[linux-next:master] [mm/mremap] c1cda7af3f: Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]PREEMPT_SMP_KASAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hello,

kernel test robot noticed "Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]PREEMPT_SMP_KASAN" on:

commit: c1cda7af3fc96879b4b2d217b1e8a4ab5fa70df5 ("mm/mremap: introduce and use vma_remap_struct threaded state")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

[test failed on linux-next/master 0a2f889128969dab41861b6e40111aa03dc57014]

in testcase: trinity
version: trinity-x86_64-ba2360ed-1_20241228
with following parameters:

	runtime: 300s
	group: group-01
	nr_groups: 5



config: x86_64-randconfig-161-20250305
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202503101328.442cc724-lkp@xxxxxxxxx


[  386.012648][T30778] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] PREEMPT SMP KASAN
[  386.013652][T30778] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]
[  386.014339][T30778] CPU: 0 UID: 65534 PID: 30778 Comm: trinity-c2 Not tainted 6.14.0-rc3-00386-gc1cda7af3fc9 #1 678ccffbca77f1cea62114cb252a9002fbee4b41
[  386.015339][T30778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[386.016126][T30778] RIP: 0010:resize_is_valid (kbuild/src/consumer/mm/mremap.c:1010 (discriminator 1)) 
[ 386.016591][T30778] Code: 00 74 05 e8 7d 4a 07 00 4d 85 ff 4c 8b 73 10 0f 85 f2 00 00 00 49 8d 7c 24 20 b8 ff ff 37 00 48 c1 e0 2a 48 89 fa 48 c1 ea 03 <80> 3c 02 00 74 05 e8 50 4a 07 00 41 f6 44 24 20 88 75 6a 80 3d b4
All code
========
   0:	00 74 05 e8          	add    %dh,-0x18(%rbp,%rax,1)
   4:	7d 4a                	jge    0x50
   6:	07                   	(bad)
   7:	00 4d 85             	add    %cl,-0x7b(%rbp)
   a:	ff 4c 8b 73          	decl   0x73(%rbx,%rcx,4)
   e:	10 0f                	adc    %cl,(%rdi)
  10:	85 f2                	test   %esi,%edx
  12:	00 00                	add    %al,(%rax)
  14:	00 49 8d             	add    %cl,-0x73(%rcx)
  17:	7c 24                	jl     0x3d
  19:	20 b8 ff ff 37 00    	and    %bh,0x37ffff(%rax)
  1f:	48 c1 e0 2a          	shl    $0x2a,%rax
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
  2a:*	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)		<-- trapping instruction
  2e:	74 05                	je     0x35
  30:	e8 50 4a 07 00       	call   0x74a85
  35:	41 f6 44 24 20 88    	testb  $0x88,0x20(%r12)
  3b:	75 6a                	jne    0xa7
  3d:	80                   	.byte 0x80
  3e:	3d                   	.byte 0x3d
  3f:	b4                   	.byte 0xb4

Code starting with the faulting instruction
===========================================
   0:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   4:	74 05                	je     0xb
   6:	e8 50 4a 07 00       	call   0x74a5b
   b:	41 f6 44 24 20 88    	testb  $0x88,0x20(%r12)
  11:	75 6a                	jne    0x7d
  13:	80                   	.byte 0x80
  14:	3d                   	.byte 0x3d
  15:	b4                   	.byte 0xb4
[  386.018009][T30778] RSP: 0018:ffffc900088f7a78 EFLAGS: 00010202
[  386.018494][T30778] RAX: dffffc0000000000 RBX: ffffc900088f7c08 RCX: 1ffff9200111ef89
[  386.019127][T30778] RDX: 0000000000000004 RSI: ffffffff848b6760 RDI: 0000000000000020
[  386.019764][T30778] RBP: ffffc900088f7aa8 R08: fffffbfff105c033 R09: 0000000000000000
[  386.020395][T30778] R10: ffffffff8146f920 R11: fffffbfff105c032 R12: 0000000000000000
[  386.021032][T30778] R13: 0000000000400000 R14: 0000000000001000 R15: 0000000000000000
[  386.021676][T30778] FS:  00007f012ebf1740(0000) GS:ffff8883aec00000(0000) knlGS:0000000000000000
[  386.022767][T30778] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  386.023585][T30778] CR2: 00007f012e8a2efc CR3: 0000000102319000 CR4: 00000000000406b0
[  386.024598][T30778] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  386.025614][T30778] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  386.026665][T30778] Call Trace:
[  386.027160][T30778]  <TASK>
[386.027624][T30778] ? show_regs (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:479) 
[386.028222][T30778] ? __die_body (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:421) 
[386.028816][T30778] ? die_addr (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:455) 
[386.029399][T30778] ? exc_general_protection (kbuild/src/consumer/arch/x86/kernel/traps.c:751 kbuild/src/consumer/arch/x86/kernel/traps.c:693) 


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250310/202503101328.442cc724-lkp@xxxxxxxxx



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux