lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202511041306.c42f7162-lkp@intel.com>
Date: Tue, 4 Nov 2025 14:04:24 +0800
From: kernel test robot <oliver.sang@...el.com>
To: "Paul E. McKenney" <paulmck@...nel.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
	<oliver.sang@...el.com>
Subject: [paulmckrcu:dev.2025.10.30a] [rcutorture]  ab3482dc2a:
 Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]KASAN


hi, Paul,

we noticed there are fixup! commit for this change in newer branches
"dev.2025.10.31a" and "dev.2025.11.01a".

if issue in below report is already captured and fixed, please just ignore this
report. thanks!


Hello,

kernel test robot noticed "Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]KASAN" on:

commit: ab3482dc2af45fa97143131e0e03e73e18e8fffa ("rcutorture: Make srcu{,d}_torture_init() announce the SRCU type")
https://github.com/paulmckrcu/linux dev.2025.10.30a

in testcase: rcutorture
version: 
with following parameters:

	runtime: 300s
	test: default
	torture_type: srcud



config: x86_64-randconfig-101-20251101
compiler: clang-20
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202511041306.c42f7162-lkp@intel.com


[   85.244843][  T376] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] KASAN
[   85.245696][  T376] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   85.246346][  T376] CPU: 0 UID: 0 PID: 376 Comm: rcu_torture_fak Tainted: G                T   6.17.0-rc1-00079-gab3482dc2af4 #1 PREEMPT(voluntary)  5c143d583914383a8f9ea9c18b817a947366c659
[   85.247433][  T376] Tainted: [T]=RANDSTRUCT
[   85.247685][  T376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.248336][  T376] RIP: 0010:call_srcu (kbuild/src/consumer/kernel/rcu/srcutiny.c:211 (discriminator 1792))
[   85.248645][  T376] Code: 43 e8 c1 4d 13 00 4d 8d 7c 24 70 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 87 54 2d 00 4d 8b 27 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 e7 e8 0f 55 2d 00 4d 89 34 24 4d 89 37 e8
All code
========
   0:	43 e8 c1 4d 13 00    	rex.XB call 0x134dc7
   6:	4d 8d 7c 24 70       	lea    0x70(%r12),%r15
   b:	4c 89 f8             	mov    %r15,%rax
   e:	48 c1 e8 03          	shr    $0x3,%rax
  12:	80 3c 18 00          	cmpb   $0x0,(%rax,%rbx,1)
  16:	74 08                	je     0x20
  18:	4c 89 ff             	mov    %r15,%rdi
  1b:	e8 87 54 2d 00       	call   0x2d54a7
  20:	4d 8b 27             	mov    (%r15),%r12
  23:	4c 89 e0             	mov    %r12,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
  2a:*	80 3c 18 00          	cmpb   $0x0,(%rax,%rbx,1)		<-- trapping instruction
  2e:	74 08                	je     0x38
  30:	4c 89 e7             	mov    %r12,%rdi
  33:	e8 0f 55 2d 00       	call   0x2d5547
  38:	4d 89 34 24          	mov    %r14,(%r12)
  3c:	4d 89 37             	mov    %r14,(%r15)
  3f:	e8                   	.byte 0xe8

Code starting with the faulting instruction
===========================================
   0:	80 3c 18 00          	cmpb   $0x0,(%rax,%rbx,1)
   4:	74 08                	je     0xe
   6:	4c 89 e7             	mov    %r12,%rdi
   9:	e8 0f 55 2d 00       	call   0x2d551d
   e:	4d 89 34 24          	mov    %r14,(%r12)
  12:	4d 89 37             	mov    %r14,(%r15)
  15:	e8                   	.byte 0xe8
[   85.249962][  T376] RSP: 0000:ffff88813023fd28 EFLAGS: 00010046
[   85.250399][  T376] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: dffffc0000000000
[   85.250914][  T376] RDX: ffffffff852cf470 RSI: ffffffff852d613b RDI: ffffffff852d5d8f
[   85.251426][  T376] RBP: ffff88813023fd68 R08: 0000000000000002 R09: 0000000000000000
[   85.251888][  T376] R10: 00000000a56728a8 R11: 000000005e2747a1 R12: 0000000000000000
[   85.252406][  T376] R13: 0000000000000246 R14: ffff88813023fd78 R15: ffffffffc0183310
[   85.252874][  T376] FS:  0000000000000000(0000) GS:0000000000000000(0000) knlGS:0000000000000000
[   85.253484][  T376] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.253976][  T376] CR2: 0000562ce1691468 CR3: 000000014ad8a000 CR4: 00000000000406b0
[   85.254529][  T376] Call Trace:
[   85.254754][  T376]  <TASK>
[   85.254937][  T376]  synchronize_srcu (kbuild/src/consumer/kernel/rcu/srcutiny.c:241)
[   85.255283][  T376]  ? rcu_read_lock_any_held (kbuild/src/consumer/kernel/rcu/update.c:403)
[   85.255601][  T376] srcu_torture_synchronize_expedited (kbuild/src/consumer/kernel/rcu/rcutorture.c:889) rcutorture
[   85.256310][  T376] rcu_torture_fakewriter (kbuild/src/consumer/kernel/rcu/rcutorture.c:1903) rcutorture


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20251104/202511041306.c42f7162-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ