Hi Paul, Thanks a lot for the confirmation!
On 5/6/25 7:38 오전, Paul E. McKenney wrote: >> Hi all, >> >> I encountered a kernel panic in the RCU core subsystem while running a >> stress-ng on a virtualized ARM64 system. >> >> This panic consistently occurs regardless of whether I increase or decrease >> the memory size. >> >> The crash seems to originate from rcu_do_batch(), jumping to a pointer >> (0xffff00003a114000) that appears to be non-executable. >> The PTE for the address confirms XN=1. Given the heavy binderfs workload, I >> suspect there may be a use-after-free or dangling pointer involved in a >> callback invocation. > The CONFIG_DEBUG_OBJECTS_RCU_HEAD=y Kconfig option can be helpful in > tracking this sort of thing down. KASAN is another option. > > OK, I see below that you already saw these, so I guess that I am at > least providing confirmation. 😉 > > Thanx, Paul I'll continue analyzing this issue and take the opportunity to study the RCU internals in more depth as I go. Best regards, Yunseong Kim
