From: kernel test robot <yujie.liu@intel.com>
To: Mike Rapoport <rppt@kernel.org>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>,
Mike Rapoport <rppt@kernel.org>
Subject: [rppt:execmem/x86-rox/rfc-v2] [x86/module] 6e2766e629: BUG:unable_to_handle_page_fault_for_address
Date: Fri, 10 May 2024 17:32:39 +0800 [thread overview]
Message-ID: <202405101709.37715bca-lkp@intel.com> (raw)
Hello,
kernel test robot noticed "BUG:unable_to_handle_page_fault_for_address" on:
commit: 6e2766e6297f77c7bbadeabedaa4e45877ef9692 ("x86/module: enable ROX caches for module text")
https://git.kernel.org/cgit/linux/kernel/git/rppt/linux.git execmem/x86-rox/rfc-v2
in testcase: boot
compiler: clang-18
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <yujie.liu@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202405101709.37715bca-lkp@intel.com
[ 186.815140][ T67] BUG: unable to handle page fault for address: ef20095d
[ 186.816059][ T67] #PF: supervisor write access in kernel mode
[ 186.816831][ T67] #PF: error_code(0x0003) - permissions violation
[ 186.817629][ T67] *pdpt = 000000000e7f5001 *pde = 00000000233da067 *pte = 00000000abe64121
[ 186.818715][ T67] Oops: 0003 [#1] PREEMPT SMP
[ 186.819299][ T67] CPU: 1 PID: 67 Comm: modprobe Tainted: G W N 6.9.0-rc4-00023-g6e2766e6297f #1
[ 186.820586][ T67] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 186.821902][ T67] EIP: apply_relocate (arch/x86/kernel/module.c:?)
[ 186.822391][ T67] Code: 8d 54 f0 14 8d 0c 89 8d 4c c8 0c 89 4d e8 31 db 89 45 ec 89 55 f0 eb 24 90 90 90 90 90 c1 e6 04 8b 44 31 04 29 d0 89 d1 03 01 <89> 02 43 8b 55 f0 8b 02 c1 e8 03 39 c3 8b 45 ec 73 3a 8b 4a 08 8d
All code
========
0: 8d 54 f0 14 lea 0x14(%rax,%rsi,8),%edx
4: 8d 0c 89 lea (%rcx,%rcx,4),%ecx
7: 8d 4c c8 0c lea 0xc(%rax,%rcx,8),%ecx
b: 89 4d e8 mov %ecx,-0x18(%rbp)
e: 31 db xor %ebx,%ebx
10: 89 45 ec mov %eax,-0x14(%rbp)
13: 89 55 f0 mov %edx,-0x10(%rbp)
16: eb 24 jmp 0x3c
18: 90 nop
19: 90 nop
1a: 90 nop
1b: 90 nop
1c: 90 nop
1d: c1 e6 04 shl $0x4,%esi
20: 8b 44 31 04 mov 0x4(%rcx,%rsi,1),%eax
24: 29 d0 sub %edx,%eax
26: 89 d1 mov %edx,%ecx
28: 03 01 add (%rcx),%eax
2a:* 89 02 mov %eax,(%rdx) <-- trapping instruction
2c: 43 8b 55 f0 rex.XB mov -0x10(%r13),%edx
30: 8b 02 mov (%rdx),%eax
32: c1 e8 03 shr $0x3,%eax
35: 39 c3 cmp %eax,%ebx
37: 8b 45 ec mov -0x14(%rbp),%eax
3a: 73 3a jae 0x76
3c: 8b 4a 08 mov 0x8(%rdx),%ecx
3f: 8d .byte 0x8d
Code starting with the faulting instruction
===========================================
0: 89 02 mov %eax,(%rdx)
2: 43 8b 55 f0 rex.XB mov -0x10(%r13),%edx
6: 8b 02 mov (%rdx),%eax
8: c1 e8 03 shr $0x3,%eax
b: 39 c3 cmp %eax,%ebx
d: 8b 45 ec mov -0x14(%rbp),%eax
10: 73 3a jae 0x4c
12: 8b 4a 08 mov 0x8(%rdx),%ecx
15: 8d .byte 0x8d
[ 186.823986][ T67] EAX: bbd19ccc EBX: 00000000 ECX: ef063258 EDX: ef20095d
[ 186.824574][ T67] ESI: 00000250 EDI: 00000001 EBP: e14a3d8c ESP: e14a3d70
[ 186.825153][ T67] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00010287
[ 186.825775][ T67] CR0: 80050033 CR2: ef20095d CR3: 0134adc0 CR4: 000406b0
[ 186.826356][ T67] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 186.826936][ T67] DR6: fffe0ff0 DR7: 00000400
[ 186.827317][ T67] Call Trace:
[ 186.827584][ T67] ? __die_body (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)
[ 186.827941][ T67] ? __die (arch/x86/kernel/dumpstack.c:434)
[ 186.828266][ T67] ? page_fault_oops (arch/x86/mm/fault.c:709)
[ 186.828672][ T67] ? kernelmode_fixup_or_oops (arch/x86/mm/fault.c:767)
[ 186.829126][ T67] ? __bad_area_nosemaphore (arch/x86/mm/fault.c:814)
[ 186.829572][ T67] ? bad_area_nosemaphore (arch/x86/mm/fault.c:863)
[ 186.829990][ T67] ? do_kern_addr_fault (arch/x86/mm/fault.c:1223)
[ 186.830400][ T67] ? exc_page_fault (arch/x86/mm/fault.c:?)
[ 186.830783][ T67] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1518)
[ 186.831287][ T67] ? handle_exception (arch/x86/entry/entry_32.S:1047)
[ 186.831698][ T67] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1518)
[ 186.832201][ T67] ? apply_relocate (arch/x86/kernel/module.c:?)
[ 186.832557][ T67] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1518)
[ 186.833023][ T67] ? apply_relocate (arch/x86/kernel/module.c:?)
[ 186.833379][ T67] apply_relocations (kernel/module/main.c:1508)
[ 186.833740][ T67] load_module (kernel/module/main.c:2987)
[ 186.834089][ T67] __ia32_sys_init_module (kernel/module/main.c:3125 kernel/module/main.c:3105 kernel/module/main.c:3105)
[ 186.834497][ T67] ia32_sys_call (arch/x86/entry/syscall_32.c:42)
[ 186.834857][ T67] do_int80_syscall_32 (arch/x86/entry/common.c:?)
[ 186.835230][ T67] ? __this_cpu_preempt_check (lib/smp_processor_id.c:67)
[ 186.835643][ T67] ? lock_release (kernel/locking/lockdep.c:467)
[ 186.835997][ T67] ? insert_page_into_pte_locked (include/linux/rcupdate.h:338)
[ 186.836461][ T67] ? rcu_lock_release (include/linux/rcupdate.h:340)
[ 186.836828][ T67] ? handle_mm_fault (mm/memory.c:4886)
[ 186.837209][ T67] ? do_user_addr_fault (include/linux/mmap_lock.h:?)
[ 186.837601][ T67] ? __this_cpu_preempt_check (lib/smp_processor_id.c:67)
[ 186.838013][ T67] ? lock_release (kernel/locking/lockdep.c:467)
[ 186.838365][ T67] ? do_user_addr_fault (include/linux/mmap_lock.h:?)
[ 186.838757][ T67] ? irqentry_exit (kernel/entry/common.c:367)
[ 186.839104][ T67] ? __this_cpu_preempt_check (lib/smp_processor_id.c:67)
[ 186.839517][ T67] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4421)
[ 186.839911][ T67] ? irqentry_exit_to_user_mode (kernel/entry/common.c:234)
[ 186.840353][ T67] ? irqentry_exit (kernel/entry/common.c:367)
[ 186.840700][ T67] ? exc_page_fault (arch/x86/mm/fault.c:1567)
[ 186.841056][ T67] entry_INT80_32 (arch/x86/entry/entry_32.S:944)
[ 186.841411][ T67] EIP: 0xb7fb31b2
[ 186.841685][ T67] Code: 89 c2 31 c0 89 d7 f3 aa 8b 44 24 1c 89 30 c6 40 04 00 83 c4 2c 89 f0 5b 5e 5f 5d c3 90 90 90 90 90 90 90 90 90 90 90 90 cd 80 <c3> 8d b6 00 00 00 00 8d bc 27 00 00 00 00 8b 1c 24 c3 8d b6 00 00
All code
========
0: 89 c2 mov %eax,%edx
2: 31 c0 xor %eax,%eax
4: 89 d7 mov %edx,%edi
6: f3 aa rep stos %al,%es:(%rdi)
8: 8b 44 24 1c mov 0x1c(%rsp),%eax
c: 89 30 mov %esi,(%rax)
e: c6 40 04 00 movb $0x0,0x4(%rax)
12: 83 c4 2c add $0x2c,%esp
15: 89 f0 mov %esi,%eax
17: 5b pop %rbx
18: 5e pop %rsi
19: 5f pop %rdi
1a: 5d pop %rbp
1b: c3 ret
1c: 90 nop
1d: 90 nop
1e: 90 nop
1f: 90 nop
20: 90 nop
21: 90 nop
22: 90 nop
23: 90 nop
24: 90 nop
25: 90 nop
26: 90 nop
27: 90 nop
28: cd 80 int $0x80
2a:* c3 ret <-- trapping instruction
2b: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
31: 8d bc 27 00 00 00 00 lea 0x0(%rdi,%riz,1),%edi
38: 8b 1c 24 mov (%rsp),%ebx
3b: c3 ret
3c: 8d .byte 0x8d
3d: b6 00 mov $0x0,%dh
...
Code starting with the faulting instruction
===========================================
0: c3 ret
1: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
7: 8d bc 27 00 00 00 00 lea 0x0(%rdi,%riz,1),%edi
e: 8b 1c 24 mov (%rsp),%ebx
11: c3 ret
12: 8d .byte 0x8d
13: b6 00 mov $0x0,%dh
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240510/202405101709.37715bca-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
reply other threads:[~2024-05-10 9:32 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202405101709.37715bca-lkp@intel.com \
--to=yujie.liu@intel.com \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).