lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <202503251554.34a0b29b-lkp@intel.com>
Date: Tue, 25 Mar 2025 16:40:42 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Yang Shi <yang@...amperecomputing.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, kernel test robot
	<oliver.sang@...el.com>, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>,
	<linux-mm@...ck.org>, <ltp@...ts.linux.it>, <Liam.Howlett@...cle.com>,
	<vbabka@...e.cz>, <jannh@...gle.com>, <akpm@...ux-foundation.org>,
	<yang@...amperecomputing.com>, <linux-kernel@...r.kernel.org>
Subject: Re: [v2 PATCH] mm: vma: skip anonymous vma when inserting vma to
 file rmap tree


hi, Yang Shi,

just in case below report could supply any further useful information to you.


Hello,

kernel test robot noticed "Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]PREEMPT_SMP_KASAN_PTI" on:

commit: 13671c9499a4883f6bece7229463ff89a48709f6 ("[v2 PATCH] mm: vma: skip anonymous vma when inserting vma to file rmap tree")
url: https://github.com/intel-lab-lkp/linux/commits/Yang-Shi/mm-vma-skip-anonymous-vma-when-inserting-vma-to-file-rmap-tree/20250313-061727
base: v6.14-rc6
patch link: https://lore.kernel.org/all/20250312221521.1255690-1-yang@os.amperecomputing.com/
patch subject: [v2 PATCH] mm: vma: skip anonymous vma when inserting vma to file rmap tree

in testcase: ltp
version: ltp-x86_64-042eff32a-1_20250322
with following parameters:

	disk: 1HDD
	test: mm-00



config: x86_64-rhel-9.4-ltp
compiler: gcc-12
test machine: 8 threads 1 sockets Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz (Kaby Lake) with 32G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202503251554.34a0b29b-lkp@intel.com



[  557.087938][  T349] mmapstress10    0  TINFO  :  Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[  557.087946][  T349]
[  557.102809][ T3834] LTP: starting mmap10
[  557.103401][  T349] mmapstress10    0  TINFO  :  Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[  557.106782][  T349]
[  557.119531][T141949] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
[  557.121506][  T349] mmapstress10    0  TINFO  :  Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[  557.132309][T141949] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  557.132314][T141949] CPU: 1 UID: 0 PID: 141949 Comm: mmap10 Tainted: G          I        6.14.0-rc6-00001-g13671c9499a4 #1
[  557.132319][T141949] Tainted: [I]=FIRMWARE_WORKAROUND
[  557.143013][  T349]
[  557.151409][T141949] Hardware name: Dell Inc. OptiPlex 7050/062KRH, BIOS 1.2.0 12/22/2016
[557.151411][T141949] RIP: 0010:__rb_insert_augmented (kbuild/src/consumer/lib/rbtree.c:115 kbuild/src/consumer/lib/rbtree.c:459) 
[  557.164270][  T349] mmapstress10    0  TINFO  :  Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[ 557.167616][T141949] Code: 00 48 89 da 48 c1 ea 03 80 3c 02 00 0f 85 a0 05 00 00 48 8b 2b 40 f6 c5 01 0f 85 44 05 00 00 48 8d 55 08 48 89 d1 48 c1 e9 03 <80> 3c 01 00 0f 85 94 05 00 00 4c 8b 6d 08 49 39 dd 0f 84 7f 01 00
All code
========
   0:	00 48 89             	add    %cl,-0x77(%rax)
   3:	da 48 c1             	fimull -0x3f(%rax)
   6:	ea                   	(bad)
   7:	03 80 3c 02 00 0f    	add    0xf00023c(%rax),%eax
   d:	85 a0 05 00 00 48    	test   %esp,0x48000005(%rax)
  13:	8b 2b                	mov    (%rbx),%ebp
  15:	40 f6 c5 01          	test   $0x1,%bpl
  19:	0f 85 44 05 00 00    	jne    0x563
  1f:	48 8d 55 08          	lea    0x8(%rbp),%rdx
  23:	48 89 d1             	mov    %rdx,%rcx
  26:	48 c1 e9 03          	shr    $0x3,%rcx
  2a:*	80 3c 01 00          	cmpb   $0x0,(%rcx,%rax,1)		<-- trapping instruction
  2e:	0f 85 94 05 00 00    	jne    0x5c8
  34:	4c 8b 6d 08          	mov    0x8(%rbp),%r13
  38:	49 39 dd             	cmp    %rbx,%r13
  3b:	0f                   	.byte 0xf
  3c:	84 7f 01             	test   %bh,0x1(%rdi)
	...

Code starting with the faulting instruction
===========================================
   0:	80 3c 01 00          	cmpb   $0x0,(%rcx,%rax,1)
   4:	0f 85 94 05 00 00    	jne    0x59e
   a:	4c 8b 6d 08          	mov    0x8(%rbp),%r13
   e:	49 39 dd             	cmp    %rbx,%r13
  11:	0f                   	.byte 0xf
  12:	84 7f 01             	test   %bh,0x1(%rdi)
	...
[  557.167620][T141949] RSP: 0018:ffffc9002edff800 EFLAGS: 00010202
[  557.169827][  T349]
[  557.178054][T141949] RAX: dffffc0000000000 RBX: ffff88810b878308 RCX: 0000000000000001
[  557.178057][T141949] RDX: 0000000000000008 RSI: ffff8881051ec2f0 RDI: ffff8887de397c58
[  557.178059][T141949] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1020a3d868
[  557.178061][T141949] R10: ffff8881051ec347 R11: ffff8887de397c20 R12: ffff8887de397c58
[  557.185709][  T349] mmapstress10    0  TINFO  :  Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[  557.194702][T141949] R13: ffff8881051ec2a8 R14: ffffffff81c1fa50 R15: ffff8881051ec2f0
[  557.194704][T141949] FS:  00007f318f741740(0000) GS:ffff888759880000(0000) knlGS:0000000000000000
[  557.194707][T141949] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  557.214407][  T349]
[  557.220440][T141949] CR2: 00007f318f917710 CR3: 000000015f928002 CR4: 00000000003726f0
[  557.220442][T141949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  557.220444][T141949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  557.220445][T141949] Call Trace:
[  557.220447][T141949]  <TASK>
[  557.224320][  T349] mmapstress10    0  TINFO  :  Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[557.230618][T141949] ? die_addr (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:421 kbuild/src/consumer/arch/x86/kernel/dumpstack.c:460) 
[557.230624][T141949] ? exc_general_protection (kbuild/src/consumer/arch/x86/kernel/traps.c:751 kbuild/src/consumer/arch/x86/kernel/traps.c:693) 
[  557.238606][  T349]


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250325/202503251554.34a0b29b-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ