RCU splat in 5.13.3: kernel/rcu/tree_plugin.h:359 rcu_note_context_switch
From: Ilkka Prusi
Date: Mon Jul 19 2021 - 15:44:03 EST
Hi,
I've encountered this splat for a second time, previously with 5.13.2
and now with 5.13.3.
Closing the browser seemed to trigger this (I was following with dmesg -w).
Splat with decode_stacktrace below. I'm not on the list so cc me if
additional info is needed.
- Ilkka
[16370.451116] ------------[ cut here ]------------
[16370.451122] WARNING: CPU: 15 PID: 6417 at
kernel/rcu/tree_plugin.h:359 rcu_note_context_switch
(kernel/rcu/tree_plugin.h:359)
[16370.451129] Modules linked in: snd_seq_dummy(E) snd_seq(E) uinput(E)
nfnetlink(E) binfmt_misc(E) nls_ascii(E) nls_cp850(E) vfat(E) fat(E)
amdgpu(E) intel_rapl_msr(E) intel_rapl_common(E) iosf_mbi(E)
edac_mce_amd(E) kvm_amd(E) snd_hda_codec_realtek(E) kvm(E)
snd_usb_audio(E) snd_hda_codec_generic(E) gpu_sched(E) igb(E)
snd_usbmidi_lib(E) snd_hda_codec_hdmi(E) snd_rawmidi(E) ledtrig_audio(E)
snd_hda_intel(E) irqbypass(E) drm_ttm_helper(E) snd_seq_device(E)
snd_intel_dspcfg(E) hid_sony(E) ttm(E) mc(E) drm_kms_helper(E)
snd_hda_codec(E) syscopyarea(E) sysfillrect(E) ff_memless(E)
snd_hda_core(E) sysimgblt(E) snd_hwdep(E) crct10dif_pclmul(E)
crc32_pclmul(E) snd_pcm(E) ghash_clmulni_intel(E) dca(E) ccp(E)
fb_sys_fops(E) snd_timer(E) aesni_intel(E) cec(E) i2c_algo_bit(E)
rng_core(E) snd(E) soundcore(E) sg(E) wmi_bmof(E) i2c_piix4(E)
crypto_simd(E) k10temp(E) cryptd(E) acpi_cpufreq(E) rapl(E) wmi(E)
efi_pstore(E) button(E) nfsd(E) auth_rpcgss(E) nfs_acl(E) lockd(E) grace(E)
[16370.451166] sunrpc(E) drm(E) msr(E) agpgart(E) fuse(E) configfs(E)
efivarfs(E) ip_tables(E) x_tables(E) ipv6(E) autofs4(E) efivars(E)
raid10(E) raid456(E) libcrc32c(E) async_raid6_recov(E) async_memcpy(E)
async_pq(E) async_xor(E) xor(E) async_tx(E) raid6_pq(E) raid1(E)
raid0(E) multipath(E) linear(E) md_mod(E) input_leds(E) evdev(E)
joydev(E) hid_generic(E) usbhid(E) hid(E) xhci_pci(E) xhci_hcd(E)
crc32c_intel(E) usbcore(E) sd_mod(E) t10_pi(E) thermal(E)
[16370.451190] CPU: 15 PID: 6417 Comm: Chrome_ChildIOT Tainted:
G E 5.13.3 #61
[16370.451194] Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS
ELITE/X570 AORUS ELITE, BIOS F21 08/20/2020
[16370.451196] RIP: 0010:rcu_note_context_switch
(kernel/rcu/tree_plugin.h:359)
[16370.451200] Code: 25 c0 6c 01 00 41 54 55 89 fd 53 48 c7 c3 40 1b 02
00 65 48 03 1d b0 57 f5 7e 40 84 ff 75 0d 41 8b 95 0c 03 00 00 85 d2 7e
02 <0f> 0b 65 48 8b 04 25 c0 6c 01 00 8b 80 0c 03 00 00 85 c0 7e 0a 41
All code
========
0: 25 c0 6c 01 00 and $0x16cc0,%eax
5: 41 54 push %r12
7: 55 push %rbp
8: 89 fd mov %edi,%ebp
a: 53 push %rbx
b: 48 c7 c3 40 1b 02 00 mov $0x21b40,%rbx
12: 65 48 03 1d b0 57 f5 add %gs:0x7ef557b0(%rip),%rbx
# 0x7ef557ca
19: 7e
1a: 40 84 ff test %dil,%dil
1d: 75 0d jne 0x2c
1f: 41 8b 95 0c 03 00 00 mov 0x30c(%r13),%edx
26: 85 d2 test %edx,%edx
28: 7e 02 jle 0x2c
2a:* 0f 0b ud2 <-- trapping instruction
2c: 65 48 8b 04 25 c0 6c mov %gs:0x16cc0,%rax
33: 01 00
35: 8b 80 0c 03 00 00 mov 0x30c(%rax),%eax
3b: 85 c0 test %eax,%eax
3d: 7e 0a jle 0x49
3f: 41 rex.B
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 65 48 8b 04 25 c0 6c mov %gs:0x16cc0,%rax
9: 01 00
b: 8b 80 0c 03 00 00 mov 0x30c(%rax),%eax
11: 85 c0 test %eax,%eax
13: 7e 0a jle 0x1f
15: 41 rex.B
[16370.451202] RSP: 0000:ffffc90002fa3af0 EFLAGS: 00010002
[16370.451205] RAX: 0000000000000001 RBX: ffff88842ebe1b40 RCX:
0000000000000000
[16370.451206] RDX: 0000000000000001 RSI: ffffea000e152ac0 RDI:
0000000000000000
[16370.451208] RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000010
[16370.451209] R10: ffffffffffffffe9 R11: 0000000000000002 R12:
0000000000000000
[16370.451211] R13: ffff88812c330000 R14: ffffea000e152ac0 R15:
ffff88842ebe0e80
[16370.451212] FS: 00007fec7df73700(0000) GS:ffff88842ebc0000(0000)
knlGS:0000000000000000
[16370.451214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[16370.451216] CR2: 00007fec7af55000 CR3: 0000000105dc4000 CR4:
00000000001506e0
[16370.451217] Call Trace:
[16370.451221] __schedule (kernel/sched/sched.h:1334
kernel/sched/core.c:5065)
[16370.451225] schedule (./arch/x86/include/asm/preempt.h:85
(discriminator 1) kernel/sched/core.c:5231 (discriminator 1))
[16370.451228] io_schedule (kernel/sched/core.c:7193
kernel/sched/core.c:7219)
[16370.451230] wait_on_page_bit_common (mm/filemap.c:1293)
[16370.451234] ? __filemap_set_wb_err (./include/linux/pagemap.h:593
mm/filemap.c:1080)
[16370.451237] shmem_swapin_page (./include/linux/pagemap.h:626
mm/shmem.c:1732)
[16370.451240] ? xas_load (./include/linux/xarray.h:169
./include/linux/xarray.h:1226 lib/xarray.c:235)
[16370.451243] ? pagecache_get_page (mm/filemap.c:1841)
[16370.451246] shmem_getpage_gfp (mm/shmem.c:1838)
[16370.451249] shmem_fault (mm/shmem.c:2130)
[16370.451252] __do_fault (mm/memory.c:3728)
[16370.451254] __handle_mm_fault (mm/memory.c:4032 mm/memory.c:4160
mm/memory.c:4419 mm/memory.c:4554)
[16370.451257] handle_mm_fault (mm/memory.c:4652)
[16370.451259] exc_page_fault (./include/linux/sched/signal.h:404
arch/x86/mm/fault.c:1392 arch/x86/mm/fault.c:1475 arch/x86/mm/fault.c:1531)
[16370.451262] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:568)
[16370.451264] asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:568)
[16370.451266] RIP: 0033:0x55e50d28b456
[16370.451268] Code: e8 3f f4 ff ff eb 48 41 8b 42 24 89 c1 83 c9 02 45
31 f6 f0 41 0f b1 4a 24 74 34 89 c1 83 c9 02 f0 41 0f b1 4a 24 75 f3 eb
25 <41> 83 3b 00 75 17 41 83 7b 04 00 75 10 41 8b 43 08 85 c0 75 08 41
All code
========
0: e8 3f f4 ff ff callq 0xfffffffffffff444
5: eb 48 jmp 0x4f
7: 41 8b 42 24 mov 0x24(%r10),%eax
b: 89 c1 mov %eax,%ecx
d: 83 c9 02 or $0x2,%ecx
10: 45 31 f6 xor %r14d,%r14d
13: f0 41 0f b1 4a 24 lock cmpxchg %ecx,0x24(%r10)
19: 74 34 je 0x4f
1b: 89 c1 mov %eax,%ecx
1d: 83 c9 02 or $0x2,%ecx
20: f0 41 0f b1 4a 24 lock cmpxchg %ecx,0x24(%r10)
26: 75 f3 jne 0x1b
28: eb 25 jmp 0x4f
2a:* 41 83 3b 00 cmpl $0x0,(%r11) <-- trapping
instruction
2e: 75 17 jne 0x47
30: 41 83 7b 04 00 cmpl $0x0,0x4(%r11)
35: 75 10 jne 0x47
37: 41 8b 43 08 mov 0x8(%r11),%eax
3b: 85 c0 test %eax,%eax
3d: 75 08 jne 0x47
3f: 41 rex.B
Code starting with the faulting instruction
===========================================
0: 41 83 3b 00 cmpl $0x0,(%r11)
4: 75 17 jne 0x1d
6: 41 83 7b 04 00 cmpl $0x0,0x4(%r11)
b: 75 10 jne 0x1d
d: 41 8b 43 08 mov 0x8(%r11),%eax
11: 85 c0 test %eax,%eax
13: 75 08 jne 0x1d
15: 41 rex.B
[16370.451270] RSP: 002b:00007fec7df71520 EFLAGS: 00010246
[16370.451272] RAX: 0000000000027000 RBX: 0000000000019000 RCX:
0000000000040000
[16370.451273] RDX: 00000000000270a0 RSI: 00000000000000a0 RDI:
00001f03e4c26b00
[16370.451275] RBP: 00007fec7df71530 R08: 00000000f1645913 R09:
0000000000027000
[16370.451276] R10: 00007fec7af2e000 R11: 00007fec7af55000 R12:
0000000000000001
[16370.451277] R13: 00001f03e4c28500 R14: 0000000000000000 R15:
000000000000008d
[16370.451280] ---[ end trace 1077aeee7e77856f ]---