| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Apr 2014 14:56:31 +0800
From: Fengguang Wu <fengguang.wu@...el.com>
To: Mel Gorman <mgorman@...e.de>
Cc: linux-kernel@...r.kernel.org,
Linux Memory Management List <linux-mm@...ck.org>,
Jet Chen <jet.chen@...el.com>
Subject: [_PAGE_NUMA] kernel BUG at arch/x86/include/asm/pgtable.h:451!
Hi Mel,
I got the below dmesg and the first bad commit is
git://git.kernel.org/pub/scm/linux/kernel/git/mel/linux-balancenuma mm-numa-use-high-bit-v3r1
commit b1a008d57c41562cb9f3fe6159205f971483d66a
Author: Mel Gorman <mgorman@...e.de>
AuthorDate: Mon Apr 7 10:25:12 2014 +0100
Commit: Mel Gorman <mgorman@...e.de>
CommitDate: Tue Apr 8 10:17:19 2014 +0100
x86: Define _PAGE_NUMA by reusing software bits on the PMD and PTE levels
_PAGE_NUMA is currently an alias of _PROT_PROTNONE to trap NUMA hinting
faults. Care is taken such that _PAGE_NUMA is used only in situations where
the VMA flags distinguish between NUMA hinting faults and prot_none faults.
Conceptually this is difficult and it has caused problems.
Fundamentally, we only need the _PAGE_NUMA bit to tell the difference between
an entry that is really unmapped and a page that is protected for NUMA
hinting faults as if the PTE is not present then a fault will be trapped.
Currently one of the software bits is used for identifying IO mappings and
by Xen to track if it's a Xen PTE or a machine PFN. This patch reuses the
software bit for IOMAP for NUMA hinting faults with the expectation that
the bit is not used for userspace addresses. Xen and NUMA balancing are
now mutually exclusive in Kconfig.
Signed-off-by: Mel Gorman <mgorman@...e.de>
+----------------------------------------------------------+------------+
| | b1a008d57c |
+----------------------------------------------------------+------------+
| boot_successes | 0 |
| boot_failures | 20 |
| kernel_BUG_at_arch/x86/include/asm/pgtable.h | 20 |
| invalid_opcode | 20 |
| EIP_is_at_spurious_fault | 20 |
| Kernel_panic-not_syncing:Attempted_to_kill_the_idle_task | 20 |
| backtrace:error_code | 20 |
| backtrace:mem_init | 20 |
+----------------------------------------------------------+------------+
[ 0.000000] .text : 0x87c00000 - 0x8891c411 (13425 kB)
[ 0.000000] Checking if this processor honours the WP bit even in supervisor mode...
[ 0.000000] ------------[ cut here ]------------
[ 0.000000] kernel BUG at arch/x86/include/asm/pgtable.h:451!
[ 0.000000] invalid opcode: 0000 [#1] DEBUG_PAGEALLOC
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 3.14.0-00002-gb1a008d #380
[ 0.000000] task: 88efe820 ti: 88efa000 task.ti: 88efa000
[ 0.000000] EIP: 0060:[<87ca16ea>] EFLAGS: 00210002 CPU: 0
[ 0.000000] EIP is at spurious_fault+0x12a/0x250
[ 0.000000] EAX: 00000001 EBX: 00000001 ECX: 00000000 EDX: 00000000
[ 0.000000] ESI: 00000003 EDI: 8948fa84 EBP: 88efbe70 ESP: 88efbe50
[ 0.000000] DS: 007b ES: 007b FS: 0000 GS: 00e0 SS: 0068
[ 0.000000] CR0: 8005003b CR2: ffea1000 CR3: 1148c000 CR4: 00000690
[ 0.000000] Stack:
[ 0.000000] 00000000 00000000 00000001 1148c161 8948cffc 00000001 ffea1000 00000003
[ 0.000000] 88efbf04 87ca18ed 89053a50 89053a50 87d161cf 00000001 89053a40 00000001
[ 0.000000] 890539f0 890539f0 00000001 890539e0 88efbeb0 88efe820 0000005c 00000000
[ 0.000000] Call Trace:
[ 0.000000] [<87ca18ed>] __do_page_fault+0xdd/0x870
[ 0.000000] [<87d161cf>] ? console_unlock+0x41f/0x780
[ 0.000000] [<8891824d>] ? _raw_spin_unlock_irqrestore+0x6d/0x70
[ 0.000000] [<87d161f6>] ? console_unlock+0x446/0x780
[ 0.000000] [<8891824d>] ? _raw_spin_unlock_irqrestore+0x6d/0x70
[ 0.000000] [<87d0a226>] ? trace_hardirqs_off_caller+0x66/0xb0
[ 0.000000] [<87c9e230>] ? kvm_read_and_reset_pf_reason+0x40/0x40
[ 0.000000] [<87ca22f1>] do_page_fault+0x21/0x30
[ 0.000000] [<87c9e25e>] do_async_page_fault+0x2e/0x90
[ 0.000000] [<88919862>] error_code+0x6a/0x70
[ 0.000000] [<87ca007b>] ? perf_reg_value+0x9b/0x1a0
[ 0.000000] [<8890036e>] ? do_test_wp_bit+0x19/0x23
[ 0.000000] [<893ff0d8>] mem_init+0x1dc/0x23d
[ 0.000000] [<893e6000>] ? x86_cpu_to_apicid+0x9fa/0x9fa
[ 0.000000] [<893e6b5a>] start_kernel+0x1cf/0x47d
[ 0.000000] [<893e6674>] ? repair_env_string+0x99/0x99
[ 0.000000] [<893e63c7>] i386_start_kernel+0x175/0x178
[ 0.000000] Code: 07 89 45 ec c1 e8 08 89 c3 b8 f0 4a 0f 89 83 e3 01 89 da e8 39 42 0d 00 8b 04 9d ac 71 15 89 40 85 db 89 04 9d ac 71 15 89 74 11 <0f> 0b 8b 55 f0 89 f0 e8 5a f0 ff ff e9 fc fe ff ff 31 c0 f7 45
[ 0.000000] EIP: [<87ca16ea>] spurious_fault+0x12a/0x250 SS:ESP 0068:88efbe50
[ 0.000000] ---[ end trace 05e0c07eb1c663a6 ]---
[ 0.000000] Kernel panic - not syncing: Attempted to kill the idle task!
git bisect start cc12f00ec1a594b08da422a968be635207aa381c 455c6fdbd219161bd09b1165f11699d6d73de11c --
git bisect bad a92381a9275878a5b3a7ab82d62b7f80ee2a7cc6 # 01:42 0- 20 Merge 'balancenuma/mm-numa-use-high-bit-v3r1' into devel-f4-i386-201404100103
git bisect good 32c51c7b49778c2d2bb61ac9b0bb4872c7f066d2 # 01:51 20+ 0 0day base guard for 'devel-f4-i386-201404100103'
git bisect good 41a3bfe0d363cb3949eebc20d563674edc412599 # 01:56 20+ 1 Merge 'mlankhorst/master' into devel-f4-i386-201404100103
git bisect bad 62251a838c47fc8aee402555d8c50475a7584669 # 02:00 0- 20 mm: Allow FOLL_NUMA on FOLL_FORCE
git bisect bad b1a008d57c41562cb9f3fe6159205f971483d66a # 02:03 0- 19 x86: Define _PAGE_NUMA by reusing software bits on the PMD and PTE levels
git bisect good 71bca17d99b3609af44e343287598fb41dd67750 # 02:07 20+ 0 x86: Require x86-64 for automatic NUMA balancing
# first bad commit: [b1a008d57c41562cb9f3fe6159205f971483d66a] x86: Define _PAGE_NUMA by reusing software bits on the PMD and PTE levels
git bisect good 71bca17d99b3609af44e343287598fb41dd67750 # 02:10 60+ 0 x86: Require x86-64 for automatic NUMA balancing
git bisect bad cc12f00ec1a594b08da422a968be635207aa381c # 02:10 0- 13 0day head guard for 'devel-f4-i386-201404100103'
git bisect good 39de65aa2c3eee901db020a4f1396998e09602a3 # 02:13 60+ 0 Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
git bisect good 35e2933ca69ef1b8061e5aee090535410336e063 # 02:20 60+ 0 Add linux-next specific files for 20140409
This script may reproduce the error.
-----------------------------------------------------------------------------
#!/bin/bash
kernel=$1
kvm=(
qemu-system-x86_64 -cpu kvm64 -enable-kvm
-kernel $kernel
-smp 2
-m 256M
-net nic,vlan=0,macaddr=00:00:00:00:00:00,model=virtio
-net user,vlan=0
-net nic,vlan=1,model=e1000
-net user,vlan=1
-boot order=nc
-no-reboot
-watchdog i6300esb
-serial stdio
-display none
-monitor null
)
append=(
debug
sched_debug
apic=debug
ignore_loglevel
sysrq_always_enabled
panic=10
prompt_ramdisk=0
earlyprintk=ttyS0,115200
console=ttyS0,115200
console=tty0
vga=normal
root=/dev/ram0
rw
)
"${kvm[@]}" --append "${append[*]}"
-----------------------------------------------------------------------------
Thanks,
Fengguang
View attachment "dmesg-quantal-f3-41:20140410020242:i386-randconfig-fd3-0410:3.14.0-00002-gb1a008d:380" of type "text/plain" (12372 bytes)
Download attachment "i386-randconfig-fd3-0410-cc12f00ec1a594b08da422a968be635207aa381c-kernel-BUG-at-107624.log" of type "application/octet-stream" (34500 bytes)
View attachment "config-3.14.0-00002-gb1a008d" of type "text/plain" (91268 bytes)
Powered by blists - more mailing lists