From: kernel test robot <oliver.sang@intel.com>
To: Jan Kara <jack@suse.cz>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>, <linux-mm@kvack.org>,
<ltp@lists.linux.it>, <linux-fsdevel@vger.kernel.org>,
Christian Brauner <brauner@kernel.org>,
Al Viro <viro@zeniv.linux.org.uk>, <linux-ext4@vger.kernel.org>,
Ted Tso <tytso@mit.edu>,
"Tigran A. Aivazian" <aivazian.tigran@gmail.com>,
David Sterba <dsterba@suse.com>,
OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>,
Muchun Song <muchun.song@linux.dev>,
"Oscar Salvador" <osalvador@suse.de>,
David Hildenbrand <david@kernel.org>, <linux-aio@kvack.org>,
Benjamin LaHaise <bcrl@kvack.org>, Jan Kara <jack@suse.cz>,
<oliver.sang@intel.com>
Subject: Re: [PATCH 12/32] hugetlbfs: Stop using i_private_data
Date: Tue, 10 Mar 2026 15:24:00 +0800 [thread overview]
Message-ID: <202603101532.fecbeae3-lkp@intel.com> (raw)
In-Reply-To: <20260303103406.4355-44-jack@suse.cz>
Hello,
kernel test robot noticed "BUG:KASAN:wild-memory-access_in_raw_spin_lock" on:
commit: 75576f3c4ced72ab572ee9275b464cd79763fd85 ("[PATCH 12/32] hugetlbfs: Stop using i_private_data")
url: https://github.com/intel-lab-lkp/linux/commits/Jan-Kara/fat-Sync-and-invalidate-metadata-buffers-from-fat_evict_inode/20260303-183910
base: https://git.kernel.org/cgit/linux/kernel/git/vfs/vfs.git vfs.all
patch link: https://lore.kernel.org/all/20260303103406.4355-44-jack@suse.cz/
patch subject: [PATCH 12/32] hugetlbfs: Stop using i_private_data
in testcase: ltp
version:
with following parameters:
test: hugetlb
config: x86_64-rhel-9.4-ltp
compiler: gcc-14
test machine: 8 threads 1 sockets Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz (Kaby Lake) with 32G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202603101532.fecbeae3-lkp@intel.com
[ 270.445802][ T4529] BUG: KASAN: wild-memory-access in _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.453010][ T4529] Write of size 4 at addr ccccccccccccccd0 by task hugefallocate01/4529
[ 270.461165][ T4529]
[ 270.463347][ T4529] CPU: 2 UID: 0 PID: 4529 Comm: hugefallocate01 Tainted: G S I 7.0.0-rc1-00214-g75576f3c4ced #1 PREEMPT(lazy)
[ 270.463352][ T4529] Tainted: [S]=CPU_OUT_OF_SPEC, [I]=FIRMWARE_WORKAROUND
[ 270.463353][ T4529] Hardware name: Dell Inc. OptiPlex 7050/062KRH, BIOS 1.2.0 12/22/2016
[ 270.463355][ T4529] Call Trace:
[ 270.463356][ T4529] <TASK>
[ 270.463358][ T4529] dump_stack_lvl (lib/dump_stack.c:122)
[ 270.463362][ T4529] ? _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.463365][ T4529] kasan_report (mm/kasan/report.c:597)
[ 270.463369][ T4529] ? _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.463372][ T4529] kasan_check_range (mm/kasan/generic.c:186 (discriminator 1) mm/kasan/generic.c:200 (discriminator 1))
[ 270.463374][ T4529] _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.463377][ T4529] ? __pfx__raw_spin_lock (kernel/locking/spinlock.c:153)
[ 270.463380][ T4529] ? filemap_get_folios_tag (include/linux/pagevec.h:56 mm/filemap.c:2359)
[ 270.463384][ T4529] region_del (mm/hugetlb.c:864)
[ 270.463387][ T4529] hugetlb_unreserve_pages (mm/hugetlb.c:6757)
[ 270.463390][ T4529] remove_inode_hugepages (fs/hugetlbfs/inode.c:616)
[ 270.463394][ T4529] ? __pfx_remove_inode_hugepages (fs/hugetlbfs/inode.c:579)
[ 270.463398][ T4529] ? stack_trace_save (kernel/stacktrace.c:123)
[ 270.463403][ T4529] ? __pfx_stack_trace_save (kernel/stacktrace.c:114)
[ 270.463407][ T4529] ? stack_depot_save_flags (lib/stackdepot.c:667)
[ 270.463411][ T4529] ? kasan_save_stack (mm/kasan/common.c:59)
[ 270.463413][ T4529] ? kasan_save_stack (mm/kasan/common.c:58)
[ 270.463415][ T4529] ? kasan_record_aux_stack (mm/kasan/generic.c:556 (discriminator 1))
[ 270.463417][ T4529] ? __call_rcu_common+0xc9/0x970
[ 270.463421][ T4529] ? deactivate_locked_super (fs/super.c:476)
[ 270.463426][ T4529] ? cleanup_mnt (fs/namespace.c:227 fs/namespace.c:1313)
[ 270.463430][ T4529] ? inode_wait_for_writeback (arch/x86/include/asm/atomic.h:23 include/linux/atomic/atomic-arch-fallback.h:457 include/linux/atomic/atomic-instrumented.h:33 include/asm-generic/qspinlock.h:57 fs/fs-writeback.c:1598)
[ 270.463433][ T4529] ? __pfx_inode_wait_for_writeback (fs/fs-writeback.c:1594)
[ 270.463455][ T4529] ? __call_rcu_common+0xc9/0x970
[ 270.463458][ T4529] ? task_work_run (kernel/task_work.c:235)
[ 270.463460][ T4529] ? exit_to_user_mode_loop (include/linux/memcontrol.h:915 (discriminator 2) include/linux/resume_user_mode.h:59 (discriminator 2) kernel/entry/common.c:67 (discriminator 2) kernel/entry/common.c:98 (discriminator 2))
[ 270.463463][ T4529] ? do_syscall_64 (include/linux/irq-entry-common.h:226 include/linux/irq-entry-common.h:256 include/linux/entry-common.h:325 arch/x86/entry/syscall_64.c:100)
[ 270.463465][ T4529] ? entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 270.463468][ T4529] ? _raw_spin_lock (arch/x86/include/asm/atomic.h:107 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) include/asm-generic/qspinlock.h:111 (discriminator 4) include/linux/spinlock.h:187 (discriminator 4) include/linux/spinlock_api_smp.h:159 (discriminator 4) kernel/locking/spinlock.c:154 (discriminator 4))
[ 270.463483][ T4529] ? __pfx__raw_spin_lock (kernel/locking/spinlock.c:153)
[ 270.463486][ T4529] hugetlbfs_evict_inode (fs/hugetlbfs/inode.c:625 (discriminator 1))
[ 270.463489][ T4529] evict (fs/inode.c:849)
[ 270.463507][ T4529] ? __pfx_evict (fs/inode.c:822)
[ 270.463511][ T4529] ? __pfx__raw_spin_lock (kernel/locking/spinlock.c:153)
[ 270.463514][ T4529] ? _raw_spin_trylock (arch/x86/include/asm/atomic.h:107 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) include/asm-generic/qspinlock.h:97 (discriminator 4) include/linux/spinlock.h:193 (discriminator 4) include/linux/spinlock_api_smp.h:90 (discriminator 4) kernel/locking/spinlock.c:138 (discriminator 4))
[ 270.463517][ T4529] ? iput (fs/inode.c:1963 fs/inode.c:2012 fs/inode.c:1975)
[ 270.463519][ T4529] __dentry_kill (fs/dcache.c:673 (discriminator 51))
[ 270.463522][ T4529] finish_dput (fs/dcache.c:879)
[ 270.463525][ T4529] shrink_dcache_for_umount (fs/dcache.c:920 fs/dcache.c:1657 fs/dcache.c:1671)
[ 270.463528][ T4529] ? __pfx___call_rcu_common+0x10/0x10
[ 270.463531][ T4529] generic_shutdown_super (fs/super.c:625)
[ 270.463534][ T4529] kill_anon_super (fs/super.c:437 fs/super.c:1293)
[ 270.463536][ T4529] deactivate_locked_super (fs/super.c:437 fs/super.c:478)
[ 270.463538][ T4529] cleanup_mnt (fs/namespace.c:227 fs/namespace.c:1313)
[ 270.463540][ T4529] task_work_run (kernel/task_work.c:235)
[ 270.463543][ T4529] ? __pfx_task_work_run (kernel/task_work.c:201)
[ 270.463545][ T4529] ? __x64_sys_umount (fs/namespace.c:2065 fs/namespace.c:2070 fs/namespace.c:2068 fs/namespace.c:2068)
[ 270.463547][ T4529] exit_to_user_mode_loop (include/linux/memcontrol.h:915 (discriminator 2) include/linux/resume_user_mode.h:59 (discriminator 2) kernel/entry/common.c:67 (discriminator 2) kernel/entry/common.c:98 (discriminator 2))
[ 270.463550][ T4529] do_syscall_64 (include/linux/irq-entry-common.h:226 include/linux/irq-entry-common.h:256 include/linux/entry-common.h:325 arch/x86/entry/syscall_64.c:100)
[ 270.463552][ T4529] ? __pfx_vfs_write (fs/read_write.c:669)
[ 270.463555][ T4529] ? fdget_pos (include/linux/atomic/atomic-arch-fallback.h:479 (discriminator 2) include/linux/atomic/atomic-instrumented.h:50 (discriminator 2) fs/file.c:1196 (discriminator 2) fs/file.c:1210 (discriminator 2) fs/file.c:1256 (discriminator 2))
[ 270.463558][ T4529] ? fdget_pos (include/linux/atomic/atomic-arch-fallback.h:479 (discriminator 2) include/linux/atomic/atomic-instrumented.h:50 (discriminator 2) fs/file.c:1196 (discriminator 2) fs/file.c:1210 (discriminator 2) fs/file.c:1256 (discriminator 2))
[ 270.463560][ T4529] ? ksys_write (fs/read_write.c:740)
[ 270.463563][ T4529] ? ksys_write (fs/read_write.c:740)
[ 270.463566][ T4529] ? __pfx_ksys_write (fs/read_write.c:730)
[ 270.463571][ T4529] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:296 include/linux/entry-common.h:327 arch/x86/entry/syscall_64.c:100)
[ 270.463574][ T4529] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:296 include/linux/entry-common.h:327 arch/x86/entry/syscall_64.c:100)
[ 270.463578][ T4529] ? irqentry_exit (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:296 include/linux/irq-entry-common.h:341 kernel/entry/common.c:219)
[ 270.463581][ T4529] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 270.463583][ T4529] RIP: 0033:0x7fc1ffd84217
[ 270.463586][ T4529] Code: 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 c9 4b 0d 00 f7 d8 64 89 02 b8
All code
========
0: 0d 00 f7 d8 64 or $0x64d8f700,%eax
5: 89 02 mov %eax,(%rdx)
7: b8 ff ff ff ff mov $0xffffffff,%eax
c: c3 ret
d: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
13: 31 f6 xor %esi,%esi
15: e9 09 00 00 00 jmp 0x23
1a: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
21: 00 00
23: b8 a6 00 00 00 mov $0xa6,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction
30: 77 01 ja 0x33
32: c3 ret
33: 48 8b 15 c9 4b 0d 00 mov 0xd4bc9(%rip),%rdx # 0xd4c03
3a: f7 d8 neg %eax
3c: 64 89 02 mov %eax,%fs:(%rdx)
3f: b8 .byte 0xb8
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 01 ja 0x9
8: c3 ret
9: 48 8b 15 c9 4b 0d 00 mov 0xd4bc9(%rip),%rdx # 0xd4bd9
10: f7 d8 neg %eax
12: 64 89 02 mov %eax,%fs:(%rdx)
15: b8 .byte 0xb8
[ 270.463588][ T4529] RSP: 002b:00007ffc300541e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 270.463592][ T4529] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc1ffd84217
[ 270.463593][ T4529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000056024b59b06a
[ 270.463595][ T4529] RBP: 00007ffc30054470 R08: 0000000000000000 R09: 0000000000000000
[ 270.463596][ T4529] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[ 270.463598][ T4529] R13: 000056024b59b06a R14: 000056024b59b7d0 R15: 000056024b59f8b0
[ 270.463600][ T4529] </TASK>
[ 270.463601][ T4529] ==================================================================
[ 270.864814][ T4529] Disabling lock debugging due to kernel taint
[ 270.870833][ T4529] Oops: general protection fault, probably for non-canonical address 0xccccccccccccccd0: 0000 [#1] SMP KASAN PTI
[ 270.882549][ T4529] CPU: 2 UID: 0 PID: 4529 Comm: hugefallocate01 Tainted: G S B I 7.0.0-rc1-00214-g75576f3c4ced #1 PREEMPT(lazy)
[ 270.895404][ T4529] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [I]=FIRMWARE_WORKAROUND
[ 270.903398][ T4529] Hardware name: Dell Inc. OptiPlex 7050/062KRH, BIOS 1.2.0 12/22/2016
[ 270.911474][ T4529] RIP: 0010:_raw_spin_lock (arch/x86/include/asm/atomic.h:107 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) include/asm-generic/qspinlock.h:111 (discriminator 4) include/linux/spinlock.h:187 (discriminator 4) include/linux/spinlock_api_smp.h:159 (discriminator 4) kernel/locking/spinlock.c:154 (discriminator 4))
[ 270.916599][ T4529] Code: be 04 00 00 00 c7 44 24 20 00 00 00 00 e8 8f 19 e5 fd be 04 00 00 00 48 8d 7c 24 20 e8 80 19 e5 fd ba 01 00 00 00 8b 44 24 20 <f0> 0f b1 13 75 2d 48 b8 00 00 00 00 00 fc ff df 48 c7 44 05 00 00
All code
========
0: be 04 00 00 00 mov $0x4,%esi
5: c7 44 24 20 00 00 00 movl $0x0,0x20(%rsp)
c: 00
d: e8 8f 19 e5 fd call 0xfffffffffde519a1
12: be 04 00 00 00 mov $0x4,%esi
17: 48 8d 7c 24 20 lea 0x20(%rsp),%rdi
1c: e8 80 19 e5 fd call 0xfffffffffde519a1
21: ba 01 00 00 00 mov $0x1,%edx
26: 8b 44 24 20 mov 0x20(%rsp),%eax
2a:* f0 0f b1 13 lock cmpxchg %edx,(%rbx) <-- trapping instruction
2e: 75 2d jne 0x5d
30: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
37: fc ff df
3a: 48 rex.W
3b: c7 .byte 0xc7
3c: 44 rex.R
3d: 05 .byte 0x5
...
Code starting with the faulting instruction
===========================================
0: f0 0f b1 13 lock cmpxchg %edx,(%rbx)
4: 75 2d jne 0x33
6: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
d: fc ff df
10: 48 rex.W
11: c7 .byte 0xc7
12: 44 rex.R
13: 05 .byte 0x5
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20260310/202603101532.fecbeae3-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
WARNING: multiple messages have this Message-ID (diff)
From: kernel test robot <oliver.sang@intel.com>
To: Jan Kara <jack@suse.cz>
Cc: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>,
linux-aio@kvack.org, Christian Brauner <brauner@kernel.org>,
Ted Tso <tytso@mit.edu>,
lkp@intel.com, oliver.sang@intel.com, Jan Kara <jack@suse.cz>,
Muchun Song <muchun.song@linux.dev>,
linux-mm@kvack.org, Benjamin LaHaise <bcrl@kvack.org>,
David Sterba <dsterba@suse.com>,
Al Viro <viro@zeniv.linux.org.uk>,
"Tigran A. Aivazian" <aivazian.tigran@gmail.com>,
David Hildenbrand <david@kernel.org>,
oe-lkp@lists.linux.dev, linux-fsdevel@vger.kernel.org,
linux-ext4@vger.kernel.org, ltp@lists.linux.it,
Oscar Salvador <osalvador@suse.de>
Subject: Re: [LTP] [PATCH 12/32] hugetlbfs: Stop using i_private_data
Date: Tue, 10 Mar 2026 15:24:00 +0800 [thread overview]
Message-ID: <202603101532.fecbeae3-lkp@intel.com> (raw)
In-Reply-To: <20260303103406.4355-44-jack@suse.cz>
Hello,
kernel test robot noticed "BUG:KASAN:wild-memory-access_in_raw_spin_lock" on:
commit: 75576f3c4ced72ab572ee9275b464cd79763fd85 ("[PATCH 12/32] hugetlbfs: Stop using i_private_data")
url: https://github.com/intel-lab-lkp/linux/commits/Jan-Kara/fat-Sync-and-invalidate-metadata-buffers-from-fat_evict_inode/20260303-183910
base: https://git.kernel.org/cgit/linux/kernel/git/vfs/vfs.git vfs.all
patch link: https://lore.kernel.org/all/20260303103406.4355-44-jack@suse.cz/
patch subject: [PATCH 12/32] hugetlbfs: Stop using i_private_data
in testcase: ltp
version:
with following parameters:
test: hugetlb
config: x86_64-rhel-9.4-ltp
compiler: gcc-14
test machine: 8 threads 1 sockets Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz (Kaby Lake) with 32G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202603101532.fecbeae3-lkp@intel.com
[ 270.445802][ T4529] BUG: KASAN: wild-memory-access in _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.453010][ T4529] Write of size 4 at addr ccccccccccccccd0 by task hugefallocate01/4529
[ 270.461165][ T4529]
[ 270.463347][ T4529] CPU: 2 UID: 0 PID: 4529 Comm: hugefallocate01 Tainted: G S I 7.0.0-rc1-00214-g75576f3c4ced #1 PREEMPT(lazy)
[ 270.463352][ T4529] Tainted: [S]=CPU_OUT_OF_SPEC, [I]=FIRMWARE_WORKAROUND
[ 270.463353][ T4529] Hardware name: Dell Inc. OptiPlex 7050/062KRH, BIOS 1.2.0 12/22/2016
[ 270.463355][ T4529] Call Trace:
[ 270.463356][ T4529] <TASK>
[ 270.463358][ T4529] dump_stack_lvl (lib/dump_stack.c:122)
[ 270.463362][ T4529] ? _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.463365][ T4529] kasan_report (mm/kasan/report.c:597)
[ 270.463369][ T4529] ? _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.463372][ T4529] kasan_check_range (mm/kasan/generic.c:186 (discriminator 1) mm/kasan/generic.c:200 (discriminator 1))
[ 270.463374][ T4529] _raw_spin_lock (include/linux/instrumented.h:55 include/linux/atomic/atomic-instrumented.h:1301 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:154)
[ 270.463377][ T4529] ? __pfx__raw_spin_lock (kernel/locking/spinlock.c:153)
[ 270.463380][ T4529] ? filemap_get_folios_tag (include/linux/pagevec.h:56 mm/filemap.c:2359)
[ 270.463384][ T4529] region_del (mm/hugetlb.c:864)
[ 270.463387][ T4529] hugetlb_unreserve_pages (mm/hugetlb.c:6757)
[ 270.463390][ T4529] remove_inode_hugepages (fs/hugetlbfs/inode.c:616)
[ 270.463394][ T4529] ? __pfx_remove_inode_hugepages (fs/hugetlbfs/inode.c:579)
[ 270.463398][ T4529] ? stack_trace_save (kernel/stacktrace.c:123)
[ 270.463403][ T4529] ? __pfx_stack_trace_save (kernel/stacktrace.c:114)
[ 270.463407][ T4529] ? stack_depot_save_flags (lib/stackdepot.c:667)
[ 270.463411][ T4529] ? kasan_save_stack (mm/kasan/common.c:59)
[ 270.463413][ T4529] ? kasan_save_stack (mm/kasan/common.c:58)
[ 270.463415][ T4529] ? kasan_record_aux_stack (mm/kasan/generic.c:556 (discriminator 1))
[ 270.463417][ T4529] ? __call_rcu_common+0xc9/0x970
[ 270.463421][ T4529] ? deactivate_locked_super (fs/super.c:476)
[ 270.463426][ T4529] ? cleanup_mnt (fs/namespace.c:227 fs/namespace.c:1313)
[ 270.463430][ T4529] ? inode_wait_for_writeback (arch/x86/include/asm/atomic.h:23 include/linux/atomic/atomic-arch-fallback.h:457 include/linux/atomic/atomic-instrumented.h:33 include/asm-generic/qspinlock.h:57 fs/fs-writeback.c:1598)
[ 270.463433][ T4529] ? __pfx_inode_wait_for_writeback (fs/fs-writeback.c:1594)
[ 270.463455][ T4529] ? __call_rcu_common+0xc9/0x970
[ 270.463458][ T4529] ? task_work_run (kernel/task_work.c:235)
[ 270.463460][ T4529] ? exit_to_user_mode_loop (include/linux/memcontrol.h:915 (discriminator 2) include/linux/resume_user_mode.h:59 (discriminator 2) kernel/entry/common.c:67 (discriminator 2) kernel/entry/common.c:98 (discriminator 2))
[ 270.463463][ T4529] ? do_syscall_64 (include/linux/irq-entry-common.h:226 include/linux/irq-entry-common.h:256 include/linux/entry-common.h:325 arch/x86/entry/syscall_64.c:100)
[ 270.463465][ T4529] ? entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 270.463468][ T4529] ? _raw_spin_lock (arch/x86/include/asm/atomic.h:107 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) include/asm-generic/qspinlock.h:111 (discriminator 4) include/linux/spinlock.h:187 (discriminator 4) include/linux/spinlock_api_smp.h:159 (discriminator 4) kernel/locking/spinlock.c:154 (discriminator 4))
[ 270.463483][ T4529] ? __pfx__raw_spin_lock (kernel/locking/spinlock.c:153)
[ 270.463486][ T4529] hugetlbfs_evict_inode (fs/hugetlbfs/inode.c:625 (discriminator 1))
[ 270.463489][ T4529] evict (fs/inode.c:849)
[ 270.463507][ T4529] ? __pfx_evict (fs/inode.c:822)
[ 270.463511][ T4529] ? __pfx__raw_spin_lock (kernel/locking/spinlock.c:153)
[ 270.463514][ T4529] ? _raw_spin_trylock (arch/x86/include/asm/atomic.h:107 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) include/asm-generic/qspinlock.h:97 (discriminator 4) include/linux/spinlock.h:193 (discriminator 4) include/linux/spinlock_api_smp.h:90 (discriminator 4) kernel/locking/spinlock.c:138 (discriminator 4))
[ 270.463517][ T4529] ? iput (fs/inode.c:1963 fs/inode.c:2012 fs/inode.c:1975)
[ 270.463519][ T4529] __dentry_kill (fs/dcache.c:673 (discriminator 51))
[ 270.463522][ T4529] finish_dput (fs/dcache.c:879)
[ 270.463525][ T4529] shrink_dcache_for_umount (fs/dcache.c:920 fs/dcache.c:1657 fs/dcache.c:1671)
[ 270.463528][ T4529] ? __pfx___call_rcu_common+0x10/0x10
[ 270.463531][ T4529] generic_shutdown_super (fs/super.c:625)
[ 270.463534][ T4529] kill_anon_super (fs/super.c:437 fs/super.c:1293)
[ 270.463536][ T4529] deactivate_locked_super (fs/super.c:437 fs/super.c:478)
[ 270.463538][ T4529] cleanup_mnt (fs/namespace.c:227 fs/namespace.c:1313)
[ 270.463540][ T4529] task_work_run (kernel/task_work.c:235)
[ 270.463543][ T4529] ? __pfx_task_work_run (kernel/task_work.c:201)
[ 270.463545][ T4529] ? __x64_sys_umount (fs/namespace.c:2065 fs/namespace.c:2070 fs/namespace.c:2068 fs/namespace.c:2068)
[ 270.463547][ T4529] exit_to_user_mode_loop (include/linux/memcontrol.h:915 (discriminator 2) include/linux/resume_user_mode.h:59 (discriminator 2) kernel/entry/common.c:67 (discriminator 2) kernel/entry/common.c:98 (discriminator 2))
[ 270.463550][ T4529] do_syscall_64 (include/linux/irq-entry-common.h:226 include/linux/irq-entry-common.h:256 include/linux/entry-common.h:325 arch/x86/entry/syscall_64.c:100)
[ 270.463552][ T4529] ? __pfx_vfs_write (fs/read_write.c:669)
[ 270.463555][ T4529] ? fdget_pos (include/linux/atomic/atomic-arch-fallback.h:479 (discriminator 2) include/linux/atomic/atomic-instrumented.h:50 (discriminator 2) fs/file.c:1196 (discriminator 2) fs/file.c:1210 (discriminator 2) fs/file.c:1256 (discriminator 2))
[ 270.463558][ T4529] ? fdget_pos (include/linux/atomic/atomic-arch-fallback.h:479 (discriminator 2) include/linux/atomic/atomic-instrumented.h:50 (discriminator 2) fs/file.c:1196 (discriminator 2) fs/file.c:1210 (discriminator 2) fs/file.c:1256 (discriminator 2))
[ 270.463560][ T4529] ? ksys_write (fs/read_write.c:740)
[ 270.463563][ T4529] ? ksys_write (fs/read_write.c:740)
[ 270.463566][ T4529] ? __pfx_ksys_write (fs/read_write.c:730)
[ 270.463571][ T4529] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:296 include/linux/entry-common.h:327 arch/x86/entry/syscall_64.c:100)
[ 270.463574][ T4529] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:296 include/linux/entry-common.h:327 arch/x86/entry/syscall_64.c:100)
[ 270.463578][ T4529] ? irqentry_exit (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:296 include/linux/irq-entry-common.h:341 kernel/entry/common.c:219)
[ 270.463581][ T4529] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 270.463583][ T4529] RIP: 0033:0x7fc1ffd84217
[ 270.463586][ T4529] Code: 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 c9 4b 0d 00 f7 d8 64 89 02 b8
All code
========
0: 0d 00 f7 d8 64 or $0x64d8f700,%eax
5: 89 02 mov %eax,(%rdx)
7: b8 ff ff ff ff mov $0xffffffff,%eax
c: c3 ret
d: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
13: 31 f6 xor %esi,%esi
15: e9 09 00 00 00 jmp 0x23
1a: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
21: 00 00
23: b8 a6 00 00 00 mov $0xa6,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction
30: 77 01 ja 0x33
32: c3 ret
33: 48 8b 15 c9 4b 0d 00 mov 0xd4bc9(%rip),%rdx # 0xd4c03
3a: f7 d8 neg %eax
3c: 64 89 02 mov %eax,%fs:(%rdx)
3f: b8 .byte 0xb8
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 01 ja 0x9
8: c3 ret
9: 48 8b 15 c9 4b 0d 00 mov 0xd4bc9(%rip),%rdx # 0xd4bd9
10: f7 d8 neg %eax
12: 64 89 02 mov %eax,%fs:(%rdx)
15: b8 .byte 0xb8
[ 270.463588][ T4529] RSP: 002b:00007ffc300541e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 270.463592][ T4529] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc1ffd84217
[ 270.463593][ T4529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000056024b59b06a
[ 270.463595][ T4529] RBP: 00007ffc30054470 R08: 0000000000000000 R09: 0000000000000000
[ 270.463596][ T4529] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[ 270.463598][ T4529] R13: 000056024b59b06a R14: 000056024b59b7d0 R15: 000056024b59f8b0
[ 270.463600][ T4529] </TASK>
[ 270.463601][ T4529] ==================================================================
[ 270.864814][ T4529] Disabling lock debugging due to kernel taint
[ 270.870833][ T4529] Oops: general protection fault, probably for non-canonical address 0xccccccccccccccd0: 0000 [#1] SMP KASAN PTI
[ 270.882549][ T4529] CPU: 2 UID: 0 PID: 4529 Comm: hugefallocate01 Tainted: G S B I 7.0.0-rc1-00214-g75576f3c4ced #1 PREEMPT(lazy)
[ 270.895404][ T4529] Tainted: [S]=CPU_OUT_OF_SPEC, [B]=BAD_PAGE, [I]=FIRMWARE_WORKAROUND
[ 270.903398][ T4529] Hardware name: Dell Inc. OptiPlex 7050/062KRH, BIOS 1.2.0 12/22/2016
[ 270.911474][ T4529] RIP: 0010:_raw_spin_lock (arch/x86/include/asm/atomic.h:107 (discriminator 4) include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) include/asm-generic/qspinlock.h:111 (discriminator 4) include/linux/spinlock.h:187 (discriminator 4) include/linux/spinlock_api_smp.h:159 (discriminator 4) kernel/locking/spinlock.c:154 (discriminator 4))
[ 270.916599][ T4529] Code: be 04 00 00 00 c7 44 24 20 00 00 00 00 e8 8f 19 e5 fd be 04 00 00 00 48 8d 7c 24 20 e8 80 19 e5 fd ba 01 00 00 00 8b 44 24 20 <f0> 0f b1 13 75 2d 48 b8 00 00 00 00 00 fc ff df 48 c7 44 05 00 00
All code
========
0: be 04 00 00 00 mov $0x4,%esi
5: c7 44 24 20 00 00 00 movl $0x0,0x20(%rsp)
c: 00
d: e8 8f 19 e5 fd call 0xfffffffffde519a1
12: be 04 00 00 00 mov $0x4,%esi
17: 48 8d 7c 24 20 lea 0x20(%rsp),%rdi
1c: e8 80 19 e5 fd call 0xfffffffffde519a1
21: ba 01 00 00 00 mov $0x1,%edx
26: 8b 44 24 20 mov 0x20(%rsp),%eax
2a:* f0 0f b1 13 lock cmpxchg %edx,(%rbx) <-- trapping instruction
2e: 75 2d jne 0x5d
30: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
37: fc ff df
3a: 48 rex.W
3b: c7 .byte 0xc7
3c: 44 rex.R
3d: 05 .byte 0x5
...
Code starting with the faulting instruction
===========================================
0: f0 0f b1 13 lock cmpxchg %edx,(%rbx)
4: 75 2d jne 0x33
6: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
d: fc ff df
10: 48 rex.W
11: c7 .byte 0xc7
12: 44 rex.R
13: 05 .byte 0x5
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20260310/202603101532.fecbeae3-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2026-03-10 7:24 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-03 10:33 [PATCH 0/32] fs: Move metadata bh tracking from address_space Jan Kara
2026-03-03 10:33 ` [PATCH 01/32] fat: Sync and invalidate metadata buffers from fat_evict_inode() Jan Kara
2026-03-03 10:33 ` [PATCH 02/32] udf: Sync and invalidate metadata buffers from udf_evict_inode() Jan Kara
2026-03-03 10:33 ` [PATCH 03/32] minix: Sync and invalidate metadata buffers from minix_evict_inode() Jan Kara
2026-03-03 10:33 ` [PATCH 04/32] ext2: Sync and invalidate metadata buffers from ext2_evict_inode() Jan Kara
2026-03-03 10:33 ` [PATCH 05/32] ext4: Sync and invalidate metadata buffers from ext4_evict_inode() Jan Kara
2026-03-04 14:14 ` Theodore Tso
2026-03-03 10:33 ` [PATCH 06/32] ext4: Use inode_has_buffers() Jan Kara
2026-03-04 14:14 ` Theodore Tso
2026-03-03 10:33 ` [PATCH 07/32] bfs: Sync and invalidate metadata buffers from bfs_evict_inode() Jan Kara
2026-03-03 10:33 ` [PATCH 08/32] affs: Sync and invalidate metadata buffers from affs_evict_inode() Jan Kara
2026-03-03 10:33 ` [PATCH 09/32] fs: Ignore inode metadata buffers in inode_lru_isolate() Jan Kara
2026-03-03 10:33 ` [PATCH 10/32] fs: Stop using i_private_data for metadata bh tracking Jan Kara
2026-03-03 10:34 ` [PATCH 11/32] gfs2: Don't zero i_private_data Jan Kara
2026-03-03 12:32 ` Andreas Gruenbacher
2026-03-04 10:39 ` Jan Kara
2026-03-03 10:34 ` [PATCH 12/32] hugetlbfs: Stop using i_private_data Jan Kara
2026-03-10 7:24 ` kernel test robot [this message]
2026-03-10 7:24 ` [LTP] " kernel test robot
2026-03-03 10:34 ` [PATCH 13/32] aio: Stop using i_private_data and i_private_lock Jan Kara
2026-03-03 10:34 ` [PATCH 14/32] fs: Remove i_private_data Jan Kara
2026-03-03 10:34 ` [PATCH 15/32] fs: Drop osync_buffers_list() Jan Kara
2026-03-03 10:34 ` [PATCH 16/32] fs: Fold fsync_buffers_list() into sync_mapping_buffers() Jan Kara
2026-03-04 13:38 ` Christian Brauner
2026-03-05 16:14 ` Jan Kara
2026-03-03 10:34 ` [PATCH 17/32] fs: Move metadata bhs tracking to a separate struct Jan Kara
2026-03-04 13:38 ` Christoph Hellwig
2026-03-05 16:42 ` Jan Kara
2026-03-04 13:40 ` Christoph Hellwig
2026-03-05 16:39 ` Jan Kara
2026-03-03 10:34 ` [PATCH 18/32] fs: Provide operation for fetching mapping_metadata_bhs Jan Kara
2026-03-04 12:48 ` Christian Brauner
2026-03-04 13:19 ` Christoph Hellwig
2026-03-04 13:38 ` Jan Kara
2026-03-04 13:44 ` Christoph Hellwig
2026-03-03 10:34 ` [PATCH 19/32] ntfs3: Drop pointless sync_mapping_buffers() call Jan Kara
2026-03-04 13:41 ` Christoph Hellwig
2026-03-05 16:26 ` Jan Kara
2026-03-03 10:34 ` [PATCH 20/32] ocfs2: Drop pointless sync_mapping_buffers() calls Jan Kara
2026-03-03 10:34 ` [PATCH 21/32] bdev: Drop pointless invalidate_mapping_buffers() call Jan Kara
2026-03-03 14:03 ` Christoph Hellwig
2026-03-04 10:30 ` Jan Kara
2026-03-03 14:09 ` Christoph Hellwig
2026-03-04 10:36 ` Jan Kara
2026-03-04 13:29 ` Christoph Hellwig
2026-03-04 13:39 ` Christian Brauner
2026-03-05 15:58 ` Jan Kara
2026-03-03 10:34 ` [PATCH 22/32] fs: Switch inode_has_buffers() to take mapping_metadata_bhs Jan Kara
2026-03-03 10:34 ` [PATCH 23/32] ext2: Track metadata bhs in fs-private inode part Jan Kara
2026-03-03 10:34 ` [PATCH 24/32] affs: " Jan Kara
2026-03-03 10:34 ` [PATCH 25/32] bfs: " Jan Kara
2026-03-03 10:34 ` [PATCH 26/32] fat: " Jan Kara
2026-03-03 10:34 ` [PATCH 27/32] udf: " Jan Kara
2026-03-03 10:34 ` [PATCH 28/32] minix: " Jan Kara
2026-03-03 10:34 ` [PATCH 29/32] ext4: " Jan Kara
2026-03-03 10:34 ` [PATCH 30/32] vfs: Drop mapping_metadata_bhs from address space Jan Kara
2026-03-03 10:34 ` [PATCH 31/32] kvm: Use private inode list instead of i_private_list Jan Kara
2026-03-04 13:40 ` Christian Brauner
2026-03-05 16:25 ` Jan Kara
2026-03-04 13:42 ` Christoph Hellwig
2026-03-05 16:25 ` Jan Kara
2026-03-03 10:34 ` [PATCH 32/32] fs: Drop i_private_list from address_space Jan Kara
2026-03-04 13:43 ` Christoph Hellwig
2026-03-03 23:35 ` [syzbot ci] Re: fs: Move metadata bh tracking " syzbot ci
2026-03-04 12:32 ` [PATCH 0/32] " Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202603101532.fecbeae3-lkp@intel.com \
--to=oliver.sang@intel.com \
--cc=aivazian.tigran@gmail.com \
--cc=bcrl@kvack.org \
--cc=brauner@kernel.org \
--cc=david@kernel.org \
--cc=dsterba@suse.com \
--cc=hirofumi@mail.parknet.co.jp \
--cc=jack@suse.cz \
--cc=linux-aio@kvack.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lkp@intel.com \
--cc=ltp@lists.linux.it \
--cc=muchun.song@linux.dev \
--cc=oe-lkp@lists.linux.dev \
--cc=osalvador@suse.de \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.