From: bugzilla-daemon@kernel•org
To: linuxppc-dev@lists•ozlabs.org
Subject: [Bug 216715] kernel 6.1-rc5 + KASAN_OUTLINE fails to boot at very early stage when DEBUG_PAGEALLOC_ENABLE_DEFAULT is enabled (PowerMac G4 3,6)
Date: Tue, 22 Nov 2022 00:34:38 +0000 [thread overview]
Message-ID: <bug-216715-206035-E2zi0uFYCD@https.bugzilla.kernel.org/> (raw)
In-Reply-To: <bug-216715-206035@https.bugzilla.kernel.org/>
https://bugzilla.kernel.org/show_bug.cgi?id=216715
--- Comment #5 from Erhard F. (erhard_f@mailbox•org) ---
Created attachment 303257
--> https://bugzilla.kernel.org/attachment.cgi?id=303257&action=edit
303256: kernel dmesg (6.1-rc6, PowerMac G4 DP) - BUG: KASAN:
slab-out-of-bounds, 2nd time
Here a slightly different kernel is used with SMP off. KASAN hit happened
instantly after trying to build glibc:
[...]
BUG: KASAN: slab-out-of-bounds in set_pte_at+0x9c/0x16c
Read of size 4 at addr c322519c by task emerge/296
CPU: 0 PID: 296 Comm: emerge Tainted: G TN 6.1.0-rc6-PMacG4s #31
Hardware name: PowerMac3,6 7455 0x80010303 PowerMac
Call Trace:
[f2aeb760] [c0ca8ecc] dump_stack_lvl+0x34/0x74 (unreliable)
[f2aeb780] [c02d2800] print_report+0x154/0x4f4
[f2aeb7d0] [c02d2508] kasan_report+0xec/0x230
[f2aeb830] [c002657c] set_pte_at+0x9c/0x16c
[f2aeb860] [c02744a8] copy_page_range+0x4ec/0xee0
[f2aeb990] [c005608c] dup_mm+0x70c/0x8ac
[f2aebab0] [c0057eec] copy_process+0x19b0/0x2c10
[f2aebba0] [c0059424] kernel_clone+0xd0/0x4c4
[f2aebc40] [c0059efc] sys_clone+0xfc/0x154
[f2aebd10] [c0017c60] system_call_exception+0x104/0x1ac
[f2aebf30] [c001f1ac] ret_from_syscall+0x0/0x2c
--- interrupt: c00 at 0xa7572df4
NIP: a7572df4 LR: a7572974 CTR: a7747ee8
REGS: f2aebf40 TRAP: 0c00 Tainted: G TN (6.1.0-rc6-PMacG4s)
MSR: 0200f932 <VEC,EE,PR,FP,ME,IR,DR,RI> CR: 48882244 XER: 00000000
GPR00: 00000078 af879140 a7c2d5a0 01200011 00000000 00000000 00000000 a7c26088
GPR08: 00000000 00000002 a6e31870 a781c724 48882242 008bfff4 00000000 00a0243c
GPR16: 00000000 016b591e 016b5910 af879304 31afa123 00000001 00000000 a7c284fc
GPR24: 00000000 00000000 a58ddc88 a7ae3128 a7bc1f08 a6ee0118 a769fff4 00000001
NIP [a7572df4] 0xa7572df4
LR [a7572974] 0xa7572974
--- interrupt: c00
Allocated by task 1:
kasan_set_track+0x44/0x94
__kasan_slab_alloc+0xa0/0xe8
kmem_cache_alloc+0x1e8/0x664
__kernfs_new_node+0xe8/0x354
kernfs_new_node+0x84/0xfc
__kernfs_create_file+0x50/0x204
sysfs_add_file_mode_ns+0xf4/0x1f0
internal_create_group+0x1f0/0x620
sysfs_slab_add+0x23c/0x2dc
__kmem_cache_create+0x14c/0x510
kmem_cache_create_usercopy+0x250/0x39c
btrfs_init_cachep+0x48/0x1e8
init_btrfs_fs+0x50/0x2b0
do_one_initcall+0xc0/0x34c
kernel_init_freeable+0x2a0/0x3e0
kernel_init+0x28/0x174
ret_from_kernel_thread+0x5c/0x64
The buggy address belongs to the object at c32251a0
which belongs to the cache kernfs_node_cache of size 88
The buggy address is located 4 bytes to the left of
88-byte region [c32251a0, c32251f8)
The buggy address belongs to the physical page:
page:eee50d34 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x3225
flags: 0x200(slab|zone=0)
raw: 00000200 00000100 00000122 c1843d20 00000000 001e003c ffffffff 00000001
raw: 00000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
c3225080: fc fc 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
c3225100: fc fc fc 00 00 00 00 00 00 00 00 00 00 00 fc fc
>c3225180: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 fc
^
c3225200: fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00
c3225280: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
==================================================================
Disabling lock debugging due to kernel taint
_swap_info_get: Bad swap file entry 10005281
BUG: Bad page map in process emerge pte:00528124 pmd:03225000
addr:af85a000 vm_flags:00100173 anon_vma:c8fb3bd8 mapping:00000000 index:affdf
file:(null) fault:0x0 mmap:0x0 read_folio:0x0
CPU: 0 PID: 300 Comm: emerge Tainted: G B TN 6.1.0-rc6-PMacG4s #31
Hardware name: PowerMac3,6 7455 0x80010303 PowerMac
Call Trace:
[f2f838c0] [c0ca8ecc] dump_stack_lvl+0x34/0x74 (unreliable)
[f2f838e0] [c02717e8] print_bad_pte+0x2e8/0x364
[f2f83970] [c027579c] unmap_page_range+0x900/0xa30
[f2f83a30] [c027607c] unmap_vmas+0x1d8/0x2cc
[f2f83b30] [c0283a68] exit_mmap+0x154/0x2f0
[f2f83c50] [c00542e8] mmput+0x98/0x244
[f2f83c80] [c005f784] do_exit+0x434/0xdc0
[f2f83d00] [c0060318] do_group_exit+0x64/0x100
[f2f83d30] [c00603e4] __wake_up_parent+0x0/0x4c
[f2f83d50] [c0017c60] system_call_exception+0x104/0x1ac
[f2f83f30] [c001f1ac] ret_from_syscall+0x0/0x2c
--- interrupt: c00 at 0xa7572ec0
[...]
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are watching the assignee of the bug.
next prev parent reply other threads:[~2022-11-22 0:35 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-21 0:19 [Bug 216715] New: kernel 6.1-rc5 + KASAN_OUTLINE fails to boot at very early stage when DEBUG_PAGEALLOC_ENABLE_DEFAULT is enabled (PowerMac G4 3,6) bugzilla-daemon
2022-11-21 8:19 ` [Bug 216715] " bugzilla-daemon
2022-11-22 0:12 ` bugzilla-daemon
2022-11-22 0:14 ` bugzilla-daemon
2022-11-22 0:19 ` bugzilla-daemon
2022-11-22 0:34 ` bugzilla-daemon [this message]
2023-05-19 18:49 ` bugzilla-daemon
2023-05-23 22:34 ` bugzilla-daemon
2023-05-23 22:35 ` bugzilla-daemon
2024-04-19 8:45 ` bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-216715-206035-E2zi0uFYCD@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon@kernel$(echo .)org \
--cc=linuxppc-dev@lists$(echo .)ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox