[2.6.30-rc1] Crash in .hpte_need_flush with hugetlbfs test[shm-fork]

Sachin Sant sachinp at in.ibm.com
Wed Apr 8 17:57:17 EST 2009 

I was executing libhugetlbfs tests on a power6 box [9117-MMA]. One of the
sub test (shm-fork) caused the machine to crash. Here is the information :

llm62 login: cpu 0x1: Vector: 300 (Data Access) at [c0000000f9827490]
    pc: c000000000038028: .hpte_need_flush+0x1b8/0x2d8
    lr: c000000000037edc: .hpte_need_flush+0x6c/0x2d8
    sp: c0000000f9827710
   msr: 8000000000009032
   dar: c0000000d0157260
 dsisr: 40000000
  current = 0xc0000000f970bc20
  paca    = 0xc000000000a82500
    pid   = 11314, comm = shm-fork
enter ? for help
[c0000000f9827710] c000000000038050 .hpte_need_flush+0x1e0/0x2d8 (unreliable)
[c0000000f98277d0] c000000000039d78 .huge_ptep_get_and_clear+0x40/0x5c
[c0000000f9827850] c00000000010fe88 .__unmap_hugepage_range+0x178/0x2b8
[c0000000f9827940] c00000000011001c .unmap_hugepage_range+0x54/0x88
[c0000000f98279e0] c0000000000f9dc4 .unmap_vmas+0x178/0x8f4
[c0000000f9827b30] c0000000000ff4f4 .unmap_region+0xfc/0x1d8
[c0000000f9827c00] c000000000100c68 .do_munmap+0x2f4/0x38c
[c0000000f9827cc0] c000000000289a74 .SyS_shmdt+0xc0/0x188
[c0000000f9827d70] c00000000000c30c .sys_ipc+0x26c/0x2f4
[c0000000f9827e30] c0000000000084ac syscall_exit+0x0/0x40
--- Exception: c01 (System Call) at 000004000020d2dc
SP (fffd23a3c50) is in userspace
1:mon> di %pc
c000000000038028  eb898000      ld      r28,-32768(r9)
c00000000003802c  2f800000      cmpwi   cr7,r0,0
c000000000038030  409e0028      bne     cr7,c000000000038058    #
.hpte_need_flush+0x1e8/0x2d8
c000000000038034  7fe3fb78      mr      r3,r31
c000000000038038  7f24cb78      mr      r4,r25
c00000000003803c  7f85e378      mr      r5,r28
c000000000038040  7f6607b4      extsw   r6,r27
c000000000038044  7fa7eb78      mr      r7,r29
c000000000038048  39000000      li      r8,0
c00000000003804c  4bffc2cd      bl      c000000000034318        #
.flush_hash_page+0x0/0x1c0
c000000000038050  60000000      nop
c000000000038054  480000bc      b       c000000000038110        #
.hpte_need_flush+0x2a0/0x2d8
c000000000038058  7f0b07b5      extsw.  r11,r24
c00000000003805c  41820030      beq     c00000000003808c        #
.hpte_need_flush+0x21c/0x2d8
c000000000038060  e81e0010      ld      r0,16(r30)
c000000000038064  7fba0000      cmpd    cr7,r26,r0
1:mon>  r
R00 = 0000000000000000   R16 = 000000004f42e5b0
R01 = c0000000f9827710   R17 = 0000000000000000
R02 = c00000000098cf58   R18 = ffffffffffff9010
R03 = 0000000000000004   R19 = 0000000000000000
R04 = 000003ffec000000   R20 = 0000000000000000
R05 = c0000000d014f260   R21 = 0000040000000000
R06 = 0000220008000393   R22 = c0000000d014f260
R07 = 0000000000000001   R23 = 0000000000760000
R08 = 0000000000000004   R24 = 0000000000000000
R09 = c0000000d015f260   R25 = 0000220008000393
R10 = 000000000003ffec   R26 = c0000000f947ca80
R11 = 0000000000000330   R27 = 0000000000000004
R12 = 0000000024022422   R28 = c000000000790430
R13 = c000000000a82500   R29 = 0000000000000001
R14 = 0000000000000010   R30 = c000000000ef0430
R15 = ffffffffffffffff   R31 = 0fa89fffec000000
pc  = c000000000038028 .hpte_need_flush+0x1b8/0x2d8
lr  = c000000000037edc .hpte_need_flush+0x6c/0x2d8
msr = 8000000000009032   cr  = 44022424
ctr = c0000000000fedc0   xer = 0000000000000001   trap =  300
dar = c0000000d0157260   dsisr = 40000000
1:mon> di %lr
c000000000037edc  60000000      nop
c000000000037ee0  7c7b1b78      mr      r27,r3
c000000000037ee4  e8028cd8      ld      r0,-29480(r2)
c000000000037ee8  7fbf0040      cmpld   cr7,r31,r0
c000000000037eec  419d00a8      bgt     cr7,c000000000037f94    #
.hpte_need_flush+0x124/0x2d8
c000000000037ef0  3800ffff      li      r0,-1
c000000000037ef4  3ba00000      li      r29,0
c000000000037ef8  78000600      clrldi  r0,r0,24
c000000000037efc  7fbf0040      cmpld   cr7,r31,r0
c000000000037f00  409d000c      ble     cr7,c000000000037f0c    #
.hpte_need_flush+0x9c/0x2d8
c000000000037f04  e9228ce0      ld      r9,-29472(r2)
c000000000037f08  eba90002      lwa     r29,0(r9)
c000000000037f0c  2fbd0000      cmpdi   cr7,r29,0
c000000000037f10  e97a0390      ld      r11,912(r26)
c000000000037f14  409e003c      bne     cr7,c000000000037f50    #
.hpte_need_flush+0xe0/0x2d8
c000000000037f18  796b83e4      rldicr  r11,r11,16,47
1:mon>

CONFIG_PPC_64K_PAGES=y
CONFIG_HUGETLBFS=y
CONFIG_HUGETLB_PAGE=y

Have attached the dmesg log extracted via xmon. The libhugetlbfs
tests [v2.0] are part of autotest framework [autotest.kernel.org].
The sub test that caused this was shm-fork. I have attached the
libhugetlbfs execution log.

Thanks
-Sachin

-- 

---------------------------------
Sachin Sant
IBM Linux Technology Center
India Systems and Technology Labs
Bangalore, India
---------------------------------

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dmesg_log
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20090408/ab70c75c/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: libhugetlbfs.runlog
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20090408/ab70c75c/attachment.asc>

More information about the Linuxppc-dev mailing list