Re: [v2 PATCH] mm: vma: skip anonymous vma when inserting vma to file rmap tree

From: kernel test robot
Date: Tue Mar 25 2025 - 04:41:33 EST

Next message: Johan Hovold: "Re: [PATCH] soc: qcom: pmic_glink_altmode: fix spurious DP hotplug events"
Previous message: Ingo Molnar: "Re: [PATCH] x86/alternatives: remove false sharing in poke_int3_handler()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi, Yang Shi,

just in case below report could supply any further useful information to you.

Hello,

kernel test robot noticed "Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]PREEMPT_SMP_KASAN_PTI" on:

commit: 13671c9499a4883f6bece7229463ff89a48709f6 ("[v2 PATCH] mm: vma: skip anonymous vma when inserting vma to file rmap tree")
url: https://github.com/intel-lab-lkp/linux/commits/Yang-Shi/mm-vma-skip-anonymous-vma-when-inserting-vma-to-file-rmap-tree/20250313-061727
base: v6.14-rc6
patch link: https://lore.kernel.org/all/20250312221521.1255690-1-yang@xxxxxxxxxxxxxxxxxxxxxx/
patch subject: [v2 PATCH] mm: vma: skip anonymous vma when inserting vma to file rmap tree

in testcase: ltp
version: ltp-x86_64-042eff32a-1_20250322
with following parameters:

disk: 1HDD
test: mm-00

config: x86_64-rhel-9.4-ltp
compiler: gcc-12
test machine: 8 threads 1 sockets Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz (Kaby Lake) with 32G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202503251554.34a0b29b-lkp@xxxxxxxxx

[ 557.087938][ T349] mmapstress10 0 TINFO : Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[ 557.087946][ T349]
[ 557.102809][ T3834] LTP: starting mmap10
[ 557.103401][ T349] mmapstress10 0 TINFO : Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[ 557.106782][ T349]
[ 557.119531][T141949] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
[ 557.121506][ T349] mmapstress10 0 TINFO : Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[ 557.132309][T141949] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 557.132314][T141949] CPU: 1 UID: 0 PID: 141949 Comm: mmap10 Tainted: G I 6.14.0-rc6-00001-g13671c9499a4 #1
[ 557.132319][T141949] Tainted: [I]=FIRMWARE_WORKAROUND
[ 557.143013][ T349]
[ 557.151409][T141949] Hardware name: Dell Inc. OptiPlex 7050/062KRH, BIOS 1.2.0 12/22/2016
[557.151411][T141949] RIP: 0010:__rb_insert_augmented (kbuild/src/consumer/lib/rbtree.c:115 kbuild/src/consumer/lib/rbtree.c:459)
[ 557.164270][ T349] mmapstress10 0 TINFO : Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[ 557.167616][T141949] Code: 00 48 89 da 48 c1 ea 03 80 3c 02 00 0f 85 a0 05 00 00 48 8b 2b 40 f6 c5 01 0f 85 44 05 00 00 48 8d 55 08 48 89 d1 48 c1 e9 03 <80> 3c 01 00 0f 85 94 05 00 00 4c 8b 6d 08 49 39 dd 0f 84 7f 01 00
All code
========
0: 00 48 89 add %cl,-0x77(%rax)
3: da 48 c1 fimull -0x3f(%rax)
6: ea (bad)
7: 03 80 3c 02 00 0f add 0xf00023c(%rax),%eax
d: 85 a0 05 00 00 48 test %esp,0x48000005(%rax)
13: 8b 2b mov (%rbx),%ebp
15: 40 f6 c5 01 test $0x1,%bpl
19: 0f 85 44 05 00 00 jne 0x563
1f: 48 8d 55 08 lea 0x8(%rbp),%rdx
23: 48 89 d1 mov %rdx,%rcx
26: 48 c1 e9 03 shr $0x3,%rcx
2a:* 80 3c 01 00 cmpb $0x0,(%rcx,%rax,1) <-- trapping instruction
2e: 0f 85 94 05 00 00 jne 0x5c8
34: 4c 8b 6d 08 mov 0x8(%rbp),%r13
38: 49 39 dd cmp %rbx,%r13
3b: 0f .byte 0xf
3c: 84 7f 01 test %bh,0x1(%rdi)
...

Code starting with the faulting instruction
===========================================
0: 80 3c 01 00 cmpb $0x0,(%rcx,%rax,1)
4: 0f 85 94 05 00 00 jne 0x59e
a: 4c 8b 6d 08 mov 0x8(%rbp),%r13
e: 49 39 dd cmp %rbx,%r13
11: 0f .byte 0xf
12: 84 7f 01 test %bh,0x1(%rdi)
...
[ 557.167620][T141949] RSP: 0018:ffffc9002edff800 EFLAGS: 00010202
[ 557.169827][ T349]
[ 557.178054][T141949] RAX: dffffc0000000000 RBX: ffff88810b878308 RCX: 0000000000000001
[ 557.178057][T141949] RDX: 0000000000000008 RSI: ffff8881051ec2f0 RDI: ffff8887de397c58
[ 557.178059][T141949] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1020a3d868
[ 557.178061][T141949] R10: ffff8881051ec347 R11: ffff8887de397c20 R12: ffff8887de397c58
[ 557.185709][ T349] mmapstress10 0 TINFO : Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[ 557.194702][T141949] R13: ffff8881051ec2a8 R14: ffffffff81c1fa50 R15: ffff8881051ec2f0
[ 557.194704][T141949] FS: 00007f318f741740(0000) GS:ffff888759880000(0000) knlGS:0000000000000000
[ 557.194707][T141949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 557.214407][ T349]
[ 557.220440][T141949] CR2: 00007f318f917710 CR3: 000000015f928002 CR4: 00000000003726f0
[ 557.220442][T141949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 557.220444][T141949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 557.220445][T141949] Call Trace:
[ 557.220447][T141949] <TASK>
[ 557.224320][ T349] mmapstress10 0 TINFO : Using /tmp/ltp-2cGaEA7GG8/LTP_mmaUxM2MU as tmpdir (tmpfs filesystem)
[557.230618][T141949] ? die_addr (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:421 kbuild/src/consumer/arch/x86/kernel/dumpstack.c:460)
[557.230624][T141949] ? exc_general_protection (kbuild/src/consumer/arch/x86/kernel/traps.c:751 kbuild/src/consumer/arch/x86/kernel/traps.c:693)
[ 557.238606][ T349]

The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250325/202503251554.34a0b29b-lkp@xxxxxxxxx

--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Next message: Johan Hovold: "Re: [PATCH] soc: qcom: pmic_glink_altmode: fix spurious DP hotplug events"
Previous message: Ingo Molnar: "Re: [PATCH] x86/alternatives: remove false sharing in poke_int3_handler()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]