lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <202506131711.5b41931c-lkp@intel.com>
Date: Mon, 16 Jun 2025 10:21:58 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Casey Chen <cachen@...estorage.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>, Yuanyuan Zhong
	<yzhong@...estorage.com>, Suren Baghdasaryan <surenb@...gle.com>,
	<linux-mm@...ck.org>, <oliver.sang@...el.com>
Subject: [linus:master] [alloc_tag]  780138b123:
 Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]SMP_KASAN



Hello,


we don't have enough knowledge if this is a real issue, or the changes in this
commit expose the real issue in a clear way. we just report what we observed
in our tests FYI.

in this trinity test, both 780138b123 and parent have oom (1) randomly. after
oom, parent seems be able to 'recover', but 780138b123 has a big chance to crash
as (2)


6a4b3551ba1079e8 780138b123816d717dbc0771d4c
---------------- ---------------------------
       fail:runs  %reproduction    fail:runs
           |             |             |
           :1000         9%          94:1000  dmesg.KASAN:null-ptr-deref_in_range[#-#]    <---- (2)
           :1000         8%          83:1000  dmesg.Kernel_panic-not_syncing:Fatal_exception    <---- (2)
           :1000         9%          94:1000  dmesg.Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]SMP_KASAN    <---- (2)
           :1000         9%          94:1000  dmesg.RIP:__down_read_trylock    <---- (2)
         94:1000         1%         103:1000  dmesg.invoked_oom-killer:gfp_mask=0x   <---- (1)


below is full report FYI.


kernel test robot noticed "Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]SMP_KASAN" on:

commit: 780138b123816d717dbc0771d4c87e9a8a01963d ("alloc_tag: check mem_profiling_support in alloc_tag_init")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master

[test failed on linus/master      f09079bd04a924c72d555cd97942d5f8d7eca98c]
[test failed on linux-next/master b27cc623e01be9de1580eaa913508b237a7a9673]

in testcase: trinity
version: trinity-i386-abe9de86-1_20230429
with following parameters:

	runtime: 300s
	group: group-01
	nr_groups: 5


config: x86_64-randconfig-007-20250609
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202506131711.5b41931c-lkp@intel.com



[  421.716359][  T464] run invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=0
[  421.719641][  T464] CPU: 1 UID: 0 PID: 464 Comm: run Not tainted 6.15.0-rc6-00281-g780138b12381 #1 PREEMPT(full)  073bc317d8128d8c347152ffd5b02618a013b6bc
[  421.719660][  T464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  421.719668][  T464] Call Trace:
[  421.719673][  T464]  <TASK>
[  421.719681][  T464]  dump_stack_lvl+0x8c/0xd1
[  421.719726][  T464]  dump_stack+0x14/0x16
[  421.719736][  T464]  dump_header+0x10a/0x364
[  421.719756][  T464]  oom_kill_process+0x9c/0x256
[  421.719770][  T464]  out_of_memory+0x585/0x5cd
[  421.719781][  T464]  ? oom_killer_disable+0x1d4/0x1d4
[  421.719801][  T464]  __alloc_pages_slowpath+0xd0c/0xfad
[  421.719835][  T464]  ? warn_alloc+0x24d/0x24d
[  421.719875][  T464]  __alloc_frozen_pages_noprof+0x22a/0x2b0
[  421.719892][  T464]  ? __alloc_pages_slowpath+0xfad/0xfad
[  421.719901][  T464]  ? look_up_lock_class+0xb3/0x10d
[  421.719920][  T464]  ? validate_chain+0x40/0x2a9
[  421.719949][  T464]  alloc_pages_mpol+0xf3/0x246
[  421.719963][  T464]  ? policy_nodemask+0x2bb/0x2bb
[  421.719974][  T464]  ? preempt_count_sub+0x10/0x1c
[  421.719995][  T464]  alloc_frozen_pages_noprof+0x54/0x58
[  421.720007][  T464]  alloc_pages_noprof+0xe/0x25
[  421.720018][  T464]  pmd_alloc_one_noprof+0x2b/0xe1
[  421.720031][  T464]  __pmd_alloc+0xbb/0x148
[  421.720045][  T464]  pmd_alloc+0x72/0x7f
[  421.720064][  T464]  copy_p4d_range+0x199/0x28c
[  421.720073][  T464]  ? __lock_release+0x4f/0x10d
[  421.720087][  T464]  ? p4d_offset+0xc5/0xc5
[  421.720109][  T464]  copy_page_range+0x45c/0x504
[  421.720128][  T464]  ? copy_p4d_range+0x28c/0x28c
[  421.720137][  T464]  ? preempt_latency_stop+0x50/0x53
[  421.720152][  T464]  ? __up_write+0x3f6/0x415
[  421.720172][  T464]  dup_mmap+0xa07/0xcae
[  421.720192][  T464]  ? mmap_read_lock_maybe_expand+0x9d/0x9d
[  421.720209][  T464]  ? preempt_count_sub+0x10/0x1c
[  421.720234][  T464]  ? preempt_latency_stop+0x50/0x53
[  421.720251][  T464]  dup_mm+0x13b/0x383
[  421.720268][  T464]  copy_process+0x1a5d/0x3d47
[  421.720297][  T464]  ? pidfd_prepare+0x76/0x76
[  421.720327][  T464]  kernel_clone+0x18e/0x56b
[  421.720341][  T464]  ? create_io_thread+0xd8/0xd8
[  421.720365][  T464]  ? validate_chain+0x40/0x2a9
[  421.720384][  T464]  __do_compat_sys_ia32_clone+0xd3/0xf8
[  421.720399][  T464]  ? __x64_compat_sys_ia32_mmap+0x37/0x37
[  421.720437][  T464]  ? __might_fault+0x11c/0x148
[  421.720452][  T464]  __ia32_compat_sys_ia32_clone+0xd3/0xde
[  421.720470][  T464]  ia32_sys_call+0x1ab1/0x269e
[  421.720483][  T464]  __do_fast_syscall_32+0xb5/0xda
[  421.720496][  T464]  do_fast_syscall_32+0x37/0x6d
[  421.720509][  T464]  do_SYSENTER_32+0x23/0x25
[  421.720520][  T464]  entry_SYSENTER_compat_after_hwframe+0x58/0x5f
[  421.720529][  T464] RIP: 0023:0xf7fb5579
[  421.720540][  T464] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  421.720549][  T464] RSP: 002b:00000000ffa76d30 EFLAGS: 00000282 ORIG_RAX: 0000000000000078
[  421.720560][  T464] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[  421.720567][  T464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7fae2a8
[  421.720574][  T464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  421.720579][  T464] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  421.720585][  T464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  421.720613][  T464]  </TASK>
[  421.999417][  T464] Mem-Info:
[  422.020799][  T464] active_anon:76021 inactive_anon:3069011 isolated_anon:0
[  422.020799][  T464]  active_file:0 inactive_file:0 isolated_file:0
[  422.020799][  T464]  unevictable:90809 dirty:0 writeback:0
[  422.020799][  T464]  slab_reclaimable:50729 slab_unreclaimable:99515
[  422.020799][  T464]  mapped:11568 shmem:3108857 pagetables:874
[  422.020799][  T464]  sec_pagetables:0 bounce:0
[  422.020799][  T464]  kernel_misc_reclaimable:0
[  422.020799][  T464]  free:30837 free_pcp:3770 free_cma:0
[  422.056111][  T464] Node 0 active_anon:304084kB inactive_anon:12276044kB active_file:0kB inactive_file:0kB unevictable:363236kB isolated(anon):0kB isolated(file):0kB mapped:46272kB dirty:0kB writeback:0kB shmem:12435428kB writeback_tmp:0kB kernel_stack:4800kB pagetables:3496kB sec_pagetables:0kB all_unreclaimable? yes Balloon:0kB
[  422.075920][  T464] Node 0 DMA free:15360kB boost:0kB min:16kB low:28kB high:40kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  422.096281][  T464] lowmem_reserve[]: 0 2831 13776 13776 13776
[  422.103436][  T464] Node 0 DMA32 free:44776kB boost:0kB min:2988kB low:5784kB high:8580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:56688kB inactive_anon:2781944kB active_file:0kB inactive_file:0kB unevictable:328kB writepending:0kB present:3129216kB managed:2899740kB mlocked:328kB bounce:0kB free_pcp:13272kB local_pcp:10204kB free_cma:0kB
[  422.129935][  T464] lowmem_reserve[]: 0 0 10945 10945 10945
[  422.137659][  T464] Node 0 Normal free:63212kB boost:51564kB min:63532kB low:74736kB high:85940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:247396kB inactive_anon:9494100kB active_file:0kB inactive_file:0kB unevictable:362908kB writepending:0kB present:13631488kB managed:11207880kB mlocked:2196kB bounce:0kB free_pcp:1808kB local_pcp:1188kB free_cma:0kB
[  422.165589][  T464] lowmem_reserve[]: 0 0 0 0 0
[  422.173663][  T464] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15360kB
[  422.184662][  T464] Node 0 DMA32: 2*4kB (UM) 2*8kB (U) 1*16kB (U) 2*32kB (UE) 4*64kB (UME) 3*128kB (UE) 2*256kB (UM) 1*512kB (E) 2*1024kB (UM) 2*2048kB (UM) 9*4096kB (M) = 44776kB
[  422.209110][  T464] Node 0 Normal: 1*4kB (M) 1*8kB (U) 2*16kB (UM) 0*32kB 327*64kB (UM) 226*128kB (UM) 36*256kB (UM) 2*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 63212kB
[  422.240115][  T464] 3197807 total pagecache pages
[  422.254115][  T464] 0 pages in swap cache
[  422.269109][  T464] Free swap  = 0kB
[  422.285107][  T464] Total swap = 0kB
[  422.300451][  T464] 4194174 pages RAM
[  422.319431][  T464] 0 pages HighMem/MovableOnly
[  422.334296][  T464] 663429 pages reserved
[  422.350111][  T464] 0 pages cma reserved
[  422.368307][  T464] 0 pages hwpoisoned
[  422.383136][  T464] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001b: 0000 [#1] SMP KASAN
[  422.389566][  T464] KASAN: null-ptr-deref in range [0x00000000000000d8-0x00000000000000df]
[  422.395815][  T464] CPU: 1 UID: 0 PID: 464 Comm: run Not tainted 6.15.0-rc6-00281-g780138b12381 #1 PREEMPT(full)  073bc317d8128d8c347152ffd5b02618a013b6bc
[  422.402827][  T464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  422.409018][  T464] RIP: 0010:__down_read_trylock+0x9f/0x296
[  422.414237][  T464] Code: 10 07 39 8a e8 87 df 46 00 83 3d f6 ab f4 08 00 0f 85 38 01 00 00 4c 8d 73 68 b8 ff ff 37 00 4c 89 f2 48 c1 e0 2a 48 c1 ea 03 <80> 3c 02 00 74 08 4c 89 f7 e8 72 df 46 00 48 39 5b 68 0f 84 0c 01
[  422.426591][  T464] RSP: 0018:ffffc900046cf0a8 EFLAGS: 00010206
[  422.432304][  T464] RAX: dffffc0000000000 RBX: 0000000000000070 RCX: 1ffffffff14720e2
[  422.438489][  T464] RDX: 000000000000001b RSI: 000000000000000a RDI: 0000000000000070
[  422.448792][  T464] RBP: ffffc900046cf120 R08: 0000000000000008 R09: 0000000000000000
[  422.454953][  T464] R10: fffffbfff1471e8b R11: ffffffff815ab3fc R12: ffffc900046cf0f8
[  422.461083][  T464] R13: 1ffff920008d9e17 R14: 00000000000000d8 R15: 0000000000000000
[  422.467325][  T464] FS:  0000000000000000(0000) GS:ffff8884242eb000(0063) knlGS:00000000f7fae240
[  422.473750][  T464] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  422.479566][  T464] CR2: 00000000f7fc4574 CR3: 000000014cf1b000 CR4: 00000000000406f0
[  422.485894][  T464] Call Trace:
[  422.491525][  T464]  <TASK>
[  422.496855][  T464]  ? preempt_latency_stop+0x50/0x53
[  422.505046][  T464]  ? rwsem_spin_on_owner+0x1d1/0x1d1
[  422.510801][  T464]  ? __wake_up_klogd+0x59/0x6c
[  422.516272][  T464]  ? wake_up_klogd+0x12/0x14
[  422.521817][  T464]  down_read_trylock+0x12/0x45
[  422.527154][  T464]  codetag_trylock_module_list+0x11/0x18
[  422.532601][  T464]  alloc_tag_top_users+0x8c/0x211
[  422.537895][  T464]  ? vprintk+0xd/0xf
[  422.542734][  T464]  ? _printk+0x95/0xaf
[  422.547382][  T464]  ? reserve_module_tags+0x32a/0x32a
[  422.552072][  T464]  __show_mem+0x1af/0x544
[  422.556529][  T464]  ? preempt_count_sub+0x10/0x1c
[  422.561143][  T464]  ? preempt_count_sub+0x10/0x1c
[  422.565745][  T464]  ? mark_lock+0x72/0x179
[  422.570155][  T464]  ? si_meminfo_node+0x187/0x187
[  422.574638][  T464]  ? mark_held_locks+0x4f/0x63
[  422.578901][  T464]  ? trace_hardirqs_on+0x4e/0x50
[  422.583004][  T464]  ? irqentry_exit+0x6b/0x79
[  422.587046][  T464]  ? sysvec_apic_timer_interrupt+0x7a/0x7f
[  422.591381][  T464]  ? asm_sysvec_apic_timer_interrupt+0x1f/0x30
[  422.595734][  T464]  ? trace_irq_enable+0xad/0xe7
[  422.599476][  T464]  ? dump_stack_lvl+0x96/0xd1
[  422.602966][  T464]  dump_header+0x19c/0x364
[  422.606238][  T464]  ? dump_header+0x19c/0x364
[  422.609775][  T464]  oom_kill_process+0x9c/0x256
[  422.613161][  T464]  out_of_memory+0x585/0x5cd
[  422.616633][  T464]  ? oom_killer_disable+0x1d4/0x1d4
[  422.620325][  T464]  __alloc_pages_slowpath+0xd0c/0xfad
[  422.623957][  T464]  ? warn_alloc+0x24d/0x24d
[  422.627581][  T464]  __alloc_frozen_pages_noprof+0x22a/0x2b0
[  422.630990][  T464]  ? __alloc_pages_slowpath+0xfad/0xfad
[  422.634869][  T464]  ? look_up_lock_class+0xb3/0x10d
[  422.638425][  T464]  ? validate_chain+0x40/0x2a9
[  422.641898][  T464]  alloc_pages_mpol+0xf3/0x246
[  422.644831][  T464]  ? policy_nodemask+0x2bb/0x2bb
[  422.648013][  T464]  ? preempt_count_sub+0x10/0x1c
[  422.651906][  T464]  alloc_frozen_pages_noprof+0x54/0x58
[  422.655256][  T464]  alloc_pages_noprof+0xe/0x25
[  422.660066][  T464]  pmd_alloc_one_noprof+0x2b/0xe1
[  422.663449][  T464]  __pmd_alloc+0xbb/0x148
[  422.665896][  T464]  pmd_alloc+0x72/0x7f
[  422.668415][  T464]  copy_p4d_range+0x199/0x28c
[  422.670979][  T464]  ? __lock_release+0x4f/0x10d
[  422.673552][  T464]  ? p4d_offset+0xc5/0xc5
[  422.676110][  T464]  copy_page_range+0x45c/0x504
[  422.678693][  T464]  ? copy_p4d_range+0x28c/0x28c
[  422.680871][  T464]  ? preempt_latency_stop+0x50/0x53
[  422.683176][  T464]  ? __up_write+0x3f6/0x415
[  422.685384][  T464]  dup_mmap+0xa07/0xcae
[  422.687632][  T464]  ? mmap_read_lock_maybe_expand+0x9d/0x9d
[  422.690199][  T464]  ? preempt_count_sub+0x10/0x1c
[  422.692456][  T464]  ? preempt_latency_stop+0x50/0x53
[  422.697259][  T464]  dup_mm+0x13b/0x383
[  422.700011][  T464]  copy_process+0x1a5d/0x3d47
[  422.702466][  T464]  ? pidfd_prepare+0x76/0x76
[  422.705025][  T464]  kernel_clone+0x18e/0x56b
[  422.707377][  T464]  ? create_io_thread+0xd8/0xd8
[  422.709734][  T464]  ? validate_chain+0x40/0x2a9
[  422.712105][  T464]  __do_compat_sys_ia32_clone+0xd3/0xf8
[  422.714980][  T464]  ? __x64_compat_sys_ia32_mmap+0x37/0x37
[  422.717597][  T464]  ? __might_fault+0x11c/0x148
[  422.720096][  T464]  __ia32_compat_sys_ia32_clone+0xd3/0xde
[  422.722769][  T464]  ia32_sys_call+0x1ab1/0x269e
[  422.726198][  T464]  __do_fast_syscall_32+0xb5/0xda
[  422.738822][  T464]  do_fast_syscall_32+0x37/0x6d
[  422.741915][  T464]  do_SYSENTER_32+0x23/0x25
[  422.744659][  T464]  entry_SYSENTER_compat_after_hwframe+0x58/0x5f
[  422.758647][  T464] RIP: 0023:0xf7fb5579
[  422.761024][  T464] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.776069][  T464] RSP: 002b:00000000ffa76d30 EFLAGS: 00000282 ORIG_RAX: 0000000000000078
[  422.790522][  T464] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[  422.794043][  T464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7fae2a8
[  422.798714][  T464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.802140][  T464] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  422.805348][  T464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.818930][  T464]  </TASK>
[  422.821404][  T464] Modules linked in:
[  422.832840][  T464] ---[ end trace 0000000000000000 ]---
[  422.993084][  T464] RIP: 0010:__down_read_trylock+0x9f/0x296
[  422.998254][  T464] Code: 10 07 39 8a e8 87 df 46 00 83 3d f6 ab f4 08 00 0f 85 38 01 00 00 4c 8d 73 68 b8 ff ff 37 00 4c 89 f2 48 c1 e0 2a 48 c1 ea 03 <80> 3c 02 00 74 08 4c 89 f7 e8 72 df 46 00 48 39 5b 68 0f 84 0c 01
[  423.013857][  T464] RSP: 0018:ffffc900046cf0a8 EFLAGS: 00010206
[  423.020790][  T464] RAX: dffffc0000000000 RBX: 0000000000000070 RCX: 1ffffffff14720e2
[  423.028498][  T464] RDX: 000000000000001b RSI: 000000000000000a RDI: 0000000000000070
[  423.036152][  T464] RBP: ffffc900046cf120 R08: 0000000000000008 R09: 0000000000000000
[  423.046415][  T464] R10: fffffbfff1471e8b R11: ffffffff815ab3fc R12: ffffc900046cf0f8
[  423.054932][  T464] R13: 1ffff920008d9e17 R14: 00000000000000d8 R15: 0000000000000000
[  423.063816][  T464] FS:  0000000000000000(0000) GS:ffff8884242eb000(0063) knlGS:00000000f7fae240
[  423.076027][  T464] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  423.087121][  T464] CR2: 00000000f7fc4574 CR3: 000000014cf1b000 CR4: 00000000000406f0
[  423.096316][  T464] Kernel panic - not syncing: Fatal exception
[  423.102733][  T464] Kernel Offset: disabled


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250613/202506131711.5b41931c-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ