From: "wcohen at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: systemtap@sourceware.org
Subject: [Bug runtime/31074] New: On aarch64 the systemtap.base/set_kernel.stp triggers "Unable to handle kernel paging request"
Date: Fri, 17 Nov 2023 17:13:52 +0000 [thread overview]
Message-ID: <bug-31074-6586@http.sourceware.org/bugzilla/> (raw)
https://sourceware.org/bugzilla/show_bug.cgi?id=31074
Bug ID: 31074
Summary: On aarch64 the systemtap.base/set_kernel.stp triggers
"Unable to handle kernel paging request"
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
Assignee: systemtap at sourceware dot org
Reporter: wcohen at redhat dot com
Target Milestone: ---
When attempting to run the systemtap tests on aarch64 fedora 39 the
systemtap.base/set_kernel.stp has an "Unable to handle kernel access" when the
script is shutting down. On the machine have a git checkout of systemtap built
as an rpm and a recent f39 kernel:
$ rpm -q systemtap kernel
systemtap-5.0-1.202311152024.fc39.aarch64
kernel-6.5.11-300.fc39.aarch64
This can be demonstrated with on aarch64 machine with the following commands:
$ stap -k -p4 -mset_kernel -v -g set_kernel.stp
$ sudo staprun set_kernel.ko -c "sleep 1"
It may take a couple tries of staprun to trigger and get:
[ 764.982599] Unable to handle kernel access to user memory outside uaccess
routines at virtual address 0000000000000030
[ 764.993402] Mem abort info:
[ 764.996253] ESR = 0x0000000096000004
[ 765.000063] EC = 0x25: DABT (current EL), IL = 32 bits
[ 765.005419] SET = 0, FnV = 0
[ 765.008489] EA = 0, S1PTW = 0
[ 765.011636] FSC = 0x04: level 0 translation fault
[ 765.016527] Data abort info:
[ 765.019412] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
[ 765.024895] CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ 765.029959] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ 765.035284] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000171423000
[ 765.041737] [0000000000000030] pgd=0000000000000000, p4d=0000000000000000
[ 765.048549] Internal error: Oops: 0000000096000004 [#1] SMP
[ 765.054121] Modules linked in: set_kernel(OE) snd_seq_dummy snd_hrtimer
nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inett
[ 765.054381] usb_conn_gpio udc_core tegra_soctherm snd_timer videodev at24
snd vfat soundcore mc fat loop zram mmc_block onboard_use
[ 765.144548] Unloaded tainted modules: set_kernel(OE):1 [last unloaded:
set_kernel(OE)]
[ 765.190112] CPU: 2 PID: 5917 Comm: stapio Tainted: G WC OE
6.5.11-300.fc39.aarch64 #1
[ 765.198979] Hardware name: nvidia p3450-0000/p3450-0000, BIOS 2020.10
10/06/2020
[ 765.206365] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 765.213320] pc : __pi_strcmp+0xbc/0x140
[ 765.217173] lr : get_tracepoint+0x5c/0x80 [set_kernel]
[ 765.222348] sp : ffff8000871c3a30
[ 765.225656] x29: ffff8000871c3a30 x28: ffff800082bcf850 x27:
ffff80007c3ddc80
[ 765.232791] x26: ffff00008423d560 x25: dead000000000122 x24:
dead000000000100
[ 765.239923] x23: 000000000000000b x22: ffff80007c3dd298 x21:
ffff000089e41c20
[ 765.247055] x20: ffff80007be10610 x19: 0000000000000001 x18:
0000000000000000
[ 765.254189] x17: 000000040044ffff x16: 00500074b5503510 x15:
0000000000000000
[ 765.261321] x14: ffff00008035a200 x13: ffff80007c2db000 x12:
ffff800082bcf6d8
[ 765.268452] x11: 0000000000000001 x10: 00007fff841efa21 x9 :
fffffffffffffe78
[ 765.275583] x8 : 0101010101010101 x7 : 000000002ad85bff x6 :
0000000000000000
[ 765.282716] x5 : 676461675f627375 x4 : 0000000000000000 x3 :
0000000000000000
[ 765.289848] x2 : 00000000000000ea x1 : 0000000000000030 x0 :
ffff80007be10610
[ 765.296984] Call trace:
[ 765.299432] __pi_strcmp+0xbc/0x140
[ 765.302926] stp_tracepoint_notify+0x7c/0x248 [set_kernel]
[ 765.308431] unregister_tracepoint_module_notifier+0x6c/0xa8
[ 765.314097] stp_tracepoint_exit+0x40/0xc8 [set_kernel]
[ 765.319337] systemtap_module_exit+0x1bc/0x2f0 [set_kernel]
[ 765.324922] _stp_cleanup_and_exit.part.0+0xe8/0x128 [set_kernel]
[ 765.331025] _stp_ctl_write_cmd+0x184/0x4e8 [set_kernel]
[ 765.336344] proc_reg_write+0xa4/0x100
[ 765.340104] vfs_write+0xd0/0x318
[ 765.343421] ksys_write+0x7c/0x120
[ 765.346823] __arm64_sys_write+0x24/0x38
[ 765.350743] invoke_syscall+0x78/0x100
[ 765.354493] el0_svc_common.constprop.0+0x4c/0xf8
[ 765.359191] do_el0_svc+0x34/0x50
[ 765.362502] el0_svc+0x34/0x108
[ 765.365650] el0t_64_sync_handler+0x120/0x130
[ 765.370003] el0t_64_sync+0x194/0x198
[ 765.373673] Code: f240081f 54ffff41 cb010fe9 927df021 (f8408427)
[ 765.379763] ---[ end trace 0000000000000000 ]---
I suspect that some how the buffer in get_buffer is overlapping other memory
somehow. Doubling the buffersize, but limiting the memset to MAXTRINGLEN seems
to eliminate problem.
--
You are receiving this mail because:
You are the assignee for the bug.
next reply other threads:[~2023-11-17 17:13 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-17 17:13 wcohen at redhat dot com [this message]
2023-11-22 0:19 ` [Bug runtime/31074] " fche at redhat dot com
2023-11-22 15:02 ` wcohen at redhat dot com
2023-11-22 15:36 ` fche at redhat dot com
2023-11-27 16:07 ` wcohen at redhat dot com
2023-12-01 14:51 ` wcohen at redhat dot com
2023-12-01 16:45 ` wcohen at redhat dot com
2023-12-01 17:19 ` mark at klomp dot org
2023-12-04 16:38 ` wcohen at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-31074-6586@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=systemtap@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).