Greeting, FYI, we noticed the following commit (built with gcc-11): commit: 897e71ca3e5ca67dc6922c00bd44aa85927d7b7d ("btrfs: make zstd compression support nagetive level.") https://github.com/kdave/btrfs-devel.git pr/7(Deprecated) in testcase: boot on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): +------------------------------------------------------------------+------+------------+ | | v6.0 | 897e71ca3e | +------------------------------------------------------------------+------+------------+ | UBSAN:array-index-out-of-bounds_in_fs/btrfs/zstd.c | 0 | 21 | | WARNING:at_mm/util.c:#kvmalloc_node | 0 | 21 | | EIP:kvmalloc_node | 0 | 21 | +------------------------------------------------------------------+------+------------+ If you fix the issue, kindly add following tag | Reported-by: kernel test robot | Link: https://lore.kernel.org/r/202210052128.9ff4b956-oliver.sang@intel.com [ 9.429651][ T1] ================================================================================ [ 9.430992][ T1] UBSAN: array-index-out-of-bounds in fs/btrfs/zstd.c:171:20 [ 9.432249][ T1] index -16 is out of range for type 'size_t [15]' [ 9.433147][ T1] CPU: 0 PID: 1 Comm: swapper Not tainted 6.0.0-00001-g897e71ca3e5c #1 [ 9.434263][ T1] Call Trace: [ 9.434727][ T1] ? show_stack+0x33/0x39 [ 9.435300][ T1] dump_stack_lvl+0x29/0x36 [ 9.435880][ T1] dump_stack+0xd/0x10 [ 9.436405][ T1] ubsan_epilogue+0x8/0x33 [ 9.437034][ T1] __ubsan_handle_out_of_bounds.cold+0x3c/0x44 [ 9.437804][ T1] ? zstd_cstream_workspace_bound+0x18/0x20 [ 9.438598][ T1] zstd_init_workspace_manager+0x186/0x1b0 [ 9.439368][ T1] ? tracefs_create_instance_dir+0x3d/0x3d [ 9.440154][ T1] btrfs_init_compress+0x23/0x25 [ 9.440817][ T1] init_btrfs_fs+0x1d/0x114 [ 9.441426][ T1] do_one_initcall+0x60/0x260 [ 9.442031][ T1] ? rdinit_setup+0x38/0x38 [ 9.442634][ T1] do_initcalls+0xf0/0x112 [ 9.443222][ T1] kernel_init_freeable+0xa7/0xd6 [ 9.443889][ T1] ? rest_init+0xa0/0xa0 [ 9.444457][ T1] kernel_init+0x12/0xf0 [ 9.445033][ T1] ret_from_fork+0x1c/0x30 [ 9.445659][ T1] ================================================================================ [ 9.446842][ T1] ================================================================================ [ 9.448053][ T1] UBSAN: array-index-out-of-bounds in fs/btrfs/zstd.c:189:30 [ 9.449302][ T1] index -15 is out of range for type 'list_head [15]' [ 9.450187][ T1] CPU: 0 PID: 1 Comm: swapper Not tainted 6.0.0-00001-g897e71ca3e5c #1 [ 9.451239][ T1] Call Trace: [ 9.451685][ T1] ? show_stack+0x33/0x39 [ 9.452275][ T1] dump_stack_lvl+0x29/0x36 [ 9.452862][ T1] dump_stack+0xd/0x10 [ 9.453424][ T1] ubsan_epilogue+0x8/0x33 [ 9.453997][ T1] __ubsan_handle_out_of_bounds.cold+0x3c/0x44 [ 9.454815][ T1] ? init_timer_key+0x68/0xf0 [ 9.455447][ T1] zstd_init_workspace_manager+0x197/0x1b0 [ 9.456229][ T1] ? tracefs_create_instance_dir+0x3d/0x3d [ 9.457030][ T1] btrfs_init_compress+0x23/0x25 [ 9.457657][ T1] init_btrfs_fs+0x1d/0x114 [ 9.458207][ T1] do_one_initcall+0x60/0x260 [ 9.458801][ T1] ? rdinit_setup+0x38/0x38 [ 9.459355][ T1] do_initcalls+0xf0/0x112 [ 9.459915][ T1] kernel_init_freeable+0xa7/0xd6 [ 9.460548][ T1] ? rest_init+0xa0/0xa0 [ 9.461118][ T1] kernel_init+0x12/0xf0 [ 9.461694][ T1] ret_from_fork+0x1c/0x30 [ 9.462368][ T1] ================================================================================ [ 9.463661][ T1] ------------[ cut here ]------------ [ 9.464410][ T1] WARNING: CPU: 0 PID: 1 at mm/util.c:628 kvmalloc_node+0xa0/0xb0 [ 9.465470][ T1] Modules linked in: [ 9.465983][ T1] CPU: 0 PID: 1 Comm: swapper Not tainted 6.0.0-00001-g897e71ca3e5c #1 [ 9.467108][ T1] EIP: kvmalloc_node+0xa0/0xb0 [ 9.467771][ T1] Code: 00 83 c4 18 eb 09 8d 74 26 00 e8 3b ae 04 00 8d 65 f4 5b 5e 5f 5d c3 8d 76 00 81 ca 00 20 01 00 eb 83 81 e6 00 20 00 00 75 e5 <0f> 0b eb e1 8d b4 26 00 00 00 00 8d 74 26 00 90 55 89 e5 53 89 c3 [ 9.470345][ T1] EAX: 00000000 EBX: c363f7d8 ECX: 00000001 EDX: 00000000 [ 9.471252][ T1] ESI: 00000000 EDI: ffffffff EBP: c38bfe88 ESP: c38bfe7c [ 9.472192][ T1] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS: 00010246 [ 9.473236][ T1] CR0: 80050033 CR2: ffdab000 CR3: 02ee6000 CR4: 00040690 [ 9.474198][ T1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 [ 9.475167][ T1] DR6: fffe0ff0 DR7: 00000400 [ 9.475790][ T1] Call Trace: [ 9.476236][ T1] zstd_alloc_workspace+0x55/0xd0 [ 9.476925][ T1] zstd_init_workspace_manager+0x12d/0x1b0 [ 9.477661][ T1] ? tracefs_create_instance_dir+0x3d/0x3d [ 9.478432][ T1] btrfs_init_compress+0x23/0x25 [ 9.479094][ T1] init_btrfs_fs+0x1d/0x114 [ 9.479687][ T1] do_one_initcall+0x60/0x260 [ 9.480270][ T1] ? rdinit_setup+0x38/0x38 [ 9.480855][ T1] do_initcalls+0xf0/0x112 [ 9.481476][ T1] kernel_init_freeable+0xa7/0xd6 [ 9.482141][ T1] ? rest_init+0xa0/0xa0 [ 9.482651][ T1] kernel_init+0x12/0xf0 [ 9.483240][ T1] ret_from_fork+0x1c/0x30 [ 9.483832][ T1] irq event stamp: 1431935 [ 9.484400][ T1] hardirqs last enabled at (1431945): [] __up_console_sem+0x4e/0x60 [ 9.485598][ T1] hardirqs last disabled at (1431954): [] __up_console_sem+0x35/0x60 [ 9.486731][ T1] softirqs last enabled at (1431680): [] __do_softirq+0x275/0x3f7 [ 9.487889][ T1] softirqs last disabled at (1431671): [] call_on_stack+0x40/0x50 [ 9.489088][ T1] ---[ end trace 0000000000000000 ]--- [ 9.489862][ T1] BTRFS: cannot preallocate zstd compression workspace To reproduce: # build kernel cd linux cp config-6.0.0-00001-g897e71ca3e5c .config make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH= modules_install cd find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k -m modules.cgz job-script # job-script is attached in this email # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://01.org/lkp