[tip:locking/urgent] [jump_label] de752774f3: kernel_BUG_at_arch/x86/kernel/jump_label.c
From: kernel test robot
Date: Sun Sep 08 2024 - 09:07:19 EST
Hello,
kernel test robot noticed "kernel_BUG_at_arch/x86/kernel/jump_label.c" on:
commit: de752774f38bb766941ed1bf910ba5a9f6cc6bf7 ("jump_label: Fix static_key_slow_dec() yet again")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git locking/urgent
in testcase: boot
compiler: clang-18
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+--------------------------------------------+------------+------------+
| | fe513c2ef0 | de752774f3 |
+--------------------------------------------+------------+------------+
| boot_successes | 12 | 0 |
| boot_failures | 0 | 12 |
| kernel_BUG_at_arch/x86/kernel/jump_label.c | 0 | 12 |
| Oops:invalid_opcode:#[##]SMP_PTI | 0 | 12 |
| RIP:__jump_label_patch | 0 | 12 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 12 |
+--------------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202409082005.393050e2-oliver.sang@xxxxxxxxx
[ 30.932699][ T61] ------------[ cut here ]------------
[ 30.933988][ T61] kernel BUG at arch/x86/kernel/jump_label.c:73!
[ 30.935400][ T61] Oops: invalid opcode: 0000 [#1] SMP PTI
[ 30.936825][ T61] CPU: 0 UID: 0 PID: 61 Comm: kworker/0:2 Not tainted 6.11.0-rc3-00004-gde752774f38b #9
[ 30.938908][ T61] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 30.941185][ T61] Workqueue: cgroup_destroy css_free_rwork_fn
[ 30.942549][ T61] RIP: 0010:__jump_label_patch (arch/x86/kernel/jump_label.c:73)
[ 30.943854][ T61] Code: cc cc cc cc cc e8 de 44 f5 00 48 c7 c7 a5 22 44 89 4c 89 f6 4c 89 f2 4c 89 f1 4d 89 e0 41 89 e9 53 e8 72 7f f4 00 48 83 c4 08 <0f> 0b 0f 0b 0f 0b 0f 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90
All code
========
0: cc int3
1: cc int3
2: cc int3
3: cc int3
4: cc int3
5: e8 de 44 f5 00 callq 0xf544e8
a: 48 c7 c7 a5 22 44 89 mov $0xffffffff894422a5,%rdi
11: 4c 89 f6 mov %r14,%rsi
14: 4c 89 f2 mov %r14,%rdx
17: 4c 89 f1 mov %r14,%rcx
1a: 4d 89 e0 mov %r12,%r8
1d: 41 89 e9 mov %ebp,%r9d
20: 53 push %rbx
21: e8 72 7f f4 00 callq 0xf47f98
26: 48 83 c4 08 add $0x8,%rsp
2a:* 0f 0b ud2 <-- trapping instruction
2c: 0f 0b ud2
2e: 0f 0b ud2
30: 0f 0b ud2
32: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
38: 90 nop
39: 90 nop
3a: 90 nop
3b: 90 nop
3c: 90 nop
3d: 90 nop
3e: 90 nop
3f: 90 nop
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 0f 0b ud2
4: 0f 0b ud2
6: 0f 0b ud2
8: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
e: 90 nop
f: 90 nop
10: 90 nop
11: 90 nop
12: 90 nop
13: 90 nop
14: 90 nop
15: 90 nop
[ 30.948232][ T61] RSP: 0018:ffff9ca6001f7cf8 EFLAGS: 00010282
[ 30.949577][ T61] RAX: 0000000000000090 RBX: 0000000000000001 RCX: 373e749642a76800
[ 30.951426][ T61] RDX: ffff8f8d6fc2e100 RSI: ffff8f8d6fc20b88 RDI: ffff8f8d6fc20b88
[ 30.953270][ T61] RBP: 0000000000000002 R08: 0000000000007fff R09: ffffffff89653620
[ 30.955116][ T61] R10: 0000000000017ffd R11: 0000000000000004 R12: ffffffff88e02ee1
[ 30.956953][ T61] R13: ffffffff88e02ee1 R14: ffffffff87ff0855 R15: ffffffff8a4bd53a
[ 30.958780][ T61] FS: 0000000000000000(0000) GS:ffff8f8d6fc00000(0000) knlGS:0000000000000000
[ 30.961357][ T61] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.962842][ T61] CR2: 00007f73b3af0660 CR3: 000000010098c000 CR4: 00000000000406f0
[ 30.964667][ T61] Call Trace:
[ 30.965625][ T61] <TASK>
[ 30.966403][ T61] ? __die_body (arch/x86/kernel/dumpstack.c:421)
[ 30.967440][ T61] ? die (arch/x86/kernel/dumpstack.c:? arch/x86/kernel/dumpstack.c:447)
[ 30.968374][ T61] ? do_trap (arch/x86/kernel/traps.c:129 arch/x86/kernel/traps.c:155)
[ 30.969404][ T61] ? __jump_label_patch (arch/x86/kernel/jump_label.c:73)
[ 30.970605][ T61] ? __jump_label_patch (arch/x86/kernel/jump_label.c:73)
[ 30.971801][ T61] ? handle_invalid_op (arch/x86/kernel/traps.c:175 arch/x86/kernel/traps.c:212)
[ 30.972977][ T61] ? __jump_label_patch (arch/x86/kernel/jump_label.c:73)
[ 30.974314][ T61] ? exc_invalid_op (arch/x86/kernel/traps.c:267)
[ 30.982068][ T61] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 30.983273][ T61] ? mem_cgroup_sk_alloc (arch/x86/include/asm/jump_label.h:27 mm/memcontrol.c:4783)
[ 30.984463][ T61] ? __jump_label_patch (arch/x86/kernel/jump_label.c:73)
[ 30.985683][ T61] ? mem_cgroup_sk_alloc (arch/x86/include/asm/jump_label.h:27 mm/memcontrol.c:4783)
[ 30.986825][ T61] ? mem_cgroup_sk_alloc (mm/memcontrol.c:4787)
[ 30.988009][ T61] ? mem_cgroup_sk_alloc (mm/memcontrol.c:4800)
[ 30.989188][ T61] arch_jump_label_transform_queue (include/linux/jump_label.h:125 arch/x86/kernel/jump_label.c:138)
[ 30.990552][ T61] __jump_label_update (kernel/jump_label.c:518)
[ 30.991727][ T61] __static_key_slow_dec_cpuslocked (include/linux/mutex.h:196 kernel/jump_label.c:321)
[ 30.991734][ T61] static_key_slow_dec (kernel/jump_label.c:327 kernel/jump_label.c:341)
[ 30.991737][ T61] mem_cgroup_css_free (arch/x86/include/asm/jump_label.h:27 mm/memcontrol.c:3739)
[ 30.991743][ T61] css_free_rwork_fn (kernel/cgroup/cgroup.c:5378)
[ 30.991747][ T61] process_scheduled_works (kernel/workqueue.c:3236 kernel/workqueue.c:3312)
[ 30.991752][ T61] worker_thread (include/linux/list.h:373 kernel/workqueue.c:948 kernel/workqueue.c:3391)
[ 30.991757][ T61] ? __pfx_worker_thread (kernel/workqueue.c:3339)
[ 30.991760][ T61] kthread (kernel/kthread.c:391)
[ 30.991766][ T61] ? __pfx_kthread (kernel/kthread.c:342)
[ 30.991770][ T61] ret_from_fork (arch/x86/kernel/process.c:153)
[ 30.991774][ T61] ? __pfx_kthread (kernel/kthread.c:342)
[ 30.991777][ T61] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)
[ 30.991782][ T61] </TASK>
[ 30.991783][ T61] Modules linked in: drm fuse loop dm_mod ip_tables
[ 30.991815][ T61] ---[ end trace 0000000000000000 ]---
[ 30.991818][ T61] RIP: 0010:__jump_label_patch (arch/x86/kernel/jump_label.c:73)
[ 30.991823][ T61] Code: cc cc cc cc cc e8 de 44 f5 00 48 c7 c7 a5 22 44 89 4c 89 f6 4c 89 f2 4c 89 f1 4d 89 e0 41 89 e9 53 e8 72 7f f4 00 48 83 c4 08 <0f> 0b 0f 0b 0f 0b 0f 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90
All code
========
0: cc int3
1: cc int3
2: cc int3
3: cc int3
4: cc int3
5: e8 de 44 f5 00 callq 0xf544e8
a: 48 c7 c7 a5 22 44 89 mov $0xffffffff894422a5,%rdi
11: 4c 89 f6 mov %r14,%rsi
14: 4c 89 f2 mov %r14,%rdx
17: 4c 89 f1 mov %r14,%rcx
1a: 4d 89 e0 mov %r12,%r8
1d: 41 89 e9 mov %ebp,%r9d
20: 53 push %rbx
21: e8 72 7f f4 00 callq 0xf47f98
26: 48 83 c4 08 add $0x8,%rsp
2a:* 0f 0b ud2 <-- trapping instruction
2c: 0f 0b ud2
2e: 0f 0b ud2
30: 0f 0b ud2
32: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
38: 90 nop
39: 90 nop
3a: 90 nop
3b: 90 nop
3c: 90 nop
3d: 90 nop
3e: 90 nop
3f: 90 nop
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 0f 0b ud2
4: 0f 0b ud2
6: 0f 0b ud2
8: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
e: 90 nop
f: 90 nop
10: 90 nop
11: 90 nop
12: 90 nop
13: 90 nop
14: 90 nop
15: 90 nop
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240908/202409082005.393050e2-oliver.sang@xxxxxxxxx
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki