Bug 2028043

Summary:	readpage_elf: Attempt to read non-existent page at 0x0
Product:	[Fedora] Fedora	Reporter:	Baoquan He <bhe>
Component:	kexec-tools	Assignee:	Pingfan Liu <piliu>
Status:	CLOSED CURRENTRELEASE	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	36	CC:	bhe, coxu, piliu, ruyang, ryncsn
Target Milestone:	---	Keywords:	Patch, Triaged
Target Release:	---
Hardware:	aarch64
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2022-04-13 03:05:06 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Baoquan He 2021-12-01 11:21:51 UTC

Description of problem:

Failed to save vmcore because of makedumpfile error. It shows that the error happened in readpage_elf(), please check below error message.

[    6.482473] systemd[1]: Finished dracut pre-pivot and cleanup hook. 
[    6.487063] systemd[1]: Starting Kdump Vmcore Save Service... 
         Starting         
Kdump Vmcore Save Service   
... 
[    6.555698] kdump[467]: Kdump is using the default log level(3). 
[    6.703335] kdump.sh[454]: [debug_mem] kdump saving vmcore 
[    6.709011] kdump.sh[496]: MemFree:         5989856 kB 
[    6.710807] kdump.sh[496]: Cached:            59584 kB 
[    6.718890] kdump.sh[496]: Slab:              36688 kB 
[    6.743083] kdump[505]: saving to /sysroot/var/crash/127.0.0.1-2021-11-30-21:08:35/ 
[    6.769599] kdump[510]: saving vmcore-dmesg.txt to /sysroot/var/crash/127.0.0.1-2021-11-30-21:08:35/ 
[    6.779498] kdump.sh[511]: No program header covering vaddr 0xccccccccccccccccfound kexec bug? 
[    6.795987] kdump[514]: saving vmcore-dmesg.txt failed 
[    6.806653] kdump[516]: saving vmcore 
[    6.843489] kdump.sh[517]: readpage_elf: Attempt to read non-existent page at 0x0. 
[    6.846253] kdump.sh[517]: readmem: type_addr: 1, addr:fc0, size:8 
[    6.849982] kdump.sh[517]: vaddr_to_paddr_arm64: Can't read pmd 
[    6.853276] kdump.sh[517]: readmem: Can't convert a virtual address(ffffd4a4bf031668) to physical address. 
[    6.858120] kdump.sh[517]: readmem: type_addr: 0, addr:ffffd4a4bf031668, size:390 
[    6.863455] kdump.sh[517]: check_release: Can't get the address of system_utsname. 
[    6.870352] kdump.sh[517]: makedumpfile Failed. 
[    6.872602] kdump[519]: saving vmcore failed, exitcode:1 
[    6.882592] kdump[521]: saving the /run/initramfs/kexec-dmesg.log to /sysroot/var/crash/127.0.0.1-2021-11-30-21:08:35// 
[    6.939036] kdump[527]: saving vmcore failed 
[        
FAILED   
] Failed to start         
Kdump Vmcore Save Service   
. 
[    6.946259] systemd[1]: kdump-capture.service: Main process exited, code=exited, status=1/FAILURE 
See 'systemctl status kdump-capture.service' for details. 
[    6.950567] systemd[1]: kdump-capture.service: Failed with result 'exit-code'. 
[      
  OK     
] Stopped target         
Timer Units   
. 
[    6.956190] systemd[1]: Failed to start Kdump Vmcore Save Service. 
[      
  OK     
] Stopped         
dracut pre-pivot and cleanup hook   
. 
[    6.960699] systemd[1]: kdump-capture.service: Triggering OnFailure= dependencies. 
[    6.962790] systemd[1]: Stopped target Timer Units. 
[    6.964168] systemd[1]: dracut-pre-pivot.service: Deactivated successfully. 
[    6.966052] systemd[1]: Stopped dracut pre-pivot and cleanup hook. 


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Pingfan Liu 2022-01-18 07:37:50 UTC

It should be fixed by linux tree:

commit b398123bff3bcbc1facb0f29bf6e7b9f1bc55931
Author: Pingfan Liu <kernelfans>
Date:   Wed Dec 15 10:13:48 2021 +0800

    efi: apply memblock cap after memblock_add()
    
    On arm64, during kdump kernel saves vmcore, it runs into the following bug:
    ...
    [   15.148919] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmem_cache_node' (offset 0, size 4096)!
    [   15.159707] ------------[ cut here ]------------
    [   15.164311] kernel BUG at mm/usercopy.c:99!
    [   15.168482] Internal error: Oops - BUG: 0 [#1] SMP
    [   15.173261] Modules linked in: xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce sbsa_gwdt ast i2c_algo_bit drm_vram_helper drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec drm_ttm_helper ttm drm nvme nvme_core xgene_hwmon i2c_designware_platform i2c_designware_core dm_mirror dm_region_hash dm_log dm_mod overlay squashfs zstd_decompress loop
    [   15.206186] CPU: 0 PID: 542 Comm: cp Not tainted 5.16.0-rc4 #1
    [   15.212006] Hardware name: GIGABYTE R272-P30-JG/MP32-AR0-JG, BIOS F12 (SCP: 1.5.20210426) 05/13/2021
    [   15.221125] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
    [   15.228073] pc : usercopy_abort+0x9c/0xa0
    [   15.232074] lr : usercopy_abort+0x9c/0xa0
    [   15.236070] sp : ffff8000121abba0
    [   15.239371] x29: ffff8000121abbb0 x28: 0000000000003000 x27: 0000000000000000
    [   15.246494] x26: 0000000080000400 x25: 0000ffff885c7000 x24: 0000000000000000
    [   15.253617] x23: 000007ff80400000 x22: ffff07ff80401000 x21: 0000000000000001
    [   15.260739] x20: 0000000000001000 x19: ffff07ff80400000 x18: ffffffffffffffff
    [   15.267861] x17: 656a626f2042554c x16: 53206d6f72662064 x15: 6574636574656420
    [   15.274983] x14: 74706d6574746120 x13: 2129363930342065 x12: 7a6973202c302074
    [   15.282105] x11: ffffc8b041d1b148 x10: 00000000ffff8000 x9 : ffffc8b04012812c
    [   15.289228] x8 : 00000000ffff7fff x7 : ffffc8b041d1b148 x6 : 0000000000000000
    [   15.296349] x5 : 0000000000000000 x4 : 0000000000007fff x3 : 0000000000000000
    [   15.303471] x2 : 0000000000000000 x1 : ffff07ff8c064800 x0 : 000000000000006b
    [   15.310593] Call trace:
    [   15.313027]  usercopy_abort+0x9c/0xa0
    [   15.316677]  __check_heap_object+0xd4/0xf0

Comment 2 Pingfan Liu 2022-01-18 07:49:32 UTC

For a separated vmcore-dmesg issue, in kexec-tools mailing list:[PATCHv4 0/4] arm64: make phys_to_virt() correct

Comment 3 Ben Cotton 2022-02-08 21:10:35 UTC

This bug appears to have been reported against 'rawhide' during the Fedora 36 development cycle.
Changing version to 36.

Comment 5 Pingfan Liu 2022-03-14 03:56:07 UTC

The F36 test is blocked by https://bugzilla.redhat.com/show_bug.cgi?id=2052949. I will resolve it firstly.
(Although I think this bug should be resolved, but let us see what it is after F36 can test kdump again)

Comment 6 Pingfan Liu 2022-04-13 03:05:06 UTC

I have a try on the latest F36, kdump can work.

[root@ampere-mtsnow-altra-10 ~]# uname -a
Linux ampere-mtsnow-altra-10.khw4.lab.eng.bos.redhat.com 5.17.2-300.fc36.aarch64 #1 SMP Fri Apr 8 14:17:15 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux
[root@ampere-mtsnow-altra-10 ~]# rpm -qa | grep kexec-tools
kexec-tools-2.0.23-6.fc36.aarch64

Comment 7 Pingfan Liu 2022-04-13 03:06:05 UTC

Per comment#6, close it. Feel free to re-open if it is not OK.