Hi, Ritesh Harjani <riteshh@xxxxxxxxxxxxx> writes: > On 22/03/17 01:01PM, Sven Schnelle wrote: >> Ritesh Harjani <riteshh@xxxxxxxxxxxxx> writes: >> >> [ 0.958403] Hardware name: IBM 3906 M04 704 (z/VM 7.1.0) >> [ 0.958407] Workqueue: eval_map_wq eval_map_work_func >> >> [ 0.958446] Krnl PSW : 0704e00180000000 000000000090a9d6 (number+0x25e/0x3c0) >> [ 0.958456] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3 >> [ 0.958461] Krnl GPRS: 0000000000000058 00000000010de0ac 0000000000000001 00000000fffffffc >> [ 0.958467] 0000038000047b80 0affffff010de0ab 0000000000000000 0000000000000000 >> [ 0.958481] 0000000000000020 0000038000000000 00000000010de0ad 00000000010de0ab >> [ 0.958484] 0000000080312100 0000000000e68910 0000038000047b50 0000038000047ab8 >> [ 0.958494] Krnl Code: 000000000090a9c6: f0c84112b001 srp 274(13,%r4),1(%r11),8 >> [ 0.958494] 000000000090a9cc: 41202001 la %r2,1(%r2) >> [ 0.958494] #000000000090a9d0: ecab0006c065 clgrj %r10,%r11,12,000000000090a9dc >> [ 0.958494] >000000000090a9d6: d200b0004000 mvc 0(1,%r11),0(%r4) >> [ 0.958494] 000000000090a9dc: 41b0b001 la %r11,1(%r11) >> [ 0.958494] 000000000090a9e0: a74bffff >> aghi %r4,-1 >> [ 0.958494] 000000000090a9e4: a727fff6 brctg %r2,000000000090a9d0 >> [ 0.958494] 000000000090a9e8: a73affff ahi %r3,-1 >> [ 0.958575] Call Trace: >> [ 0.958580] [<000000000090a9d6>] number+0x25e/0x3c0 >> [ 0.958594] ([<0000000000289516>] update_event_printk+0xde/0x200) >> [ 0.958602] [<0000000000910020>] vsnprintf+0x4b0/0x7c8 >> [ 0.958606] [<00000000009103e8>] snprintf+0x40/0x50 >> [ 0.958610] [<00000000002893d2>] eval_replace+0x62/0xc8 >> [ 0.958614] [<000000000028e2fe>] trace_event_eval_update+0x206/0x248 > > This looks like you must have this patch from Steven as well [2]. > Although I did test the patch and didn't see such a crash on my qemu box [3]. > > [2]: https://lore.kernel.org/linux-ext4/20220310233234.4418186a@xxxxxxxxxxxxxxxxxx/ > [3]: https://lore.kernel.org/linux-ext4/20220311051249.ltgqbjjothbrkbno@riteshh-domain/ > > @Steven, > Sorry to bother. But does this crash strike anything obvious to you? Looking at the oops output again made me realizes that the snprintf tries to write into pages that are mapped RO. Talking to Heiko he mentioned that s390 maps rodata/text RO when setting up the initial mapping while x86 has a RW mapping in the beginning and changes that later to RO. I haven't verified that, but that might be a reason why it works on x86. Thanks Sven