From: bugzilla-daemon@kernel.org
To: linuxppc-dev@lists.ozlabs.org
Subject: [Bug 216715] kernel 6.1-rc5 + KASAN_OUTLINE fails to boot at very early stage when DEBUG_PAGEALLOC_ENABLE_DEFAULT is enabled (PowerMac G4 3,6)
Date: Tue, 22 Nov 2022 00:19:36 +0000 [thread overview]
Message-ID: <bug-216715-206035-GT79YJhv8q@https.bugzilla.kernel.org/> (raw)
In-Reply-To: <bug-216715-206035@https.bugzilla.kernel.org/>
https://bugzilla.kernel.org/show_bug.cgi?id=216715
--- Comment #4 from Erhard F. (erhard_f@mailbox.org) ---
Created attachment 303256
--> https://bugzilla.kernel.org/attachment.cgi?id=303256&action=edit
kernel dmesg (6.1-rc6, PowerMac G4 DP) - BUG: KASAN: slab-out-of-bounds
Rarely but sometimes boot fails due to a KASAN error like this:
[...]
==================================================================
BUG: KASAN: slab-out-of-bounds in filemap_map_pages+0x2c8/0x5d0
Read of size 4 at addr c336c170 by task systemd/112
CPU: 1 PID: 112 Comm: systemd Tainted: G TN 6.1.0-rc6-PMacG4 #30
Hardware name: PowerMac3,6 7455 0x80010303 PowerMac
Call Trace:
[f1973c60] [c0d3b790] dump_stack_lvl+0x60/0xa4 (unreliable)
[f1973c80] [c033d124] print_report+0x154/0x4f4
[f1973cd0] [c033ce40] kasan_report+0xe8/0x218
[f1973d40] [c0284234] filemap_map_pages+0x2c8/0x5d0
[f1973e00] [c02dfb54] handle_mm_fault+0xb58/0x10bc
[f1973ed0] [c002b994] ___do_page_fault+0x228/0x814
[f1973f10] [c002c1d4] do_page_fault+0x28/0x6c
[f1973f30] [c00044a8] InstructionAccess_virt+0x114/0x118
--- interrupt: 400 at 0xa7452df4
NIP: a7452df4 LR: a7452974 CTR: 00000000
REGS: f1973f40 TRAP: 0400 Tainted: G TN (6.1.0-rc6-PMacG4)
MSR: 4000d032 <EE,PR,ME,IR,DR,RI> CR: 480042e0 XER: 00000000
GPR00: 00000000 afdd8cf0 a7b4a5a0 00000000 a7452974 480042e0 00000000 a7452df4
GPR08: 0000d032 400c13f8 400c1509 400c161a 400c12e7 00b2fc1c 00000000 00000000
GPR16: 00000000 00000000 afdd8f20 afdd8e98 00000000 00000001 00000000 00000000
GPR24: 00000000 02084ffc 00000000 afdd8f1c 02084b80 02084810 a757fff4 00000001
NIP [a7452df4] 0xa7452df4
LR [a7452974] 0xa7452974
--- interrupt: 400
Allocated by task 1:
kasan_set_track+0x44/0x94
__kasan_slab_alloc+0xa0/0xe8
kmem_cache_alloc+0x224/0x684
__kernfs_new_node+0xe8/0x354
kernfs_new_node+0x84/0xfc
__kernfs_create_file+0x50/0x204
sysfs_add_file_mode_ns+0xf4/0x1f0
internal_create_group+0x1f0/0x620
sysfs_slab_add+0x23c/0x2dc
__kmem_cache_create+0x1bc/0x584
kmem_cache_create_usercopy+0x250/0x39c
btrfs_init_cachep+0x48/0x1e0
init_btrfs_fs+0x50/0x2b0
do_one_initcall+0xc0/0x34c
kernel_init_freeable+0x2c0/0x400
kernel_init+0x28/0x178
ret_from_kernel_thread+0x5c/0x64
The buggy address belongs to the object at c336c118
which belongs to the cache kernfs_node_cache of size 88
The buggy address is located 0 bytes to the right of
88-byte region [c336c118, c336c170)
The buggy address belongs to the physical page:
page:eee4bb30 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x336c
flags: 0x200(slab|zone=0)
raw: 00000200 00000100 00000122 c1852720 00000000 001e003c ffffffff 00000001
raw: 00000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
c336c000: fc 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
c336c080: fc fc 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
>c336c100: fc fc fc 00 00 00 00 00 00 00 00 00 00 00 fc fc
^
c336c180: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 fc
c336c200: fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00
==================================================================
Disabling lock debugging due to kernel taint
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
systemd[1]: Mounting FUSE Control File System...
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
** 257 printk messages dropped **
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
get_swap_device: Bad swap file entry 00000010
systemd-journald[106]: /dev/kmsg buffer overrun, some messages lost.
get_swap_device: Bad swap file entry 00000010
[...]
After the 1st time this happened I checked swap to be sure it's not a disk
errors fault. But the swap partition showed no sign of error:
# swapoff /dev/sdb6 && mkswap -f -L swap --verbose -c /dev/sdb6
0 beschädigte Seiten
mkswap: /dev/sdb6: Warnung: Alte swap-Signatur wird gelöscht.
Auslagerungsbereich Version 1 wird angelegt, Größe = 8 GiB (8589930496 Bytes)
LABEL=swap, UUID=aa150610-5987-492c-b9db-d3ea3f34a6be
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are watching the assignee of the bug.
next prev parent reply other threads:[~2022-11-22 0:20 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-21 0:19 [Bug 216715] New: kernel 6.1-rc5 + KASAN_OUTLINE fails to boot at very early stage when DEBUG_PAGEALLOC_ENABLE_DEFAULT is enabled (PowerMac G4 3,6) bugzilla-daemon
2022-11-21 8:19 ` [Bug 216715] " bugzilla-daemon
2022-11-22 0:12 ` bugzilla-daemon
2022-11-22 0:14 ` bugzilla-daemon
2022-11-22 0:19 ` bugzilla-daemon [this message]
2022-11-22 0:34 ` bugzilla-daemon
2023-05-19 18:49 ` bugzilla-daemon
2023-05-23 22:34 ` bugzilla-daemon
2023-05-23 22:35 ` bugzilla-daemon
2024-04-19 8:45 ` bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-216715-206035-GT79YJhv8q@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon@kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).