Re: next-20250729: PREEMPT_RT: rock Pi 4b Internal error Oops kmem_cache_alloc_bulk_noprof - kernel locking rtmutex.c at __rt_mutex_slowlock_locked

8 Aug 2025


      Hi Naresh,
On Sat, Aug 02, 2025 at 03:45:51PM +0530, Naresh Kamboju wrote:
...
## Test log
[  527.570253] Unable to handle kernel paging request at virtual
address 003f0020f94020a1
[  527.570274] Mem abort info:
[  527.570277]   ESR = 0x0000000096000004
[  527.570282]   EC = 0x25: DABT (current EL), IL = 32 bits
[  527.570288]   SET = 0, FnV = 0
[  527.570292]   EA = 0, S1PTW = 0
[  527.570297]   FSC = 0x04: level 0 translation fault
[  527.570302] Data abort info:
[  527.570305]   ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
[  527.570310]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[  527.570316]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[  527.570322] [003f0020f94020a1] address between user and kernel address ranges
[  527.570330] Internal error: Oops: 0000000096000004 [#1]  SMP
[  527.570336] Modules linked in: brcmfmac rockchip_dfi brcmutil
cfg80211 snd_soc_hdmi_codec dw_hdmi_i2s_audio dw_hdmi_cec
snd_soc_simple_card snd_soc_audio_graph_card hci_uart
snd_soc_rockchip_i2s snd_soc_es8316 snd_soc_spdif_tx
snd_soc_simple_card_utils btqca rtc_rk808 rockchipdrm btbcm
snd_soc_core dw_hdmi_qp bluetooth snd_compress reset_gpio analogix_dp
snd_pcm_dmaengine panfrost hantro_vpu dw_mipi_dsi rfkill rockchip_rga
drm_shmem_helper drm_dp_aux_bus snd_pcm gpu_sched dw_hdmi pwrseq_core
videobuf2_dma_sg v4l2_vp9 snd_timer drm_display_helper v4l2_h264
v4l2_jpeg phy_rockchip_pcie snd v4l2_mem2mem cec videobuf2_dma_contig
soundcore videobuf2_memops drm_client_lib videobuf2_v4l2
drm_dma_helper videobuf2_common rockchip_saradc drm_kms_helper
industrialio_triggered_buffer kfifo_buf rockchip_thermal
pcie_rockchip_host coresight_cpu_debug fuse drm backlight
[  527.570493] CPU: 3 UID: 0 PID: 34254 Comm: mkdir Not tainted
6.16.0-next-20250801 #1 PREEMPT_RT
[  527.570502] Hardware name: Radxa ROCK Pi 4B (DT)
[  527.570506] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  527.570512] pc : kmem_cache_alloc_bulk_noprof (mm/slub.c:5343
(discriminator 1) mm/slub.c:5403 (discriminator 1))
[  527.570527] lr : kmem_cache_alloc_bulk_noprof
(include/linux/atomic/atomic-arch-fallback.h:457
include/linux/atomic/atomic-instrumented.h:33
include/linux/kfence.h:127 mm/slub.c:5307 mm/slub.c:5403)
[  527.570533] sp : ffff80008e24b8f0
[  527.570536] x29: ffff80008e24b930 x28: 00ff000000584610 x27: ffff800082b30538
[  527.570545] x26: ffff8000816b64dc x25: 0000000000000cc0 x24: 0000000000000000
[  527.570554] x23: 0000000000000004 x22: ffff0000f7579d20 x21: 0000000000000001
[  527.570563] x20: 0000000000000001 x19: ffff000000405b00 x18: ffff80008e24bcd0
[  527.570572] x17: 0000000000000000 x16: ffff800081e18420 x15: 0000ffffa2670fff
[  527.570582] x14: 0000000000000000 x13: 1fffe000017942e1 x12: 0000ffffa2470fff
[  527.570591] x11: ffff00000bca1708 x10: 0000000000000001 x9 : ffff8000816e41a4
[  527.570600] x8 : ffff80008e24b850 x7 : fefefefefefefefe x6 : ffff800082b30000
[  527.570608] x5 : d63f0020f9402021 x4 : ffff0000f7579d58 x3 : 0000000000000000
[  527.570617] x2 : 0000000000000000 x1 : 0000000000000100 x0 : 0000000000000080
[  527.570627] Call trace:
[  527.570631] kmem_cache_alloc_bulk_noprof (mm/slub.c:5343
(discriminator 1) mm/slub.c:5403 (discriminator 1)) (P)
[  527.570639] mas_alloc_nodes (lib/maple_tree.c:1278)
[  527.570651] mas_node_count_gfp (lib/maple_tree.c:1339)
[  527.570661] mas_preallocate (lib/maple_tree.c:5538 (discriminator 1))
[  527.570667] __split_vma (mm/vma.c:528 (discriminator 1))
[  527.570677] vma_modify (mm/vma.c:1633)
[  527.570685] vma_modify_flags (mm/vma.c:1650)
[  527.570694] mprotect_fixup (mm/mprotect.c:819)
[  527.570704] do_mprotect_pkey (mm/mprotect.c:993)
[  527.570713] __arm64_sys_mprotect (mm/mprotect.c:1011)
[  527.570722] invoke_syscall (arch/arm64/include/asm/current.h:19
arch/arm64/kernel/syscall.c:54)
[  527.570731] el0_svc_common.constprop.0
(include/linux/thread_info.h:135 (discriminator 2)
arch/arm64/kernel/syscall.c:140 (discriminator 2))
[  527.570737] do_el0_svc (arch/arm64/kernel/syscall.c:152)
[  527.570744] el0_svc (arch/arm64/include/asm/irqflags.h:82
(discriminator 1) arch/arm64/include/asm/irqflags.h:123 (discriminator

arch/arm64/include/asm/irqflags.h:136 (discriminator 1)

arch/arm64/kernel/entry-common.c:169 (discriminator 1)
arch/arm64/kernel/entry-common.c:182 (discriminator 1)
arch/arm64/kernel/entry-common.c:880 (discriminator 1))
[  527.570752] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:899)
[  527.570760] el0t_64_sync (arch/arm64/kernel/entry.S:596)
[ 527.570772] Code: 1400000c f94002c5 b4000aa5 b9402a60 (f86068a0)
All code
========
   0: 1400000c b 0x30
   4: f94002c5 ldr x5, [x22]
   8: b4000aa5 cbz x5, 0x15c
   c: b9402a60 ldr w0, [x19, #40]
  10:* f86068a0 ldr x0, [x5, x0] <-- trapping instruction
Code starting with the faulting instruction
0: f86068a0 ldr x0, [x5, x0]
[  527.570778] ---[ end trace 0000000000000000 ]---
[  527.570800] ------------[ cut here ]------------
If you're able to repro this, please could you see if the patch below
helps at all?
https://lore.kernel.org/r/20250806145611.3962-1-dev.jain@arm.com
Cheers,
Will

2025

2024

2023

2022

2021

2020

2019

2018

2017

Re: next-20250729: PREEMPT_RT: rock Pi 4b Internal error Oops kmem_cache_alloc_bulk_noprof - kernel locking rtmutex.c at __rt_mutex_slowlock_locked

Code starting with the faulting instruction