lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202403291711.331cc50a-lkp@intel.com>
Date: Fri, 29 Mar 2024 17:19:28 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Oscar Salvador <osalvador@...e.de>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>, Marco Elver <elver@...gle.com>,
	Vlastimil Babka <vbabka@...e.cz>, Andrey Konovalov <andreyknvl@...il.com>,
	Alexander Potapenko <glider@...gle.com>, Michal Hocko <mhocko@...e.com>,
	<linux-mm@...ck.org>, <oliver.sang@...el.com>
Subject: [linus:master] [mm,page_owner]  217b2119b9:
 WARNING:at_lib/refcount.c:#refcount_warn_saturate



Hello,

kernel test robot noticed "WARNING:at_lib/refcount.c:#refcount_warn_saturate" on:

commit: 217b2119b9e260609958db413876f211038f00ee ("mm,page_owner: implement the tracking of the stacks count")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master

[test failed on linus/master 4cece764965020c22cff7665b18a012006359095]
[test failed on linux-next/master 13ee4a7161b6fd938aef6688ff43b163f6d83e37]

in testcase: rcutorture
version: 
with following parameters:

	runtime: 300s
	test: cpuhotplug
	torture_type: tasks-rude



compiler: clang-17
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)


+-----------------------------------------------------------------+------------+------------+
|                                                                 | 4bedfb314b | 217b2119b9 |
+-----------------------------------------------------------------+------------+------------+
| WARNING:at_lib/refcount.c:#refcount_warn_saturate               | 0          | 114        |
| EIP:refcount_warn_saturate                                      | 0          | 114        |
+-----------------------------------------------------------------+------------+------------+


If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202403291711.331cc50a-lkp@intel.com


[    1.321723][    T1] ------------[ cut here ]------------
[    1.322406][    T1] refcount_t: decrement hit 0; leaking memory.
[ 1.323164][ T1] WARNING: CPU: 0 PID: 1 at lib/refcount.c:31 refcount_warn_saturate (lib/refcount.c:31) 
[    1.324262][    T1] Modules linked in:
[    1.324770][    T1] CPU: 0 PID: 1 Comm: swapper Not tainted 6.8.0-rc5-00257-g217b2119b9e2 #1
[    1.325884][    T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 1.327143][ T1] EIP: refcount_warn_saturate (lib/refcount.c:31) 
[ 1.327824][ T1] Code: 83 c4 04 0f 0b eb 09 80 3d 40 5e 2a c3 00 74 06 5d 31 c0 31 d2 c3 c6 05 40 5e 2a c3 01 68 90 59 a8 c2 e8 db 91 a2 ff 83 c4 04 <0f> 0b eb e2 90 90 90 90 55 89 e5 89 c1 31 d2 b8 01 00 00 00 0f b1
All code
========
   0:	83 c4 04             	add    $0x4,%esp
   3:	0f 0b                	ud2
   5:	eb 09                	jmp    0x10
   7:	80 3d 40 5e 2a c3 00 	cmpb   $0x0,-0x3cd5a1c0(%rip)        # 0xffffffffc32a5e4e
   e:	74 06                	je     0x16
  10:	5d                   	pop    %rbp
  11:	31 c0                	xor    %eax,%eax
  13:	31 d2                	xor    %edx,%edx
  15:	c3                   	ret
  16:	c6 05 40 5e 2a c3 01 	movb   $0x1,-0x3cd5a1c0(%rip)        # 0xffffffffc32a5e5d
  1d:	68 90 59 a8 c2       	push   $0xffffffffc2a85990
  22:	e8 db 91 a2 ff       	call   0xffffffffffa29202
  27:	83 c4 04             	add    $0x4,%esp
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	eb e2                	jmp    0x10
  2e:	90                   	nop
  2f:	90                   	nop
  30:	90                   	nop
  31:	90                   	nop
  32:	55                   	push   %rbp
  33:	89 e5                	mov    %esp,%ebp
  35:	89 c1                	mov    %eax,%ecx
  37:	31 d2                	xor    %edx,%edx
  39:	b8 01 00 00 00       	mov    $0x1,%eax
  3e:	0f                   	.byte 0xf
  3f:	b1                   	.byte 0xb1

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	eb e2                	jmp    0xffffffffffffffe6
   4:	90                   	nop
   5:	90                   	nop
   6:	90                   	nop
   7:	90                   	nop
   8:	55                   	push   %rbp
   9:	89 e5                	mov    %esp,%ebp
   b:	89 c1                	mov    %eax,%ecx
   d:	31 d2                	xor    %edx,%edx
   f:	b8 01 00 00 00       	mov    $0x1,%eax
  14:	0f                   	.byte 0xf
  15:	b1                   	.byte 0xb1
[    1.330164][    T1] EAX: 00000000 EBX: ffffffff ECX: 00000000 EDX: 00000000
[    1.331017][    T1] ESI: e43cf13c EDI: e43cf140 EBP: c42c7b3c ESP: c42c7b3c
[    1.331861][    T1] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS: 00010286
[    1.332806][    T1] CR0: 80050033 CR2: ffdeb000 CR3: 033f8000 CR4: 000406d0
[    1.333731][    T1] Call Trace:
[ 1.334175][ T1] ? show_regs (arch/x86/kernel/dumpstack.c:478) 
[ 1.334721][ T1] ? refcount_warn_saturate (lib/refcount.c:31) 
[ 1.335390][ T1] ? __warn (kernel/panic.c:236 kernel/panic.c:677) 
[ 1.335913][ T1] ? refcount_warn_saturate (lib/refcount.c:31) 
[ 1.336577][ T1] ? refcount_warn_saturate (lib/refcount.c:31) 
[ 1.337253][ T1] ? report_bug (lib/bug.c:199) 
[ 1.337890][ T1] ? exc_overflow (arch/x86/kernel/traps.c:251) 
[ 1.338464][ T1] ? handle_bug (arch/x86/kernel/traps.c:238) 
[ 1.339014][ T1] ? exc_invalid_op (arch/x86/kernel/traps.c:259) 
[ 1.339612][ T1] ? handle_exception (arch/x86/entry/entry_32.S:1049) 
[ 1.340246][ T1] ? exc_overflow (arch/x86/kernel/traps.c:251) 
[ 1.340819][ T1] ? refcount_warn_saturate (lib/refcount.c:31) 
[ 1.341496][ T1] ? exc_overflow (arch/x86/kernel/traps.c:251) 
[ 1.342130][ T1] ? refcount_warn_saturate (lib/refcount.c:31) 
[ 1.342796][ T1] __reset_page_owner (include/linux/refcount.h:?) 
[ 1.343423][ T1] __free_pages_ok (include/linux/page_owner.h:?) 
[ 1.344021][ T1] make_alloc_exact (mm/page_alloc.c:4811) 
[ 1.344621][ T1] alloc_pages_exact (mm/page_alloc.c:4840) 
[ 1.345228][ T1] alloc_large_system_hash (mm/mm_init.c:2530) 
[ 1.345973][ T1] inet_hashinfo2_init (net/ipv4/inet_hashtables.c:1171) 
[ 1.346595][ T1] tcp_init (net/ipv4/tcp.c:4707) 
[ 1.347117][ T1] inet_init (net/ipv4/af_inet.c:2031) 
[ 1.347657][ T1] do_one_initcall (init/main.c:1237) 
[ 1.348259][ T1] ? ipv4_offload_init (net/ipv4/af_inet.c:1954) 
[ 1.348879][ T1] ? blake2s_final (lib/crypto/blake2s.c:58) 
[ 1.349467][ T1] ? extract_entropy (include/linux/string.h:276 drivers/char/random.c:697) 
[ 1.350154][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4599) 
[ 1.350777][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4599) 
[ 1.351397][ T1] ? look_up_lock_class (kernel/locking/lockdep.c:926) 
[ 1.352036][ T1] ? register_lock_class (kernel/locking/lockdep.c:1284) 
[ 1.352682][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4599) 
[ 1.353315][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4599) 
[ 1.354002][ T1] ? lock_acquire (kernel/locking/lockdep.c:5754) 
[ 1.354583][ T1] ? stack_depot_save_flags (lib/stackdepot.c:?) 
[ 1.355268][ T1] ? stack_depot_save_flags (lib/stackdepot.c:671) 
[ 1.355955][ T1] ? lock_acquire (kernel/locking/lockdep.c:5754) 
[ 1.356534][ T1] ? __create_object (mm/kmemleak.c:?) 
[ 1.357147][ T1] ? kmemleak_alloc (mm/kmemleak.c:764 mm/kmemleak.c:1044) 
[ 1.357789][ T1] ? __create_object (mm/kmemleak.c:756) 
[ 1.358387][ T1] ? next_arg (lib/cmdline.c:273) 
[ 1.358938][ T1] ? parse_args (kernel/params.c:153) 
[ 1.359515][ T1] do_initcall_level (init/main.c:1298) 
[ 1.360114][ T1] ? rest_init (init/main.c:1435) 
[ 1.360655][ T1] do_initcalls (init/main.c:1312) 
[ 1.361218][ T1] ? rest_init (init/main.c:1435) 
[ 1.361842][ T1] do_basic_setup (init/main.c:1335) 
[ 1.362417][ T1] kernel_init_freeable (init/main.c:1555) 
[ 1.363039][ T1] kernel_init (init/main.c:1445) 
[ 1.363590][ T1] ret_from_fork (arch/x86/kernel/process.c:153) 
[ 1.364154][ T1] ret_from_fork_asm (arch/x86/entry/entry_32.S:741) 
[ 1.364745][ T1] entry_INT80_32 (arch/x86/entry/entry_32.S:947) 
[    1.365365][    T1] irq event stamp: 392969
[ 1.365990][ T1] hardirqs last enabled at (392981): console_unlock (arch/x86/include/asm/irqflags.h:19 arch/x86/include/asm/irqflags.h:67 arch/x86/include/asm/irqflags.h:127 kernel/printk/printk.c:341 kernel/printk/printk.c:2706 kernel/printk/printk.c:3038) 
[ 1.367067][ T1] hardirqs last disabled at (392990): console_unlock (kernel/printk/printk.c:339) 
[ 1.368145][ T1] softirqs last enabled at (392390): do_softirq_own_stack (arch/x86/kernel/irq_32.c:57 arch/x86/kernel/irq_32.c:147) 
[ 1.369283][ T1] softirqs last disabled at (392381): do_softirq_own_stack (arch/x86/kernel/irq_32.c:57 arch/x86/kernel/irq_32.c:147) 
[    1.370465][    T1] ---[ end trace 0000000000000000 ]---



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240329/202403291711.331cc50a-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ