BUG: unable to handle page fault for address - EIP: __kmap_local_page_prot

From: Naresh Kamboju
Date: Wed May 19 2021 - 11:08:38 EST


While running LTP mm test suite on i386 kernel the following warning and BUG
reported on linux next 5.13.0-rc2-next-20210519.

The warning is not regression, We have been noticing these warnings often on
i386 but kernel BUG: looks to be a new crash.

------------[ cut here ]------------
[ 696.876399] WARNING: CPU: 1 PID: 24493 at mm/mremap.c:314
move_page_tables+0x18d/0x6e0
[ 696.884319] Modules linked in: x86_pkg_temp_thermal
05.c:78: TPASS: [ 696.889246] CPU: 1 PID: 24493 Comm: true Not
tainted 5.13.0-rc2-next-20210519 #1
[ 696.898018] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
2.2 05/23/2018
[ 696.905462] EIP: move_page_tables+0x18d/0x6e0
still alive.
ks[ 696.909865] Code: 40 20 8b 40 24 89 c1 01 d9 0f 84 36 04 00 00 8b
55 08 c1 ea 16 8d 04 90 85 c0 0f 84 e5 02 00 00 80 7d bb 00 0f 85 23
04 00 00 <0f> 0b 80 7d bb 00 0f 84 f7 fe ff ff 8b 45 c8 e8 1f fe ff ff
e9 ea
[ 696.929986] EAX: c28a5bf8 EBX: 00000bfc ECX: c28a5bfc EDX: 000002fe
[ 696.936323] ESI: c0000000 EDI: bfc00000 EBP: c86ffe14 ESP: c86ffda8
m05.c:78: TPASS:[ 696.942614] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS:
0068 EFLAGS: 00010246
[ 696.950777] CR0: 80050033 CR2: b7e13b50 CR3: 028a5000 CR4: 003506d0
[ 696.957043] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 696.963310] DR6: fffe0ff0 DR7: 00000400
[ 696.967148] Call Trace:
[ 696.969594] setup_arg_pages+0x28c/0x380
still alive.
k[ 696.973563] ? get_random_u32+0x35/0x80
[ 696.978779] ? trace_hardirqs_off+0x2f/0xc0
sm05.c:78: TPASS[ 696.983006] ? trace_hardirqs_on+0x2d/0xc0
[ 696.988484] ? _raw_spin_unlock_irqrestore+0x18/0x20
[ 696.993467] ? get_random_u32+0x4e/0x80
[ 696.997385] load_elf_binary+0x31e/0x11c0
[ 697.001452] ? security_file_permission+0x97/0x170
[ 697.006277] ? kernel_read+0x31/0x40
[ 697.009907] bprm_execve+0x233/0x5f0
[ 697.013541] do_execveat_common+0x129/0x150
[ 697.017725] __ia32_sys_execve+0x28/0x30
[ 697.021650] __do_fast_syscall_32+0x4c/0xc0
[ 697.025835] do_fast_syscall_32+0x29/0x60
[ 697.029850] do_SYSENTER_32+0x15/0x20
[ 697.033516] entry_SYSENTER_32+0x98/0xe7
[ 697.037441] EIP: 0xb7f12549
[ 697.040243] Code: Unable to access opcode bytes at RIP 0xb7f1251f.
: still alive.
[ 697.046462] EAX: ffffffda EBX: bfd72c00 ECX: 0806b460 EDX: bfd72e54
[ 697.054106] ESI: 0805af94 EDI: bfd72c09 EBP: bfd72cc8 ESP: bfd72bd8
[ 697.060425] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 007b EFLAGS: 00000296
[ 697.067210] ---[ end trace 7b789866f6f48389 ]---
[ 697.071832] ------------[ cut here ]------------

...
ksm05.c:78: TPASS: still alive.

[ 699.637408] BUG: unable to handle page fault for address: f752b000
[ 699.644091] #PF: supervisor read access in kernel mode
[ 699.649222] #PF: error_code(0x0000) - not-present page
[ 699.654357] *pde = 01106067 *pte = 00000000
[ 699.658666] Oops: 0000 [#1] SMP
[ 699.661806] CPU: 1 PID: 24636 Comm: true Tainted: G W
5.13.0-rc2-next-20210519 #1
[ 699.670583] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
2.2 05/23/2018
[ 699.677966] EIP: __kmap_local_page_prot+0x6/0x40
[ 699.682614] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
ff ff
[ 699.701371] EAX: f752b000 EBX: 00000004 ECX: bf400000 EDX: 00000163
[ 699.707640] ESI: f752b000 EDI: c86ffecc EBP: c86ffe60 ESP: c86ffe00
[ 699.713897] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
[ 699.720676] CR0: 80050033 CR2: f752b000 CR3: 028a5000 CR4: 003506d0
[ 699.726934] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 699.733197] DR6: fffe0ff0 DR7: 00000400
[ 699.737027] Call Trace:
[ 699.739474] ? unmap_page_range+0x154/0x690
[ 699.743658] unmap_single_vma+0x61/0xc0
[ 699.747489] unmap_vmas+0x6f/0xf0
[ 699.750800] exit_mmap+0x71/0x1c0
[ 699.754110] mmput+0x57/0x100
[ 699.757075] do_exit+0x2da/0x9e0
[ 699.760306] ? syscall_trace_enter.isra.0+0x148/0x1b0
[ 699.765372] do_group_exit+0x36/0x90
[ 699.768955] __ia32_sys_exit_group+0x15/0x20
[ 699.773220] __do_fast_syscall_32+0x4c/0xc0
[ 699.777405] do_fast_syscall_32+0x29/0x60
[ 699.781409] do_SYSENTER_32+0x15/0x20
[ 699.785066] entry_SYSENTER_32+0x98/0xe7
[ 699.788984] EIP: 0x1ff58549
[ 699.791774] Code: Unable to access opcode bytes at RIP 0x1ff5851f.
[ 699.797945] EAX: ffffffda EBX: 00000000 ECX: 00000001 EDX: 00000000
[ 699.804202] ESI: 1ff471f0 EDI: 1ff493fc EBP: 00000000 ESP: bf1ff3cc
[ 699.810458] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 007b EFLAGS: 00000296
[ 699.817236] Modules linked in: x86_pkg_temp_thermal
[ 699.822115] CR2: 00000000f752b000
[ 699.825426] ---[ end trace 7b789866f6f4838b ]---
[ 699.830036] EIP: __kmap_local_page_prot+0x6/0x40
[ 699.834655] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
ff ff
[ 699.853401] EAX: f752b000 EBX: 00000004 ECX: bf400000 EDX: 00000163
[ 699.859658] ESI: f752b000 EDI: c86ffecc EBP: c86ffe60 ESP: c86ffe00
[ 699.865915] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
[ 699.872690] CR0: 80050033 CR2: f752b000 CR3: 028a5000 CR4: 003506d0
[ 699.878948] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 699.885207] DR6: fffe0ff0 DR7: 00000400
[ 699.889036] Fixing recursive fault but reboot is needed!

ksm05.c:78: TPASS: still alive.
..
[ 1599.651922] BUG: unable to handle page fault for address: f7d64000
[ 1599.658959] #PF: supervisor read access in kernel mode
[ 1599.664088] #PF: error_code(0x0000) - not-present page
[ 1599.669219] *pde = 00000000
[ 1599.672097] Oops: 0000 [#2] SMP
[ 1599.675236] CPU: 3 PID: 24646 Comm: thp02 Tainted: G D W
5.13.0-rc2-next-20210519 #1
[ 1599.684102] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
2.2 05/23/2018
[ 1599.691485] EIP: __kmap_local_page_prot+0x6/0x40
[ 1599.696102] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
ff ff
[ 1599.714840] EAX: f7d64000 EBX: b5800000 ECX: b5800000 EDX: 00000163
[ 1599.721097] ESI: f7d64000 EDI: c1a5decc EBP: c1a5de60 ESP: c1a5de00
[ 1599.727354] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
[ 1599.734132] CR0: 80050033 CR2: f7d64000 CR3: 19fce000 CR4: 003506d0
[ 1599.740387] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 1599.746646] DR6: fffe0ff0 DR7: 00000400
[ 1599.750477] Call Trace:
[ 1599.752919] ? unmap_page_range+0x154/0x690
[ 1599.757096] unmap_single_vma+0x61/0xc0
[ 1599.760929] unmap_vmas+0x6f/0xf0
[ 1599.764246] exit_mmap+0x71/0x1c0
[ 1599.767558] mmput+0x57/0x100
[ 1599.770531] do_exit+0x2da/0x9e0
[ 1599.773763] ? syscall_trace_enter.isra.0+0x148/0x1b0
[ 1599.778815] do_group_exit+0x36/0x90
[ 1599.782393] __ia32_sys_exit_group+0x15/0x20
[ 1599.786659] __do_fast_syscall_32+0x4c/0xc0
[ 1599.790845] do_fast_syscall_32+0x29/0x60
[ 1599.794857] do_SYSENTER_32+0x15/0x20
[ 1599.798513] entry_SYSENTER_32+0x98/0xe7
[ 1599.802441] EIP: 0xb7fa6549
[ 1599.805237] Code: Unable to access opcode bytes at RIP 0xb7fa651f.
[ 1599.811408] EAX: ffffffda EBX: 00000002 ECX: 00000000 EDX: bfff8660
[ 1599.817665] ESI: b7f761f0 EDI: b7f783fc EBP: 00000000 ESP: bfff866c
[ 1599.823922] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 007b EFLAGS: 00000296
[ 1599.830702] Modules linked in: x86_pkg_temp_thermal
[ 1599.835579] CR2: 00000000f7d64000
[ 1599.838890] ---[ end trace 7b789866f6f4838c ]---
[ 1599.843499] EIP: __kmap_local_page_prot+0x6/0x40
[ 1599.848111] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
ff ff
[ 1599.866849] EAX: f752b000 EBX: 00000004 ECX: bf400000 EDX: 00000163
[ 1599.873114] ESI: f752b000 EDI: c86ffecc EBP: c86ffe60 ESP: c86ffe00
[ 1599.879369] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
[ 1599.886148] CR0: 80050033 CR2: f7d64000 CR3: 19fce000 CR4: 003506d0
[ 1599.892404] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 1599.898661] DR6: fffe0ff0 DR7: 00000400
[ 1599.902493] Fixing recursive fault but reboot is needed!
O: mremap (0xb6c00000-0xb7bff000) to (0xb5800000-0xb67ff000)
thp02.c:84: TBROK: mremap bug

Reported-by: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>

Links:
https://lkft.validation.linaro.org/scheduler/job/2742412#L8838

Step to reproduce:
------------------
# cd /opt/ltp
# ./runltp -f mm

metadata:
git branch: master
git repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next
git commit: 9f24705effef8c3b9eca00d70594ef7e0364a6da
git describe: next-20210519
make_kernelversion: 5.13.0-rc2
kernel-config: https://builds.tuxbuild.com/1sk6bnicwdtrZQO2wqfaMdsZO5z/config

--
Linaro LKFT
https://lkft.linaro.org