Hello,
kernel test robot noticed "kernel_BUG_at_include/linux/page-flags.h" on:
commit: 0e654ac65afb5559d9d61edc47082af601a81878 ("mm: add PageAnonNotKsm()")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master
[test failed on linux-next/master 58ca61c1a866bfdaa5e19fb19a2416764f847d75]
in testcase: boot
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202410071738.73daae42-lkp@xxxxxxxxx
[ 21.471410][ T1] ------------[ cut here ]------------
[ 21.471807][ T1] kernel BUG at include/linux/page-flags.h:1139!
[ 21.472273][ T1] Oops: invalid opcode: 0000 [#1] KASAN
[ 21.472695][ T1] CPU: 0 UID: 0 PID: 1 Comm: swapper Not tainted 6.12.0-rc1-00086-g0e654ac65afb #1
[ 21.473367][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 21.474104][ T1] RIP: 0010:folio_add_new_anon_rmap (include/linux/page-flags.h:1139 mm/rmap.c:1442)
[ 21.474549][ T1] Code: 08 00 00 4c 8b 63 48 41 f6 c4 01 0f 84 87 f9 ff ff 49 83 ec 01 e9 81 f9 ff ff 48 c7 c6 e0 2c 0f 89 48 89 df e8 37 71 f9 ff 90 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 80 3c 02
All code
========
0: 08 00 or %al,(%rax)
2: 00 4c 8b 63 add %cl,0x63(%rbx,%rcx,4)
6: 48 rex.W
7: 41 f6 c4 01 test $0x1,%r12b
b: 0f 84 87 f9 ff ff je 0xfffffffffffff998
11: 49 83 ec 01 sub $0x1,%r12
15: e9 81 f9 ff ff jmp 0xfffffffffffff99b
1a: 48 c7 c6 e0 2c 0f 89 mov $0xffffffff890f2ce0,%rsi
21: 48 89 df mov %rbx,%rdi
24: e8 37 71 f9 ff call 0xfffffffffff97160
29: 90 nop
2a:* 0f 0b ud2 <-- trapping instruction
2c: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
33: fc ff df
36: 48 89 da mov %rbx,%rdx
39: 48 c1 ea 03 shr $0x3,%rdx
3d: 80 .byte 0x80
3e: 3c 02 cmp $0x2,%al
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
9: fc ff df
c: 48 89 da mov %rbx,%rdx
f: 48 c1 ea 03 shr $0x3,%rdx
13: 80 .byte 0x80
14: 3c 02 cmp $0x2,%al
[ 21.475889][ T1] RSP: 0000:ffff888103277930 EFLAGS: 00010246
[ 21.476304][ T1] RAX: 0000000000000000 RBX: ffffea000928ffc0 RCX: 0000000000000000
[ 21.476840][ T1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 21.477379][ T1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 21.477894][ T1] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea000928ffc0
[ 21.478424][ T1] R13: ffffea000928ffc0 R14: 0000000000000001 R15: ffffea000928fff0
[ 21.478968][ T1] FS: 0000000000000000(0000) GS:ffffffff89ca3000(0000) knlGS:0000000000000000
[ 21.479551][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 21.479997][ T1] CR2: ffff88843ffff000 CR3: 000000024a47d000 CR4: 00000000000406f0
[ 21.480530][ T1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 21.481084][ T1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 21.481626][ T1] Call Trace:
[ 21.481864][ T1] <TASK>
[ 21.482069][ T1] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447)
[ 21.482358][ T1] ? do_trap (arch/x86/kernel/traps.c:156 arch/x86/kernel/traps.c:197)
[ 21.482675][ T1] ? folio_add_new_anon_rmap (include/linux/page-flags.h:1139 mm/rmap.c:1442)
[ 21.483116][ T1] ? do_error_trap (arch/x86/include/asm/traps.h:58 arch/x86/kernel/traps.c:218)
[ 21.483472][ T1] ? folio_add_new_anon_rmap (include/linux/page-flags.h:1139 mm/rmap.c:1442)
[ 21.483908][ T1] ? handle_invalid_op (arch/x86/kernel/traps.c:256)
[ 21.484289][ T1] ? folio_add_new_anon_rmap (include/linux/page-flags.h:1139 mm/rmap.c:1442)
[ 21.484736][ T1] ? exc_invalid_op (arch/x86/kernel/traps.c:315)
[ 21.485107][ T1] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 21.485513][ T1] ? folio_add_new_anon_rmap (include/linux/page-flags.h:1139 mm/rmap.c:1442)
[ 21.485958][ T1] do_anonymous_page (mm/memory.c:4842)
[ 21.486342][ T1] handle_pte_fault (mm/memory.c:5778)
[ 21.486697][ T1] ? do_pte_missing (mm/memory.c:5735)
[ 21.487066][ T1] ? _raw_spin_unlock (arch/x86/include/asm/preempt.h:84 include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186)
[ 21.487422][ T1] ? __pmd_alloc (mm/memory.c:6355)
[ 21.487728][ T1] __handle_mm_fault (mm/memory.c:5921)
[ 21.488063][ T1] ? mt_find (lib/maple_tree.c:6946)
[ 21.488358][ T1] ? handle_pte_fault (mm/memory.c:5830)
[ 21.488706][ T1] handle_mm_fault (mm/memory.c:6089)
[ 21.489028][ T1] faultin_page (mm/gup.c:1189 (discriminator 2))
[ 21.489334][ T1] __get_user_pages (mm/gup.c:1487)
[ 21.489666][ T1] ? follow_pmd_mask+0x360/0x360
[ 21.490114][ T1] ? lock_acquire (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5827 kernel/locking/lockdep.c:5790)
[ 21.490430][ T1] ? get_arg_page (arch/x86/include/asm/atomic.h:23 include/linux/atomic/atomic-arch-fallback.h:457 include/linux/jump_label.h:261 include/linux/jump_label.h:273 include/linux/mmap_lock.h:35 include/linux/mmap_lock.h:145 fs/exec.c:219)
[ 21.490738][ T1] get_user_pages_remote (mm/gup.c:1753 mm/gup.c:2618)
[ 21.491101][ T1] ? __get_user_pages (mm/gup.c:2611)
[ 21.491435][ T1] get_arg_page (arch/x86/include/asm/atomic.h:23 include/linux/atomic/atomic-arch-fallback.h:457 include/linux/jump_label.h:261 include/linux/jump_label.h:273 include/linux/mmap_lock.h:41 include/linux/mmap_lock.h:170 fs/exec.c:228)
[ 21.491735][ T1] ? get_user_arg_ptr+0x70/0x70
[ 21.492098][ T1] ? __bprm_mm_init (fs/exec.c:295)
[ 21.492447][ T1] copy_string_kernel (fs/exec.c:685)
[ 21.492792][ T1] kernel_execve (fs/exec.c:2000)
[ 21.493115][ T1] ? rest_init (init/main.c:1461)
[ 21.493425][ T1] kernel_init (init/main.c:1496)
[ 21.493730][ T1] ? _raw_spin_unlock_irq (arch/x86/include/asm/irqflags.h:42 arch/x86/include/asm/irqflags.h:97 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:202)
[ 21.494087][ T1] ret_from_fork (arch/x86/kernel/process.c:153)
[ 21.494419][ T1] ? rest_init (init/main.c:1461)
[ 21.494732][ T1] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)
[ 21.495085][ T1] </TASK>
[ 21.495305][ T1] Modules linked in:
[ 21.495604][ T1] ---[ end trace 0000000000000000 ]---
[ 21.495969][ T1] RIP: 0010:folio_add_new_anon_rmap (include/linux/page-flags.h:1139 mm/rmap.c:1442)
[ 21.496431][ T1] Code: 08 00 00 4c 8b 63 48 41 f6 c4 01 0f 84 87 f9 ff ff 49 83 ec 01 e9 81 f9 ff ff 48 c7 c6 e0 2c 0f 89 48 89 df e8 37 71 f9 ff 90 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 80 3c 02
All code
========
0: 08 00 or %al,(%rax)
2: 00 4c 8b 63 add %cl,0x63(%rbx,%rcx,4)
6: 48 rex.W
7: 41 f6 c4 01 test $0x1,%r12b
b: 0f 84 87 f9 ff ff je 0xfffffffffffff998
11: 49 83 ec 01 sub $0x1,%r12
15: e9 81 f9 ff ff jmp 0xfffffffffffff99b
1a: 48 c7 c6 e0 2c 0f 89 mov $0xffffffff890f2ce0,%rsi
21: 48 89 df mov %rbx,%rdi
24: e8 37 71 f9 ff call 0xfffffffffff97160
29: 90 nop
2a:* 0f 0b ud2 <-- trapping instruction
2c: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
33: fc ff df
36: 48 89 da mov %rbx,%rdx
39: 48 c1 ea 03 shr $0x3,%rdx
3d: 80 .byte 0x80
3e: 3c 02 cmp $0x2,%al
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
9: fc ff df
c: 48 89 da mov %rbx,%rdx
f: 48 c1 ea 03 shr $0x3,%rdx
13: 80 .byte 0x80
14: 3c 02 cmp $0x2,%al
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20241007/202410071738.73daae42-lkp@xxxxxxxxx
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
