Le 08/09/2019 à 10:31, zhong jiang a écrit :
Hi, Laurent, Vinayak I have got the following crash on 4.14 kernel with speculative page faults enabled. Unfortunately, The issue disappears when trying disabling SPF.
Hi Zhong, Sorry for to late answer, I was busy at the LPC. I never hit that. Is there any steps identified leading to this crash ? Thanks, Laurent.
The call trace is as follows. Unable to handle kernel NULL pointer dereference at virtual address 00000000 user pgtable: 4k pages, 39-bit VAs, pgd = ffffffc177337000 [0000000000000000] *pgd=0000000177346003, *pud=0000000177346003, *pmd=0000000000000000 Internal error: Oops: 96000046 [#1] PREEMPT SMP CPU: 0 PID: 3184 Comm: Signal Catcher VIP: 00 Tainted: G O 4.14.116 #1 PC is at __rb_erase_color+0x54/0x260 LR is at anon_vma_interval_tree_remove+0x2ac/0x2c0 Call trace: [<ffffff8009aa45c4>] __rb_erase_color+0x54/0x260 [<ffffff80083a73f8>] anon_vma_interval_tree_remove+0x2ac/0x2c0 [<ffffff80083b96ac>] unlink_anon_vmas+0x84/0x170 [<ffffff80083aa8f4>] free_pgtables+0x9c/0x100 [<ffffff80083b6814>] exit_mmap+0xb0/0x1d8 [<ffffff8008227e8c>] mmput+0x3c/0xe0 [ffffff800822ed00>] do_exit+0x2f0/0x954 [<ffffff800822f41c>] do_group_exit+0x88/0x9c [<ffffff800823b768>] get_signal+0x360/0x56c [<ffffff8008208eb8>] do_notify_resume+0x150/0x5e4 Exception stack(0xffffffc1eac07ec0 to 0xffffffc1eac08000) It seems to rb_node is empty accidentally under anon_vma rwsem when the process is exiting. I have no idea whether any race existence or not to result in the issue. Let me know if you have hit the issue or any suggestions. Thanks, zhong jiang
