Hi Finn,
What's more, I suspect schedule() may cause another process to exit that
would otherwise first take a signal, and signal delivery then repeats
the vma teardown on process exit. At least that is how I read those
'table already freed' stack traces.
In the backtrace below, I do actually see free_pointer_table() reentered
after preemption. (Ignore the 2200, 2200, 6480 in the call trace -
that's just the arguments to a pr_err() that prints the first line in
the excerpt below.)
To get this snapshot of what exception context preempt_schedule_irq()
was last called from, I save the stack pointer, the status register in
the exception stack frame, and the vector number before calling
preempt_schedule_irq(). The saved values are printed before calling
panic() in free_pointer_table().
Unfortunately, when I add preempt_disable()/
sched_preempt_enable_noresched() in free_pointer_table(), I don't get
that particular panic() anymore, but the bad kernel buserror with the
warning from set_fc() that you reported. So no real improvement ...
Cheers,
Michael
saved from last preempt: nr 2d sr 2200 2200 pc 6480 sp dcddc4
Kernel panic - not syncing: table already free!
CPU: 0 PID: 1629 Comm: udevd Not tainted
6.8.0-rc7-atari-fpuemu-spinlocktest+ #1759
Stack from 00f7fd9c:
00f7fd9c 003e75ee 003e75ee 00000000 00000001 003354cc 003e75ee
0032f208
00000001 00000001 00e14000 004f0000 00f8b40c 0000643c 00f7ff0e
000064d4
003d9128 003d90ee 0000002d 00002200 00002200 00006480 00dcddc4
c0000000
c017c000 efd00000 c00c0000 01e14800 ee000000 00f8b184 000cdee8
00e14800
00000001 ffffffff c0000000 000d367c 0031d67e 000d9916 000d367c
00dc00cc
000cdd12 0031d67e 000d9916 c0080000 00f8b180 c017bfff c017bfff
edffffff
Call Trace: [<003354cc>] dump_stack+0xc/0x10
[<0032f208>] panic+0xd8/0x258
[<0000643c>] free_pointer_table+0x0/0x160
[<000064d4>] free_pointer_table+0x98/0x160
[<00002200>] do_one_initcall+0xa4/0x188
[<00002200>] do_one_initcall+0xa4/0x188
[<00006480>] free_pointer_table+0x44/0x160
[<000cdee8>] free_pgd_range+0x1d6/0x1f2
[<000d367c>] unlink_file_vma+0x0/0x40
[<0031d67e>] mas_find+0x0/0x102
[<000d9916>] unlink_anon_vmas+0x0/0x106
[<000d367c>] unlink_file_vma+0x0/0x40
[<000cdd12>] free_pgd_range+0x0/0x1f2
[<0031d67e>] mas_find+0x0/0x102
[<000d9916>] unlink_anon_vmas+0x0/0x106
[<000cdfbe>] free_pgtables+0xba/0xcc
[<0031d67e>] mas_find+0x0/0x102
[<000d2950>] mas_set+0x0/0x22
[<00039f02>] up_read+0x0/0x64
[<000d41d0>] exit_mmap+0x13c/0x1de
[<0000efd3>] NODD+0xab/0x104
[<001900f9>] ext2_get_folio.constprop.11+0x1a7/0x274
[<0000ffff>] EXPTBL+0x3bf/0x400
[<00016782>] __mmput+0x16/0x94
[<0001a158>] do_exit+0x250/0x714
[<00339f12>] _raw_spin_unlock_irq+0x10/0x38
[<0001a79a>] sys_exit_group+0x0/0x14
[<0001a7ae>] pid_child_should_wake+0x0/0x52
[<0000269a>] syscall+0x8/0xc
[<0008c00b>] do_check_common+0x325/0x2946
