From: kernel test robot <oliver.sang@intel.com>
To: Jill Ravaliya <jillravaliya@gmail.com>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>, <linux-mm@kvack.org>,
<akpm@linux-foundation.org>, <urezki@gmail.com>,
<linux-kernel@vger.kernel.org>,
Jill Ravaliya <jillravaliya@gmail.com>
Subject: Re: [PATCH 2/2] selftests/mm: add test for vrealloc() shrink page freeing
Date: Sat, 23 May 2026 21:34:59 +0800 [thread overview]
Message-ID: <202605231524.731e5313-lkp@intel.com> (raw)
In-Reply-To: <20260507114854.41117-2-jillravaliya@gmail.com>
Hello,
kernel test robot noticed "kernel_BUG_at_mm/vmalloc.c" on:
commit: 7a2723bc6f2ec12f6e8bfccdf20c09b84f721993 ("[PATCH 2/2] selftests/mm: add test for vrealloc() shrink page freeing")
url: https://github.com/intel-lab-lkp/linux/commits/Jill-Ravaliya/selftests-mm-add-test-for-vrealloc-shrink-page-freeing/20260511-181706
base: https://git.kernel.org/cgit/linux/kernel/git/akpm/mm.git mm-everything
patch link: https://lore.kernel.org/all/20260507114854.41117-2-jillravaliya@gmail.com/
patch subject: [PATCH 2/2] selftests/mm: add test for vrealloc() shrink page freeing
in testcase: boot
config: x86_64-kexec
compiler: clang-20
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 32G
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202605231524.731e5313-lkp@intel.com
[ 3.859842][ T1] ------------[ cut here ]------------
[ 3.860491][ T1] kernel BUG at mm/vmalloc.c:488!
[ 3.861026][ T1] Oops: invalid opcode: 0000 [#1] SMP PTI
[ 3.861616][ T1] CPU: 0 UID: 0 PID: 1 Comm: systemd Not tainted 7.1.0-rc1-00283-g7a2723bc6f2e #1 PREEMPT(lazy)
[ 3.862702][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 3.863724][ T1] RIP: 0010:__vunmap_range_noflush (vmalloc.c:501)
[ 3.864346][ T1] Code: 7c 24 10 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7c 9d d2 ff 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00
All code
========
0: 7c 24 jl 0x26
2: 10 48 83 adc %cl,-0x7d(%rax)
5: c4 (bad)
6: 58 pop %rax
7: 5b pop %rbx
8: 41 5c pop %r12
a: 41 5d pop %r13
c: 41 5e pop %r14
e: 41 5f pop %r15
10: 5d pop %rbp
11: e9 7c 9d d2 ff jmp 0xffffffffffd29d92
16: 48 83 c4 58 add $0x58,%rsp
1a: 5b pop %rbx
1b: 41 5c pop %r12
1d: 41 5d pop %r13
1f: 41 5e pop %r14
21: 41 5f pop %r15
23: 5d pop %rbp
24: c3 ret
25: cc int3
26: cc int3
27: cc int3
28: cc int3
29: cc int3
2a:* 0f 0b ud2 <-- trapping instruction
2c: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
33: 0f 1f 84 00 00 00 00
3a: 00
3b: 0f .byte 0xf
3c: 1f (bad)
3d: 80 00 00 addb $0x0,(%rax)
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
9: 0f 1f 84 00 00 00 00
10: 00
11: 0f .byte 0xf
12: 1f (bad)
13: 80 00 00 addb $0x0,(%rax)
[ 3.866197][ T1] RSP: 0018:ffffc90000013a70 EFLAGS: 00010246
[ 3.866816][ T1] RAX: ffffc90000035990 RBX: ffffc90000035000 RCX: 0000000000000000
[ 3.867632][ T1] RDX: 0000000000000000 RSI: ffffc90000036000 RDI: ffffc90000036000
[ 3.868442][ T1] RBP: 0000000000400dc0 R08: 00000000ffffffff R09: 0000000000000000
[ 3.869260][ T1] R10: ffffc90000035990 R11: ffffffff8215b050 R12: ffffc90000036000
[ 3.870088][ T1] R13: ffffc90000036000 R14: 0000000000000001 R15: ffff88810f5e18a0
[ 3.870907][ T1] FS: 00007f356fcade40(0000) GS:ffff88889c100000(0000) knlGS:0000000000000000
[ 3.871802][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3.872461][ T1] CR2: 00007f3570966000 CR3: 000000010c872000 CR4: 00000000000406f0
[ 3.873270][ T1] Call Trace:
[ 3.873666][ T1] <TASK>
[ 3.874083][ T1] ? krealloc_node_align_noprof (slub.c:?)
[ 3.874811][ T1] ? find_instance (bpf/liveness.c:66)
[ 3.875300][ T1] vrealloc_node_align_noprof (vmalloc.c:506 vmalloc.c:521 vmalloc.c:4345)
[ 3.875883][ T1] bpf_patch_insn_data (bpf/fixups.c:254)
[ 3.876410][ T1] bpf_convert_ctx_accesses (bpf/fixups.c:974)
[ 3.876975][ T1] bpf_check (bpf/verifier.c:20094)
[ 3.877441][ T1] bpf_prog_load (bpf/syscall.c:3082)
[ 3.877951][ T1] __sys_bpf (bpf/syscall.c:6248)
[ 3.878419][ T1] __x64_sys_bpf (bpf/syscall.c:6361 bpf/syscall.c:6359 bpf/syscall.c:6359)
[ 3.878891][ T1] do_syscall_64 (x86/entry/syscall_64.c:63 x86/entry/syscall_64.c:94)
[ 3.879373][ T1] entry_SYSCALL_64_after_hwframe (x86/entry/entry_64.S:121)
[ 3.879974][ T1] RIP: 0033:0x7f3570834779
[ 3.880451][ T1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 4f 86 0d 00 f7 d8 64 89 01 48
All code
========
0: ff c3 inc %ebx
2: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1)
9: 00 00 00
c: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
11: 48 89 f8 mov %rdi,%rax
14: 48 89 f7 mov %rsi,%rdi
17: 48 89 d6 mov %rdx,%rsi
1a: 48 89 ca mov %rcx,%rdx
1d: 4d 89 c2 mov %r8,%r10
20: 4d 89 c8 mov %r9,%r8
23: 4c 8b 4c 24 08 mov 0x8(%rsp),%r9
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 01 jae 0x33
32: c3 ret
33: 48 8b 0d 4f 86 0d 00 mov 0xd864f(%rip),%rcx # 0xd8689
3a: f7 d8 neg %eax
3c: 64 89 01 mov %eax,%fs:(%rcx)
3f: 48 rex.W
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 01 jae 0x9
8: c3 ret
9: 48 8b 0d 4f 86 0d 00 mov 0xd864f(%rip),%rcx # 0xd865f
10: f7 d8 neg %eax
12: 64 89 01 mov %eax,%fs:(%rcx)
15: 48 rex.W
[ 3.882300][ T1] RSP: 002b:00007ffcd8cbbc88 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3.883149][ T1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f3570834779
[ 3.883966][ T1] RDX: 0000000000000094 RSI: 00007ffcd8cbbd10 RDI: 0000000000000005
[ 3.884774][ T1] RBP: 0000000000000013 R08: 00007ffcd8cbbe40 R09: 0000559a2fc27b30
[ 3.885594][ T1] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000094
[ 3.886456][ T1] R13: 00007ffcd8cbbd10 R14: 00007ffcd8cbbd10 R15: 0000000000000008
[ 3.887273][ T1] </TASK>
[ 3.887627][ T1] Modules linked in:
[ 3.888071][ T1] ---[ end trace 0000000000000000 ]---
[ 3.888642][ T1] RIP: 0010:__vunmap_range_noflush (vmalloc.c:501)
[ 3.889273][ T1] Code: 7c 24 10 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7c 9d d2 ff 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00
All code
========
0: 7c 24 jl 0x26
2: 10 48 83 adc %cl,-0x7d(%rax)
5: c4 (bad)
6: 58 pop %rax
7: 5b pop %rbx
8: 41 5c pop %r12
a: 41 5d pop %r13
c: 41 5e pop %r14
e: 41 5f pop %r15
10: 5d pop %rbp
11: e9 7c 9d d2 ff jmp 0xffffffffffd29d92
16: 48 83 c4 58 add $0x58,%rsp
1a: 5b pop %rbx
1b: 41 5c pop %r12
1d: 41 5d pop %r13
1f: 41 5e pop %r14
21: 41 5f pop %r15
23: 5d pop %rbp
24: c3 ret
25: cc int3
26: cc int3
27: cc int3
28: cc int3
29: cc int3
2a:* 0f 0b ud2 <-- trapping instruction
2c: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
33: 0f 1f 84 00 00 00 00
3a: 00
3b: 0f .byte 0xf
3c: 1f (bad)
3d: 80 00 00 addb $0x0,(%rax)
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
9: 0f 1f 84 00 00 00 00
10: 00
11: 0f .byte 0xf
12: 1f (bad)
13: 80 00 00 addb $0x0,(%rax)
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20260523/202605231524.731e5313-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
next prev parent reply other threads:[~2026-05-23 13:35 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-07 11:48 [PATCH 1/2] mm/vmalloc: free unused pages when shrinking vrealloc() allocation Jill Ravaliya
2026-05-07 11:48 ` [PATCH 2/2] selftests/mm: add test for vrealloc() shrink page freeing Jill Ravaliya
2026-05-23 13:34 ` kernel test robot [this message]
2026-05-23 16:20 ` Uladzislau Rezki
2026-05-24 2:53 ` Jill Ravaliya
2026-05-07 17:17 ` [PATCH 1/2] mm/vmalloc: free unused pages when shrinking vrealloc() allocation Uladzislau Rezki
2026-05-07 20:26 ` [syzbot ci] " syzbot ci
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202605231524.731e5313-lkp@intel.com \
--to=oliver.sang@intel.com \
--cc=akpm@linux-foundation.org \
--cc=jillravaliya@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
--cc=urezki@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox