public inbox for linux-btrfs@vger.kernel.org
 help / color / mirror / Atom feed
From: kernel test robot <oliver.sang@intel.com>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>,
	David Sterba <dsterba@suse.com>, <linux-btrfs@vger.kernel.org>,
	<oliver.sang@inte.com>
Subject: [linux-next:master] [btrfs_get_tree_subvol()] 25efcff066: Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]SMP_KASAN_NOPTI
Date: Thu, 8 May 2025 15:42:44 +0800	[thread overview]
Message-ID: <202505081540.3f2a6418-lkp@intel.com> (raw)



Hello,

kernel test robot noticed "Oops:general_protection_fault,probably_for_non-canonical_address#:#[##]SMP_KASAN_NOPTI" on:

commit: 25efcff06654aa283be379420e8b1f8d344c2f78 ("btrfs_get_tree_subvol(): switch from fc_mount() to vfs_create_mount()")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

[test failed on linux-next/master 08710e696081d58163c8078e0e096be6d35c5fad]

in testcase: xfstests
version: xfstests-x86_64-8467552f-1_20241215
with following parameters:

	disk: 4HDD
	fs: xfs
	test: xfs-scratch-reflink-25


NOTE
sorry if above xfs-related tests cause confusion. as below dmesg, the issue
happens for a btrfs partition (label LKP-ROOTFS, which is mounted before
testing for various purposes in our bot process)


config: x86_64-rhel-9.4-func
compiler: gcc-12
test machine: 128 threads 2 sockets Intel(R) Xeon(R) Platinum 8358 CPU @ 2.60GHz (Ice Lake) with 128G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202505081540.3f2a6418-lkp@intel.com


[  154.907294][ T1546]
[  154.943247][ T2459] BTRFS: device label LKP-ROOTFS devid 1 transid 3324 /dev/sda1 (8:1) scanned by mount (2459)
[  154.963798][ T2459] BTRFS info (device sda1): first mount of filesystem 276a1e11-946d-4e8e-902f-6037a50202d5
[  154.974415][ T2459] BTRFS info (device sda1): using crc32c (crc32c-x86_64) checksum algorithm
[  154.983406][ T2459] BTRFS info (device sda1): using free-space-tree
[  155.158064][ T2459] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN NOPTI
[  155.170763][ T2459] KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
[  155.179430][ T2459] CPU: 16 UID: 0 PID: 2459 Comm: mount Not tainted 6.15.0-rc5-00204-g25efcff06654 #1 PREEMPT(voluntary)
[  155.190880][ T2459] Hardware name: Intel Corporation M50CYP2SB1U/M50CYP2SB1U, BIOS SE5C620.86B.01.01.0009.2311021928 11/02/2023
[ 155.203187][ T2459] RIP: 0010:btrfs_get_tree_subvol (kbuild/obj/consumer/x86_64-rhel-9.4-func/fs/btrfs/super.c:2065) btrfs 
[ 155.210334][ T2459] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 97 04 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 73 40 49 8d 7e 68 48 89 fa 48 c1 ea 03 <80> 3c 02 00 74 49 e8 a5 9c 76 c0 eb 42 48 b8 00 00 00 00 00 fc ff
All code
========
   0:	48 89 fa             	mov    %rdi,%rdx
   3:	48 c1 ea 03          	shr    $0x3,%rdx
   7:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   b:	0f 85 97 04 00 00    	jne    0x4a8
  11:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  18:	fc ff df 
  1b:	4c 8b 73 40          	mov    0x40(%rbx),%r14
  1f:	49 8d 7e 68          	lea    0x68(%r14),%rdi
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
  2a:*	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)		<-- trapping instruction
  2e:	74 49                	je     0x79
  30:	e8 a5 9c 76 c0       	call   0xffffffffc0769cda
  35:	eb 42                	jmp    0x79
  37:	48                   	rex.W
  38:	b8 00 00 00 00       	mov    $0x0,%eax
  3d:	00 fc                	add    %bh,%ah
  3f:	ff                   	.byte 0xff

Code starting with the faulting instruction
===========================================
   0:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   4:	74 49                	je     0x4f
   6:	e8 a5 9c 76 c0       	call   0xffffffffc0769cb0
   b:	eb 42                	jmp    0x4f
   d:	48                   	rex.W
   e:	b8 00 00 00 00       	mov    $0x0,%eax
  13:	00 fc                	add    %bh,%ah
  15:	ff                   	.byte 0xff
[  155.230675][ T2459] RSP: 0018:ffa000000f4cfa48 EFLAGS: 00010202
[  155.237047][ T2459] RAX: dffffc0000000000 RBX: ff110010e271aa00 RCX: 1fe2200036ed4404
[  155.245329][ T2459] RDX: 000000000000000d RSI: 0000000000000004 RDI: 0000000000000068
[  155.253614][ T2459] RBP: 1ff4000001e99f4d R08: 0000000000000000 R09: fffffbfff0ef4144
[  155.261897][ T2459] R10: ffffffff877a0a23 R11: 0000000000000001 R12: ff110010a6ab8380
[  155.270184][ T2459] R13: ff110010fdcb8000 R14: 0000000000000000 R15: ff11001089c122e0
[  155.278469][ T2459] FS:  00007efe6004e840(0000) GS:ff11000cb7444000(0000) knlGS:0000000000000000
[  155.287711][ T2459] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  155.294608][ T2459] CR2: 000055cc21afb098 CR3: 0000001099c7a003 CR4: 0000000000771ef0
[  155.302903][ T2459] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  155.311194][ T2459] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  155.319482][ T2459] PKRU: 55555554
[  155.323337][ T2459] Call Trace:
[  155.326929][ T2459]  <TASK>
[ 155.330164][ T2459] ? security_fs_context_parse_param (kbuild/obj/consumer/x86_64-rhel-9.4-func/security/security.c:1387 (discriminator 4)) 
[ 155.336625][ T2459] ? __pfx_btrfs_get_tree_subvol (kbuild/obj/consumer/x86_64-rhel-9.4-func/fs/btrfs/super.c:2014) btrfs 
[ 155.343515][ T2459] ? vfs_parse_fs_string (kbuild/obj/consumer/x86_64-rhel-9.4-func/fs/fs_context.c:172) 
[ 155.349014][ T2459] ? __pfx_vfs_parse_fs_string (kbuild/obj/consumer/x86_64-rhel-9.4-func/fs/fs_context.c:172) 


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250508/202505081540.3f2a6418-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki


                 reply	other threads:[~2025-05-08  7:43 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202505081540.3f2a6418-lkp@intel.com \
    --to=oliver.sang@intel.com \
    --cc=dsterba@suse.com \
    --cc=linux-btrfs@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=oe-lkp@lists.linux.dev \
    --cc=oliver.sang@inte.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox