Re: 94d3a25408: kernel_BUG_at_kernel/fork.c
On Sat, Mar 10, 2018 at 05:11:39AM +0800, kernel test robot wrote:
> FYI, we noticed the following commit (built with gcc-7):
>
> commit: 94d3a254089a7cd4f11b7071b4323afd98eea0a6 ("Detect early free of a
> live mm")
> url:
> https://github.com/0day-ci/linux/commits/Mark-Rutland/Detect-early-free-of-a-live-mm/20180303-144149
> [ 47.208935] kernel BUG at kernel/fork.c:599!
> [ 47.210365] invalid opcode: [#1] SMP PTI
> [ 47.211336] Modules linked in:
> [ 47.212145] CPU: 0 PID: 0 Comm: swapper/0 Not tainted
> 4.16.0-rc3-1-g94d3a25 #1
> [ 47.213966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> 1.10.2-1 04/01/2014
> [ 47.215869] RIP: 0010:__mmdrop+0x136/0x170
> [ 47.216866] RSP: 0018:82803dd8 EFLAGS: 00010293
> [ 47.218160] RAX: 82818500 RBX: 88011577 RCX:
> 810ae876
> [ 47.219758] RDX: RSI: 0001 RDI:
> 88011577
> [ 47.221306] RBP: 82803e00 R08: 0001 R09:
>
> [ 47.223268] R10: R11: R12:
> 82818500
> [ 47.224961] R13: 82a8ce20 R14: 88013ff534c0 R15:
> 03e7
> [ 47.226716] FS: () GS:88013b20()
> knlGS:
> [ 47.228550] CS: 0010 DS: ES: CR0: 80050033
> [ 47.229884] CR2: 7fbfc2cc0190 CR3: 02812000 CR4:
> 06f0
> [ 47.231580] Call Trace:
> [ 47.232144] idle_task_exit+0x53/0x60
Luckily this is a spurious warning. In idle_task_exit(), we switch to
the init_mm, but leave active_mm stale before calling mmdrop().
In addition to the WARN_ON[_ONCE] changes, I'll drop the following in:
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index e7c535eee0a6..0ef844abc2da 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -5506,6 +5506,7 @@ void idle_task_exit(void)
if (mm != _mm) {
switch_mm(mm, _mm, current);
+ current->active_mm = _mm;
finish_arch_post_lock_switch();
}
mmdrop(mm);
Thanks,
Mark.
Re: 94d3a25408: kernel_BUG_at_kernel/fork.c
On Sat, Mar 10, 2018 at 05:11:39AM +0800, kernel test robot wrote:
> FYI, we noticed the following commit (built with gcc-7):
>
> commit: 94d3a254089a7cd4f11b7071b4323afd98eea0a6 ("Detect early free of a
> live mm")
> url:
> https://github.com/0day-ci/linux/commits/Mark-Rutland/Detect-early-free-of-a-live-mm/20180303-144149
> [ 47.208935] kernel BUG at kernel/fork.c:599!
> [ 47.210365] invalid opcode: [#1] SMP PTI
> [ 47.211336] Modules linked in:
> [ 47.212145] CPU: 0 PID: 0 Comm: swapper/0 Not tainted
> 4.16.0-rc3-1-g94d3a25 #1
> [ 47.213966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> 1.10.2-1 04/01/2014
> [ 47.215869] RIP: 0010:__mmdrop+0x136/0x170
> [ 47.216866] RSP: 0018:82803dd8 EFLAGS: 00010293
> [ 47.218160] RAX: 82818500 RBX: 88011577 RCX:
> 810ae876
> [ 47.219758] RDX: RSI: 0001 RDI:
> 88011577
> [ 47.221306] RBP: 82803e00 R08: 0001 R09:
>
> [ 47.223268] R10: R11: R12:
> 82818500
> [ 47.224961] R13: 82a8ce20 R14: 88013ff534c0 R15:
> 03e7
> [ 47.226716] FS: () GS:88013b20()
> knlGS:
> [ 47.228550] CS: 0010 DS: ES: CR0: 80050033
> [ 47.229884] CR2: 7fbfc2cc0190 CR3: 02812000 CR4:
> 06f0
> [ 47.231580] Call Trace:
> [ 47.232144] idle_task_exit+0x53/0x60
Luckily this is a spurious warning. In idle_task_exit(), we switch to
the init_mm, but leave active_mm stale before calling mmdrop().
In addition to the WARN_ON[_ONCE] changes, I'll drop the following in:
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index e7c535eee0a6..0ef844abc2da 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -5506,6 +5506,7 @@ void idle_task_exit(void)
if (mm != _mm) {
switch_mm(mm, _mm, current);
+ current->active_mm = _mm;
finish_arch_post_lock_switch();
}
mmdrop(mm);
Thanks,
Mark.
94d3a25408: kernel_BUG_at_kernel/fork.c
FYI, we noticed the following commit (built with gcc-7):
commit: 94d3a254089a7cd4f11b7071b4323afd98eea0a6 ("Detect early free of a live
mm")
url:
https://github.com/0day-ci/linux/commits/Mark-Rutland/Detect-early-free-of-a-live-mm/20180303-144149
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire
log/backtrace):
+--+---++
| | v4.16-rc3 | 94d3a25408 |
+--+---++
| boot_successes | 18| 6 |
| boot_failures| 0 | 10 |
| kernel_BUG_at_kernel/fork.c | 0 | 10 |
| invalid_opcode:#[##] | 0 | 10 |
| RIP:__mmdrop | 0 | 10 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 10 |
+--+---++
[ 47.208935] kernel BUG at kernel/fork.c:599!
[ 47.210365] invalid opcode: [#1] SMP PTI
[ 47.211336] Modules linked in:
[ 47.212145] CPU: 0 PID: 0 Comm: swapper/0 Not tainted
4.16.0-rc3-1-g94d3a25 #1
[ 47.213966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.10.2-1 04/01/2014
[ 47.215869] RIP: 0010:__mmdrop+0x136/0x170
[ 47.216866] RSP: 0018:82803dd8 EFLAGS: 00010293
[ 47.218160] RAX: 82818500 RBX: 88011577 RCX: 810ae876
[ 47.219758] RDX: RSI: 0001 RDI: 88011577
[ 47.221306] RBP: 82803e00 R08: 0001 R09:
[ 47.223268] R10: R11: R12: 82818500
[ 47.224961] R13: 82a8ce20 R14: 88013ff534c0 R15: 03e7
[ 47.226716] FS: () GS:88013b20()
knlGS:
[ 47.228550] CS: 0010 DS: ES: CR0: 80050033
[ 47.229884] CR2: 7fbfc2cc0190 CR3: 02812000 CR4: 06f0
[ 47.231580] Call Trace:
[ 47.232144] idle_task_exit+0x53/0x60
[ 47.232947] play_dead_common+0x9/0x20
[ 47.233906] native_play_dead+0x10/0xed
[ 47.234804] ? cpuhp_report_idle_dead+0x5a/0x70
[ 47.236139] arch_cpu_idle_dead+0xa/0x10
[ 47.236954] do_idle+0x14d/0x1d0
[ 47.237834] cpu_startup_entry+0x6e/0x70
[ 47.238735] rest_init+0xc7/0xd0
[ 47.239612] ? update_intr_gate+0x1b/0x1b
[ 47.240516] start_kernel+0x59f/0x5c2
[ 47.241282] x86_64_start_reservations+0x38/0x3a
[ 47.242402] x86_64_start_kernel+0x72/0x75
[ 47.243328] secondary_startup_64+0xa5/0xb0
[ 47.244378] Code: 89 ff e8 06 32 07 00 eb 83 e8 f7 11 0d 00 4c 89 e7 e8 8f
e7 0c 00 eb ba e8 e8 11 0d 00 0f 0b e8 e1 11 0d 00 0f 0b e8 da 11 0d 00 <0f> 0b
e8 d3 11 0d 00 48 89 df e8 8b ed 15 00 e9 2e ff ff ff e8
[ 47.248938] RIP: __mmdrop+0x136/0x170 RSP: 82803dd8
[ 47.250243] ---[ end trace 0f4bf1066c11d4ef ]---
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k job-script # job-script is attached in this
email
Thanks,
lkp
#
# Automatically generated file; DO NOT EDIT.
# Linux/x86_64 4.16.0-rc3 Kernel Configuration
#
CONFIG_64BIT=y
CONFIG_X86_64=y
CONFIG_X86=y
CONFIG_INSTRUCTION_DECODER=y
CONFIG_OUTPUT_FORMAT="elf64-x86-64"
CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_MMU=y
CONFIG_ARCH_MMAP_RND_BITS_MIN=28
CONFIG_ARCH_MMAP_RND_BITS_MAX=32
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16
CONFIG_NEED_DMA_MAP_STATE=y
CONFIG_NEED_SG_DMA_LENGTH=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_BUG=y
CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_ARCH_HAS_CPU_RELAX=y
CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
CONFIG_HAVE_SETUP_PER_CPU_AREA=y
CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
CONFIG_ARCH_HIBERNATION_POSSIBLE=y
CONFIG_ARCH_SUSPEND_POSSIBLE=y
CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
CONFIG_ZONE_DMA32=y
CONFIG_AUDIT_ARCH=y
CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
CONFIG_X86_64_SMP=y
CONFIG_ARCH_SUPPORTS_UPROBES=y
CONFIG_FIX_EARLYCON_MEM=y
CONFIG_PGTABLE_LEVELS=4
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
CONFIG_IRQ_WORK=y
CONFIG_BUILDTIME_EXTABLE_SORT=y
CONFIG_THREAD_INFO_IN_TASK=y
#
# General setup
#
CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_CROSS_COMPILE=""
# CONFIG_COMPILE_TEST is not set
CONFIG_LOCALVERSION=""
CONFIG_LOCALVERSION_AUTO=y
CONFIG_HAVE_KERNEL_GZIP=y
CONFIG_HAVE_KERNEL_BZIP2=y
CONFIG_HAVE_KERNEL_LZMA=y
CONFIG_HAVE_KERNEL_XZ=y
94d3a25408: kernel_BUG_at_kernel/fork.c
FYI, we noticed the following commit (built with gcc-7):
commit: 94d3a254089a7cd4f11b7071b4323afd98eea0a6 ("Detect early free of a live
mm")
url:
https://github.com/0day-ci/linux/commits/Mark-Rutland/Detect-early-free-of-a-live-mm/20180303-144149
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire
log/backtrace):
+--+---++
| | v4.16-rc3 | 94d3a25408 |
+--+---++
| boot_successes | 18| 6 |
| boot_failures| 0 | 10 |
| kernel_BUG_at_kernel/fork.c | 0 | 10 |
| invalid_opcode:#[##] | 0 | 10 |
| RIP:__mmdrop | 0 | 10 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 10 |
+--+---++
[ 47.208935] kernel BUG at kernel/fork.c:599!
[ 47.210365] invalid opcode: [#1] SMP PTI
[ 47.211336] Modules linked in:
[ 47.212145] CPU: 0 PID: 0 Comm: swapper/0 Not tainted
4.16.0-rc3-1-g94d3a25 #1
[ 47.213966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.10.2-1 04/01/2014
[ 47.215869] RIP: 0010:__mmdrop+0x136/0x170
[ 47.216866] RSP: 0018:82803dd8 EFLAGS: 00010293
[ 47.218160] RAX: 82818500 RBX: 88011577 RCX: 810ae876
[ 47.219758] RDX: RSI: 0001 RDI: 88011577
[ 47.221306] RBP: 82803e00 R08: 0001 R09:
[ 47.223268] R10: R11: R12: 82818500
[ 47.224961] R13: 82a8ce20 R14: 88013ff534c0 R15: 03e7
[ 47.226716] FS: () GS:88013b20()
knlGS:
[ 47.228550] CS: 0010 DS: ES: CR0: 80050033
[ 47.229884] CR2: 7fbfc2cc0190 CR3: 02812000 CR4: 06f0
[ 47.231580] Call Trace:
[ 47.232144] idle_task_exit+0x53/0x60
[ 47.232947] play_dead_common+0x9/0x20
[ 47.233906] native_play_dead+0x10/0xed
[ 47.234804] ? cpuhp_report_idle_dead+0x5a/0x70
[ 47.236139] arch_cpu_idle_dead+0xa/0x10
[ 47.236954] do_idle+0x14d/0x1d0
[ 47.237834] cpu_startup_entry+0x6e/0x70
[ 47.238735] rest_init+0xc7/0xd0
[ 47.239612] ? update_intr_gate+0x1b/0x1b
[ 47.240516] start_kernel+0x59f/0x5c2
[ 47.241282] x86_64_start_reservations+0x38/0x3a
[ 47.242402] x86_64_start_kernel+0x72/0x75
[ 47.243328] secondary_startup_64+0xa5/0xb0
[ 47.244378] Code: 89 ff e8 06 32 07 00 eb 83 e8 f7 11 0d 00 4c 89 e7 e8 8f
e7 0c 00 eb ba e8 e8 11 0d 00 0f 0b e8 e1 11 0d 00 0f 0b e8 da 11 0d 00 <0f> 0b
e8 d3 11 0d 00 48 89 df e8 8b ed 15 00 e9 2e ff ff ff e8
[ 47.248938] RIP: __mmdrop+0x136/0x170 RSP: 82803dd8
[ 47.250243] ---[ end trace 0f4bf1066c11d4ef ]---
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k job-script # job-script is attached in this
email
Thanks,
lkp
#
# Automatically generated file; DO NOT EDIT.
# Linux/x86_64 4.16.0-rc3 Kernel Configuration
#
CONFIG_64BIT=y
CONFIG_X86_64=y
CONFIG_X86=y
CONFIG_INSTRUCTION_DECODER=y
CONFIG_OUTPUT_FORMAT="elf64-x86-64"
CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_MMU=y
CONFIG_ARCH_MMAP_RND_BITS_MIN=28
CONFIG_ARCH_MMAP_RND_BITS_MAX=32
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16
CONFIG_NEED_DMA_MAP_STATE=y
CONFIG_NEED_SG_DMA_LENGTH=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_BUG=y
CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_ARCH_HAS_CPU_RELAX=y
CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
CONFIG_HAVE_SETUP_PER_CPU_AREA=y
CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
CONFIG_ARCH_HIBERNATION_POSSIBLE=y
CONFIG_ARCH_SUSPEND_POSSIBLE=y
CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
CONFIG_ZONE_DMA32=y
CONFIG_AUDIT_ARCH=y
CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
CONFIG_X86_64_SMP=y
CONFIG_ARCH_SUPPORTS_UPROBES=y
CONFIG_FIX_EARLYCON_MEM=y
CONFIG_PGTABLE_LEVELS=4
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
CONFIG_IRQ_WORK=y
CONFIG_BUILDTIME_EXTABLE_SORT=y
CONFIG_THREAD_INFO_IN_TASK=y
#
# General setup
#
CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_CROSS_COMPILE=""
# CONFIG_COMPILE_TEST is not set
CONFIG_LOCALVERSION=""
CONFIG_LOCALVERSION_AUTO=y
CONFIG_HAVE_KERNEL_GZIP=y
CONFIG_HAVE_KERNEL_BZIP2=y
CONFIG_HAVE_KERNEL_LZMA=y
CONFIG_HAVE_KERNEL_XZ=y
