Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: eda7ef0c7b86e72b35c62c9d1e55c57cecd0abe7 ("[PATCH bpf-next v4 19/30] bpf: eliminate rlimit-based memory accounting for hashtab maps")
url: https://github.com/0day-ci/linux/commits/Roman-Gushchin/bpf-switch-to-memcg-based-memory-accounting/20200821-233104
base: https://git.kernel.org/cgit/linux/kernel/git/bpf/bpf-next.git master

in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 8G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+------------------------------------------+------------+------------+
|                                          | 4ad9edebed | eda7ef0c7b |
+------------------------------------------+------------+------------+
| boot_successes                           | 4          | 0          |
| boot_failures                            | 0          | 4          |
| canonical_address#:#[##]                 | 0          | 4          |
| RIP:bpf_map_free_deferred                | 0          | 4          |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 4          |
+------------------------------------------+------------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <rong.a.chen@intel.com>


[   37.201357] init: tty2 main process ended, respawning
[   37.232660] init: tty3 main process (480) terminated with status 1
[   37.234056] init: tty3 main process ended, respawning
[   37.239246] init: tty6 main process (482) terminated with status 1
[   37.240789] init: tty6 main process ended, respawning
[   40.878036] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] SMP
[   40.900083] CPU: 0 PID: 157 Comm: kworker/0:2 Not tainted 5.9.0-rc1-00149-geda7ef0c7b86e7 #1
[   40.901680] Workqueue: events bpf_map_free_deferred
[   40.902630] RIP: 0010:bpf_map_free_deferred+0x57/0xdf
[   40.903694] Code: aa ff ff ff 48 89 ef e8 e2 ee 27 00 48 8b 83 70 ff ff ff 48 89 ef ff 50 18 48 89 e7 e8 66 ff ff ff 48 8b 5b c8 48 85 db 74 6c <f6> 43 7c 01 75 66 e8 ac dd ff ff e8 c0 ec ff ff e8 aa 91 74 00 85
[   40.907343] RSP: 0018:ffff88821a353e38 EFLAGS: 00010202
[   40.908373] RAX: 0000000000000000 RBX: 6b6b6b6b6b6b6b6b RCX: 0000000000000006
[   40.909786] RDX: ffff88821aa98b40 RSI: 0000000000000000 RDI: 0000000000000000
[   40.911066] RBP: ffff888236069c00 R08: 0000000000000400 R09: ffffea000867e208
[   40.912407] R10: ffffea0008359048 R11: 0000000000000002 R12: ffff888237c2a780
[   40.913801] R13: ffff888237c2fd00 R14: 0000000000000000 R15: ffff888236069c98
[   40.915216] FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[   40.916762] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   40.917874] CR2: 0000000000442d70 CR3: 000000020d685000 CR4: 00000000000406b0
[   40.919297] Call Trace:
[   40.919816]  process_one_work+0x288/0x475
[   40.920573]  ? worker_thread+0x205/0x254
[   40.921377]  worker_thread+0x1a5/0x254
[   40.922147]  ? create_worker+0x17d/0x17d
[   40.922899]  kthread+0x108/0x110
[   40.923570]  ? kthread_create_worker_on_cpu+0x65/0x65
[   40.924598]  ret_from_fork+0x1f/0x30
[   40.925312] Modules linked in: ide_cd_mod cdrom ide_pci_generic evdev i2c_piix4 piix ide_core i2c_core virtio_blk parport_pc qemu_fw_cfg processor button
[   40.928068] ---[ end trace 270fed0e47b93410 ]---
[   40.928901] RIP: 0010:bpf_map_free_deferred+0x57/0xdf
[   40.929782] Code: aa ff ff ff 48 89 ef e8 e2 ee 27 00 48 8b 83 70 ff ff ff 48 89 ef ff 50 18 48 89 e7 e8 66 ff ff ff 48 8b 5b c8 48 85 db 74 6c <f6> 43 7c 01 75 66 e8 ac dd ff ff e8 c0 ec ff ff e8 aa 91 74 00 85
[   40.933487] RSP: 0018:ffff88821a353e38 EFLAGS: 00010202
[   40.934549] RAX: 0000000000000000 RBX: 6b6b6b6b6b6b6b6b RCX: 0000000000000006
[   40.970611] RDX: ffff88821aa98b40 RSI: 0000000000000000 RDI: 0000000000000000
[   40.971949] RBP: ffff888236069c00 R08: 0000000000000400 R09: ffffea000867e208
[   40.973305] R10: ffffea0008359048 R11: 0000000000000002 R12: ffff888237c2a780
[   40.974789] R13: ffff888237c2fd00 R14: 0000000000000000 R15: ffff888236069c98
[   40.980705] FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[   40.982086] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   40.983172] CR2: 0000000000442d70 CR3: 000000020d685000 CR4: 00000000000406b0
[   40.984665] Kernel panic - not syncing: Fatal exception
[   40.985818] Kernel Offset: disabled

Kboot worker: lkp-worker46
Elapsed time: 60



To reproduce:

        # build kernel
	cd linux
	cp config-5.9.0-rc1-00149-geda7ef0c7b86e7 .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email



Thanks,
Rong Chen