[ 573.912952] Code: Unable to access opcode bytes at 0x7f65e3c30216.
[ 573.912962] RSP: 002b:00007ffc8ae74e18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 573.912985] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f65e3c30240
[ 573.912999] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[ 573.913026] RBP: 0000563ac0e0c060 R08: 000000000000001d R09: 00007ffc8ae74d00
[ 573.913042] R10: 00007f65e3a91da0 R11: 0000000000000202 R12: 0000563ac0e0c060
[ 573.913056] R13: 0000000000000208 R14: 00007f65e3d33045 R15: 00007ffc8ae75220
[ 573.913096] </TASK>
[ 573.913106] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.976 msecs
[ 573.914104] rcu: rcu_preempt kthread starved for 123780 jiffies! g1513 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=7
[ 573.961837] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 573.962736] rcu: RCU grace-period kthread stack dump:
[ 573.963243] task:rcu_preempt state:R running task stack:0 pid:16 tgid:16 ppid:2 flags:0x00004000
[ 573.964363] Call Trace:
[ 573.964626] <TASK>
[ 573.964859] __schedule+0x3eb/0xab0
[ 573.965253] schedule+0x27/0xf0
[ 573.965623] schedule_timeout+0xe0/0x200
[ 573.966069] ? __pfx_process_timeout+0x10/0x10
[ 573.966551] rcu_gp_fqs_loop+0x1e1/0x850
[ 573.966975] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 573.967437] rcu_gp_kthread+0x190/0x2a0
[ 573.967881] ? __pfx_rcu_gp_kthread+0x10/0x10
[ 573.968339] kthread+0x179/0x1b0
[ 573.968704] ? __pfx_kthread+0x10/0x10
[ 573.969112] ret_from_fork+0x34/0x50
[ 573.969500] ? __pfx_kthread+0x10/0x10
[ 573.969912] ret_from_fork_asm+0x1a/0x30
[ 573.970343] </TASK>
[ 573.970590] rcu: Stack dump where RCU GP kthread last ran:
[ 573.971129] Sending NMI from CPU 21 to CPUs 7:
[ 573.971624] NMI backtrace for cpu 7
[ 573.971642] CPU: 7 PID: 0 Comm: swapper/7 Tainted: G D 6.9.0-rc1+ #83
[ 573.971675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 573.971691] RIP: 0010:__tsan_unaligned_volatile_read4+0x0/0x130
[ 573.971729] Code: 00 41 5c e9 82 db ff ff 5b 5d 41 5c e9 39 e0 ff ff 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 89 f8 53 49 89 fa 48 89 fb 48 c1 e8 09 4c 8b 54
[ 573.971748] RSP: 0018:ffffbae1c00e3b70 EFLAGS: 00000046
[ 573.971765] RAX: ffff9b95c08713b0 RBX: ffffffffb363b80c RCX: 0001ffffffffffff
[ 573.971799] RDX: 0000000000000002 RSI: 0000000000000004 RDI: ffffffffb363b80c
[ 573.971812] RBP: 0000000000000000 R08: ffffffffb36dfa50 R09: 0000000000000000
[ 573.971825] R10: ffffffffb363b80c R11: ffffffffb1c8b871 R12: 0000000000000001
[ 573.971838] R13: 0000000000000000 R14: ffff9b9d1f1b63c8 R15: 0000000000000007
[ 573.971852] FS: 0000000000000000(0000) GS:ffff9b9d1f180000(0000) knlGS:0000000000000000
[ 573.971869] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 573.971883] CR2: 0000000000025f30 CR3: 000000056e220000 CR4: 00000000003506f0
[ 573.971898] Call Trace:
[ 573.971907] <NMI>
[ 573.971921] ? nmi_cpu_backtrace+0xee/0x190
[ 573.971959] ? nmi_cpu_backtrace_handler+0x11/0x20
[ 573.971999] ? nmi_handle+0x61/0x150
[ 573.972028] ? default_do_nmi+0x42/0x100
[ 573.972066] ? exc_nmi+0x122/0x1a0
[ 573.972089] ? end_repeat_nmi+0xf/0x53
[ 573.972117] ? __pv_queued_spin_lock_slowpath+0x111/0x660
[ 573.972158] ? __pfx___tsan_unaligned_volatile_read4+0x10/0x10
[ 573.972190] ? __pfx___tsan_unaligned_volatile_read4+0x10/0x10
[ 573.972229] ? __pfx___tsan_unaligned_volatile_read4+0x10/0x10
[ 573.972261] </NMI>
[ 573.972268] <TASK>
[ 573.972276] __pv_queued_spin_lock_slowpath+0x119/0x660
[ 573.972309] ? srso_return_thunk+0x5/0x5f
[ 573.972334] oops_begin+0x8c/0x90
[ 573.972375] page_fault_oops+0x62/0x4f0
[ 573.972403] ? srso_return_thunk+0x5/0x5f
[ 573.972431] exc_page_fault+0x81/0x190
[ 573.972469] asm_exc_page_fault+0x26/0x30
[ 573.972490] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
[ 573.972520] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
[ 573.972553] RSP: 0018:ffffbae1c00e3d40 EFLAGS: 00010046
[ 573.972569] RAX: 0000000000000000 RBX: ffff9b95c08713b0 RCX: 0000000000000025
[ 573.972582] RDX: 0000000000000001 RSI: ffffffffb0c40cdf RDI: 0000000000000000
[ 573.972595] RBP: 0000000000000008 R08: 00000000aaaaaaab R09: 0000000000000000
[ 573.972608] R10: 0000000000000082 R11: 0010000000025f30 R12: 0000000000025f30
[ 573.972621] R13: 0000000000000026 R14: 0000000000000000 R15: 0000000000000000
[ 573.972655] ? tick_program_event+0x1f/0xa0
[ 573.972685] ? rb_insert_color+0x32/0x340
[ 573.972718] ? srso_return_thunk+0x5/0x5f
[ 573.972737] ? tick_program_event+0x58/0xa0
[ 573.972765] tick_program_event+0x1f/0xa0
[ 573.972788] hrtimer_reprogram+0x16e/0x180
[ 573.972821] hrtimer_start_range_ns+0x420/0x5d0
[ 573.972844] ? srso_return_thunk+0x5/0x5f
[ 573.972873] tick_nohz_restart_sched_tick+0xc7/0x100
[ 573.972904] tick_nohz_idle_exit+0xb7/0x150
[ 573.972934] do_idle+0x13e/0x240
[ 573.972960] ? complete+0x54/0x80
[ 573.972983] cpu_startup_entry+0x29/0x30
[ 573.973021] start_secondary+0x11c/0x140
[ 573.973045] common_startup_64+0x13e/0x141
[ 573.973091] </TASK>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: BUG: unable to handle page fault for address: 0000000000030368
2024-03-28 16:17 ` Paul Menzel
@ 2024-04-09 19:21 ` Marco Elver
0 siblings, 0 replies; 3+ messages in thread
From: Marco Elver @ 2024-04-09 19:21 UTC (permalink / raw)
To: Paul Menzel
Cc: kasan-dev, Thomas Gleixner, Borislav Petkov, Peter Zijlstra,
Josh Poimboeuf, Ingo Molnar, Dave Hansen, x86, LKML
On Thu, 28 Mar 2024 at 17:17, Paul Menzel <pmenzel@molgen.mpg.de> wrote:
>
> Dear Marco, dear Linux folks,
>
>
> Am 26.03.24 um 13:44 schrieb Paul Menzel:
> > [Cc: +X86 maintainers]
>
> > Thank you for your quick reply. (Note, that your mailer wrapped the
> > pasted lines.)
> >
> > Am 26.03.24 um 11:07 schrieb Marco Elver:
> >> On Tue, 26 Mar 2024 at 10:23, Paul Menzel wrote:
> >
> >>> Trying KCSAN the first time – configuration attached –, it fails to boot
> >>> on the Dell XPS 13 9360 and QEMU q35. I couldn’t get logs on the Dell
> >>> XPS 13 9360, so here are the QEMU ones:
> >>
> >> If there's a bad access somewhere which is instrumented by KCSAN, it
> >> will unfortunately still crash inside KCSAN.
> >>
> >> What happens if you compile with CONFIG_KCSAN_EARLY_ENABLE=n? It
> >> disables KCSAN (but otherwise the kernel image is the same) and
> >> requires turning it on manually with "echo on >
> >> /sys/kernel/debug/kcsan" after boot.
> >>
> >> If it still crashes, then there's definitely a bug elsewhere. If it
> >> doesn't crash, and only crashes with KCSAN enabled, my guess is that
> >> KCSAN's delays of individual threads are perturbing execution to
> >> trigger previously undetected bugs.
> >
> > Such a Linux kernel booted with a warning on the Dell XPS 13 9360 (but
> > booted with *no* warning on QEMU q35) [1], but enabling KCSAN on the
> > laptop hangs the laptop right away. I couldn’t get any logs of the laptop.
>
> In the QEMU q35 virtual machine `echo on | sudo tee
> /sys/kernel/debug/kcsan` also locks up the system. Please find the logs
> attached.
>
> [ 78.241245] BUG: unable to handle page fault for address:
> 0000000000019a18
> [ 78.242815] #PF: supervisor read access in kernel mode
> [ 78.244001] #PF: error_code(0x0000) - not-present page
> [ 78.245186] PGD 0 P4D 0
> [ 78.245828] Oops: 0000 [#1] PREEMPT SMP NOPTI
> [ 78.246878] CPU: 4 PID: 783 Comm: sudo Not tainted 6.9.0-rc1+ #83
> [ 78.248289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),
> BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
> [ 78.250763] RIP: 0010:kcsan_setup_watchpoint+0x2b3/0x400
> [ 78.252108] Code: ea 00 f0 48 ff 05 25 b4 8f 02 eb e0 65 48 8b
> 05 7b 53 23 4f 48 8d 98 c0 02 03 00 e9 9f fd ff ff 48 83 fd 08 0f 85 fd
> 00 00 00 <4d> 8b 04 24 e9 bf fe ff ff 49 85 d1 75 54 ba 01 00 00 00 4a 84
> [ 78.256284] RSP: 0018:ffffbae1c0f5bc48 EFLAGS: 00010046
> [ 78.257548] RAX: 0000000000000000 RBX: ffff9b95c4ba93b0 RCX:
> 0000000000000019
> [ 78.259158] RDX: 0000000000000001 RSI: ffffffffb0f82d36 RDI:
> 0000000000000000
> [ 78.260781] RBP: 0000000000000008 R08: 00000000aaaaaaab R09:
> 0000000000000000
> [ 78.262417] R10: 0000000000000086 R11: 0010000000019a18 R12:
> 0000000000019a18
> [ 78.264040] R13: 000000000000001a R14: 0000000000000000 R15:
> 0000000000000000
> [ 78.265658] FS: 00007f65e3a91f00(0000)
> GS:ffff9b9d1f000000(0000) knlGS:0000000000000000
> [ 78.267480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 78.268804] CR2: 0000000000019a18 CR3: 0000000102e26000 CR4:
> 00000000003506f0
> [ 78.270424] Call Trace:
> [ 78.271036] <TASK>
> [ 78.271572] ? __die+0x23/0x70
> [ 78.272344] ? page_fault_oops+0x173/0x4f0
> [ 78.273400] ? exc_page_fault+0x81/0x190
> [ 78.274373] ? asm_exc_page_fault+0x26/0x30
> [ 78.275395] ? refill_obj_stock+0x36/0x2e0
> [ 78.276410] ? kcsan_setup_watchpoint+0x2b3/0x400
> [ 78.277556] refill_obj_stock+0x36/0x2e0
> [ 78.278540] obj_cgroup_uncharge+0x13/0x20
> [ 78.279596] __memcg_slab_free_hook+0xac/0x140
> [ 78.280661] ? free_pipe_info+0x135/0x150
> [ 78.281631] kfree+0x2de/0x310
> [ 78.282419] free_pipe_info+0x135/0x150
> [ 78.283395] pipe_release+0x188/0x1a0
> [ 78.284303] __fput+0x127/0x4e0
> [ 78.285114] __fput_sync+0x35/0x40
> [ 78.285958] __x64_sys_close+0x54/0xa0
> [ 78.286914] do_syscall_64+0x88/0x1a0
> [ 78.287810] ? fpregs_assert_state_consistent+0x7e/0x90
> [ 78.289185] ? srso_return_thunk+0x5/0x5f
> [ 78.290203] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
> [ 78.291568] ? srso_return_thunk+0x5/0x5f
> [ 78.292518] ? syscall_exit_to_user_mode+0x40/0xe0
> [ 78.293651] ? srso_return_thunk+0x5/0x5f
> [ 78.294606] ? do_syscall_64+0x94/0x1a0
> [ 78.295516] ? arch_exit_to_user_mode_prepare.isra.0+0x69/0xa0
> [ 78.296876] ? srso_return_thunk+0x5/0x5f
>
> Can you reproduce this?
This seems to be a compiler issue with a new feature introduced in
6.9-rc1, and it's fixed in 6.9-rc2. It was fixed by: b6540de9b5c8
x86/percpu: Disable named address spaces for KCSAN
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-04-09 19:22 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bd455761-3dbf-4f44-a0e3-dff664284fcc@molgen.mpg.de>
[not found] ` <CANpmjNMAfLDZtHaZBZk_tZ-oM5FgYTSOgfbJLTFN7JE-mq0u_A@mail.gmail.com>
2024-03-26 12:44 ` BUG: unable to handle page fault for address: 0000000000030368 Paul Menzel
2024-03-28 16:17 ` Paul Menzel
2024-04-09 19:21 ` Marco Elver
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.