Re: BUG: Bad page map in process init pte:c0ab684c pmd:01182000 (on a PowerMac G4 DP)
On Thu, 29 Feb 2024 17:11:28 + Christophe Leroy wrote: > Interesting. > > I guess 0xe000 is where linear RAM starts to be mapped with pages ? > Can you confirm with a dump of > /sys/kernel/debug/powerpc/block_address_translation ? # cat /sys/kernel/debug/powerpc/block_address_translation ---[ Instruction Block Address Translation ]--- 0: 0xc000-0xc0ff 0x16M Kernel x m 1: 0xc100-0xc13f 0x0100 4M Kernel x m 2: 0xc140-0xc15f 0x0140 2M Kernel x m 3: 0xc160-0xc16f 0x0160 1M Kernel x m 4: - 5: - 6: - 7: - ---[ Data Block Address Translation ]--- 0: 0xc000-0xc0ff 0x16M Kernel r m 1: 0xc100-0xc17f 0x0100 8M Kernel r m 2: 0xc180-0xc1bf 0x0180 4M Kernel r m 3: 0xf800-0xfbff 0x7c0064M Kernel rw m 4: 0xfc00-0xfdff 0x7a0032M Kernel rw m 5: - 6: - 7: - block_address_translation looks different after the page corruption: # cat /sys/kernel/debug/powerpc/block_address_translation ---[ Instruction Block Address Translation ]--- 0: 0xc000-0xc1ff 0x32M Kernel x m 1: - 2: - 3: - 4: - 5: - 6: - 7: - ---[ Data Block Address Translation ]--- 0: 0xc000-0xc0ff 0x16M Kernel rw m 1: 0xc100-0xc17f 0x0100 8M Kernel rw m 2: 0xc180-0xc1bf 0x0180 4M Kernel rw m 3: 0xf800-0xfbff 0x7c0064M Kernel rw m 4: 0xfc00-0xfdff 0x7a0032M Kernel rw m 5: - 6: - 7: - > Do we have a problem of race with hash table ? > > Would KCSAN help with that ? KCSAN did not report any hits during "stress -m 2 --vm-bytes 965M". Options used: KCSAN_SELFTEST=y, KCSAN_REPORT_ONCE_IN_MS=12000, KCSAN_REPORT_RACE_UNKNOWN_ORIGIN=y, KCSAN_STRICT=y, KCSAN_WEAK_MEMORY=y. Regards, Erhard
Re: BUG: Bad page map in process init pte:c0ab684c pmd:01182000 (on a PowerMac G4 DP)
Le 29/02/2024 à 02:09, Erhard Furtner a écrit : > On Mon, 12 Dec 2022 14:31:35 +1000 > "Nicholas Piggin" wrote: > >> On Thu Dec 1, 2022 at 7:44 AM AEST, Erhard F. wrote: >>> Getting this at boot sometimes, but not always (PowerMac G4 DP, kernel >>> 6.0.9): >>> >>> [...] >>> Freeing unused kernel image (initmem) memory: 1328K >>> Checked W+X mappings: passed, no W+X pages found >>> rodata_test: all tests were successful >>> Run /sbin/init as init process >>> _swap_info_get: Bad swap file entry 24c0ab68 >>> BUG: Bad page map in process init pte:c0ab684c pmd:01182000 >> >> Have you run memtest on the system? Are the messages related to a >> kernel upgrade? This and your KASAN bugs look possibly like random >> corruption. >> >> Although with that KASAN one it's strange that kernfs_node_cache >> was involved both times, it's strange that page tables are pointing >> to that same slab memory. It could be a page table page use-after >> -free maybe? Maybe with the page table fragment code. I'm sure other >> people would have hit that before though, so I don't know what to >> suggest. >> >> Thanks, >> Nick > > Revisited the issue on kernel v6.8-rc6 and I can still reproduce it. > > Short summary as my last post was over a year ago: > (x) I get this memory corruption only when CONFIG_VMAP_STACK=y and > CONFIG_SMP=y is enabled. > (x) I don't get this memory corruption when only one of the above is > enabled. ^^ > (x) memtester says the 2 GiB RAM in my G4 DP are fine. > (x) I don't get this issue on my G5 11,2 or Talos II. > (x) "stress -m 2 --vm-bytes 965M" provokes the issue in < 10 secs. > (https://salsa.debian.org/debian/stress) > > For the test I used CONFIG_KASAN_INLINE=y for v6.8-rc6 and > debug_pagealloc=on, page_owner=on and got this dmesg: > > [...] > pagealloc: memory corruption > f5fcfff0: 00 00 00 00 > CPU: 1 PID: 1788 Comm: stress Tainted: GB 6.8.0-rc6-PMacG4 > #15 > Hardware name: PowerMac3,6 7455 0x80010303 PowerMac > Call Trace: > [f3bfbac0] [c162a8e8] dump_stack_lvl+0x60/0x94 (unreliable) > [f3bfbae0] [c04edf9c] __kernel_unpoison_pages+0x1e0/0x1f0 > [f3bfbb30] [c04a8aa0] post_alloc_hook+0xe0/0x174 > [f3bfbb60] [c04a8b58] prep_new_page+0x24/0xbc > [f3bfbb80] [c04abcc4] get_page_from_freelist+0xcd0/0xf10 > [f3bfbc50] [c04aecd8] __alloc_pages+0x204/0xe2c > [f3bfbda0] [c04b07a8] __folio_alloc+0x18/0x88 > [f3bfbdc0] [c0461a10] vma_alloc_zeroed_movable_folio.isra.0+0x2c/0x6c > [f3bfbde0] [c046bb90] handle_mm_fault+0x91c/0x19ac > [f3bfbec0] [c0047b8c] ___do_page_fault+0x93c/0xc14 > [f3bfbf10] [c0048278] do_page_fault+0x28/0x60 > [f3bfbf30] [c000433c] DataAccess_virt+0x124/0x17c > --- interrupt: 300 at 0xbe30d8 > NIP: 00be30d8 LR: 00be30b4 CTR: > REGS: f3bfbf40 TRAP: 0300 Tainted: GB (6.8.0-rc6-PMacG4) > MSR: d032 CR: 20882464 XER: > DAR: 88c7a010 DSISR: 4200 > GPR00: 00be30b4 af8397d0 a78436c0 6b2ee010 3c50 20224462 fe77f7e1 00b00264 > GPR08: 1d98d000 1d98c000 40ae256a 20882262 00b4 > GPR16: 0002 005a 40802262 80002262 40002262 00c000a4 > GPR24: 3c50 6b2ee010 00c07d64 1000 > NIP [00be30d8] 0xbe30d8 > LR [00be30b4] 0xbe30b4 > --- interrupt: 300 > page:ef4bd92c refcount:1 mapcount:0 mapping: index:0x1 pfn:0x310b3 > flags: 0x8000(zone=2) > page_type: 0x() > raw: 8000 0100 0122 0001 0001 > raw: > page dumped because: pagealloc: corrupted page details > page_owner info is not present (never set?) > swapper/1: page allocation failure: order:0, mode:0x820(GFP_ATOMIC), > nodemask=(null),cpuset=/,mems_allowed=0 > CPU: 1 PID: 0 Comm: swapper/1 Tainted: GB 6.8.0-rc6-PMacG4 > #15 > Hardware name: PowerMac3,6 7455 0x80010303 PowerMac > Call Trace: > [f101b9d0] [c162a8e8] dump_stack_lvl+0x60/0x94 (unreliable) > [f101b9f0] [c04ae948] warn_alloc+0x154/0x2e0 > [f101bab0] [c04af030] __alloc_pages+0x55c/0xe2c > SLUB: Unable to allocate memory on node -1, gfp=0x820(GFP_ATOMIC) >cache: skbuff_head_cache, object size: 176, buffer size: 288, default > order: 0, min order: 0 >node 0: slabs: 509, objs: 7126, free: 0 > SLUB: Unable to allocate memory on node -1, gfp=0x820(GFP_ATOMIC) >cache: skbuff_head_cache, object size: 176, buffer size: 288, default > order: 0, min order: 0 >node 0: slabs: 509, objs: 7126, free: 0 > SLUB: Unable to allocate memory on node -1, gfp=0x820(GFP_ATOMIC) >cache: skbuff_head_cache, object size: 176, buffer size: 288, default > order: 0, min order: 0 >node 0: slabs: 509, objs: 7126, free: 0 > SLUB: Unable to allocate memory on node -1, gfp=0x820(GFP_ATOMIC) >cache: skbuff_head_cache, object size: 176, buffer size: 288, default > order: 0, min order: 0 >node 0: slabs: 509, objs: 7126, free: 0 > SLUB: Unable to allocate memory on node -1,
[Bug 216713] BUG: Bad page map in process init pte:c0ab684c pmd:01182000 (on a PowerMac G4 DP)
https://bugzilla.kernel.org/show_bug.cgi?id=216713 Erhard F. (erhar...@mailbox.org) changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |MOVED --- Comment #2 from Erhard F. (erhar...@mailbox.org) --- Moved to linux-mm. -- You may reply to this email to add a comment. You are receiving this mail because: You are watching the assignee of the bug.
[Bug 216713] BUG: Bad page map in process init pte:c0ab684c pmd:01182000 (on a PowerMac G4 DP)
https://bugzilla.kernel.org/show_bug.cgi?id=216713 --- Comment #1 from Erhard F. (erhar...@mailbox.org) --- Created attachment 303244 --> https://bugzilla.kernel.org/attachment.cgi?id=303244=edit kernel .config (6.0.9, PowerMac G4 DP) -- You may reply to this email to add a comment. You are receiving this mail because: You are watching the assignee of the bug.
[Bug 216713] New: BUG: Bad page map in process init pte:c0ab684c pmd:01182000 (on a PowerMac G4 DP)
https://bugzilla.kernel.org/show_bug.cgi?id=216713 Bug ID: 216713 Summary: BUG: Bad page map in process init pte:c0ab684c pmd:01182000 (on a PowerMac G4 DP) Product: Platform Specific/Hardware Version: 2.5 Kernel Version: 6.0.9 Hardware: PPC-32 OS: Linux Tree: Mainline Status: NEW Severity: normal Priority: P1 Component: PPC-32 Assignee: platform_ppc...@kernel-bugs.osdl.org Reporter: erhar...@mailbox.org Regression: No Created attachment 303243 --> https://bugzilla.kernel.org/attachment.cgi?id=303243=edit kernel dmesg (6.0.9, PowerMac G4 DP) Getting this at boot sometimes, but not always (PowerMac G4 DP, kernel 6.0.9): [...] Freeing unused kernel image (initmem) memory: 1328K Checked W+X mappings: passed, no W+X pages found rodata_test: all tests were successful Run /sbin/init as init process _swap_info_get: Bad swap file entry 24c0ab68 BUG: Bad page map in process init pte:c0ab684c pmd:01182000 addr:a7891000 vm_flags:0070 anon_vma: mapping: index:a7891 file:(null) fault:0x0 mmap:0x0 read_folio:0x0 CPU: 0 PID: 1 Comm: init Tainted: GT 6.0.9-gentoo-PMacG4 #1 Call Trace: [f1025810] [c0629064] dump_stack_lvl+0x60/0xa4 (unreliable) [f1025830] [c0205054] print_bad_pte+0x1c8/0x254 [f1025870] [c02081d4] unmap_page_range+0x6a0/0x790 [f10258e0] [c0208794] unmap_vmas+0xf0/0x1d8 [f1025930] [c020f878] unmap_region+0xac/0x140 [f10259b0] [c02125c8] __do_munmap+0x1ec/0x540 [f10259f0] [c021425c] mmap_region+0x260/0x658 [f1025a50] [c0214924] do_mmap+0x2d0/0x530 [f1025a90] [c01ecab8] vm_mmap_pgoff+0x110/0x1a4 [f1025ae0] [c0211818] ksys_mmap_pgoff+0xa4/0x154 [f1025b10] [c0015b30] system_call_exception+0xc0/0x178 [f1025f30] [c001c1a8] ret_from_syscall+0x0/0x2c --- interrupt: c00 at 0xa7e2a9a8 NIP: a7e2a9a8 LR: a7e10758 CTR: a7e20650 REGS: f1025f40 TRAP: 0c00 Tainted: GT (6.0.9-gentoo-PMacG4) MSR: d032 CR: 24482288 XER: GPR00: 00c0 afea4910 a789 00381edc 0005 0812 0003 GPR08: afea4dc0 afea5020 a7e20650 0a574b24 0003 GPR16: afea4b58 afea4940 a7e55018 a7e53f08 00381edc 004e26ff a7e51760 GPR24: 0003 afea4b20 0002 a7e51790 a7e54fe0 afea49f0 NIP [a7e2a9a8] 0xa7e2a9a8 LR [a7e10758] 0xa7e10758 --- interrupt: c00 Disabling lock debugging due to kernel taint BUG: Bad page map in process init pte:c1182089 pmd:01182000 addr:a7892000 vm_flags:0070 anon_vma: mapping: index:a7892 file:(null) fault:0x0 mmap:0x0 read_folio:0x0 CPU: 1 PID: 1 Comm: init Tainted: GB T 6.0.9-gentoo-PMacG4 #1 Call Trace: [f1025800] [c0629064] dump_stack_lvl+0x60/0xa4 (unreliable) [f1025820] [c0205054] print_bad_pte+0x1c8/0x254 [f1025860] [c0206ee0] vm_normal_page+0x74/0x110 [f1025870] [c0207da0] unmap_page_range+0x26c/0x790 [f10258e0] [c0208794] unmap_vmas+0xf0/0x1d8 [f1025930] [c020f878] unmap_region+0xac/0x140 [f10259b0] [c02125c8] __do_munmap+0x1ec/0x540 [f10259f0] [c021425c] mmap_region+0x260/0x658 [f1025a50] [c0214924] do_mmap+0x2d0/0x530 [f1025a90] [c01ecab8] vm_mmap_pgoff+0x110/0x1a4 [f1025ae0] [c0211818] ksys_mmap_pgoff+0xa4/0x154 [f1025b10] [c0015b30] system_call_exception+0xc0/0x178 [f1025f30] [c001c1a8] ret_from_syscall+0x0/0x2c --- interrupt: c00 at 0xa7e2a9a8 NIP: a7e2a9a8 LR: a7e10758 CTR: a7e20650 REGS: f1025f40 TRAP: 0c00 Tainted: GB T (6.0.9-gentoo-PMacG4) MSR: d032 CR: 24482288 XER: GPR00: 00c0 afea4910 a789 00381edc 0005 0812 0003 GPR08: afea4dc0 afea5020 a7e20650 0a574b24 0003 GPR16: afea4b58 afea4940 a7e55018 a7e53f08 00381edc 004e26ff a7e51760 GPR24: 0003 afea4b20 0002 a7e51790 a7e54fe0 afea49f0 NIP [a7e2a9a8] 0xa7e2a9a8 LR [a7e10758] 0xa7e10758 --- interrupt: c00 BUG: Bad page map in process init pte:648a5747 pmd:01182000 page:(ptrval) refcount:0 mapcount:-1 mapping: index:0x1 pfn:0x648a5 flags: 0x8002(referenced|zone=2) raw: 8002 0100 0122 0001 fffe raw: page dumped because: bad pte addr:a7896000 vm_flags:0070 anon_vma: mapping: index:a7896 file:(null) fault:0x0 mmap:0x0 read_folio:0x0 CPU: 1 PID: 1 Comm: init Tainted: GB T 6.0.9-gentoo-PMacG4 #1 Call Trace: [f1025810] [c0629064] dump_stack_lvl+0x60/0xa4 (unreliable) [f1025830] [c0205054] print_bad_pte+0x1c8/0x254 [f1025870] [c0207fc8] unmap_page_range+0x494/0x790 [f10258e0] [c0208794] unmap_vmas+0xf0/0x1d8 [f1025930] [c020f878] unmap_region+0xac/0x140 [f10259b0] [c02125c8] __do_munmap+0x1ec/0x540 [f10259f0] [c021425c] mmap_region+0x260/0x658 [f1025a50] [c0214924] do_mmap+0x2d0/0x530 [f1025a90] [c01ecab8] vm_mmap_pgoff+0x110/0x1a4 [f1025ae0] [c0211
