Greeting, FYI, we noticed the following commit (built with gcc-11): commit: fb670abe87296c7b214b6d9f29e9c7380d8d621c ("[PATCH] mm/slub: return 0 when object pointer is NULL") url: https://github.com/intel-lab-lkp/linux/commits/Ben-Luo/mm-slub-return-0-when-object-pointer-is-NULL/20220912-140234 base: https://git.kernel.org/cgit/linux/kernel/git/akpm/mm.git mm-everything patch link: https://lore.kernel.org/linux-mm/1662962379-16174-1-git-send-email-luoben@linux.alibaba.com in testcase: boot on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): +----------------------------------------------------------+------------+------------+ | | 2558c2ced7 | fb670abe87 | +----------------------------------------------------------+------------+------------+ | BUG_kmem_cache_node(Not_tainted):Freechain_corrupt | 0 | 24 | | BUG_kmem_cache(Tainted:G_B):Freechain_corrupt | 0 | 24 | | BUG_kmem_cache_node(Tainted:G_B):Freechain_corrupt | 0 | 24 | | BUG_kmem_cache_node(Tainted:G_B):Freepointer_corrupt | 0 | 24 | | BUG_debug_objects_cache(Tainted:G_B):Freechain_corrupt | 0 | 24 | | BUG_debug_objects_cache(Tainted:G_B):Freepointer_corrupt | 0 | 24 | | BUG_vmap_area(Tainted:G_B):Freechain_corrupt | 0 | 20 | | BUG_kmalloc-#(Tainted:G_B):Freechain_corrupt | 0 | 20 | | BUG_kmalloc-#k(Tainted:G_B):Freechain_corrupt | 0 | 20 | | BUG_kmalloc-#(Tainted:G_B):Freepointer_corrupt | 0 | 20 | | BUG_radix_tree_node(Tainted:G_B):Freechain_corrupt | 0 | 14 | | BUG_pool_workqueue(Tainted:G_B):Freechain_corrupt | 0 | 14 | | BUG_trace_event_file(Tainted:G_B):Freechain_corrupt | 0 | 13 | | BUG_ftrace_event_field(Tainted:G_B):Freechain_corrupt | 0 | 13 | +----------------------------------------------------------+------------+------------+ [ 2.980173][ T0] ============================================================================= [ 2.981207][ T0] BUG kmem_cache_node (Not tainted): Freechain corrupt [ 2.981954][ T0] ----------------------------------------------------------------------------- [ 2.981954][ T0] [ 2.983185][ T0] Slab 0xea3fe800 objects=21 used=21 fp=0x00000000 flags=0x200(slab|zone=0) [ 2.984205][ T0] Object 0xc0100f40 @offset=3904 fp=0x00000000 [ 2.984205][ T0] [ 2.985174][ T0] Redzone c0100f00: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ [ 2.986268][ T0] Redzone c0100f10: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ [ 2.987368][ T0] Redzone c0100f20: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ [ 2.988420][ T0] Redzone c0100f30: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ [ 2.989412][ T0] Object c0100f40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk [ 2.990420][ T0] Object c0100f50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk [ 2.991436][ T0] Object c0100f60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk [ 2.992505][ T0] Object c0100f70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 kkkkkkkkkkkkkkk. [ 2.993539][ T0] Redzone c0100f80: bb bb bb bb .... [ 2.994476][ T0] Padding c0100fb0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ [ 2.995639][ T0] CPU: 0 PID: 0 Comm: swapper Not tainted 6.0.0-rc3-00584-gfb670abe8729 #6 [ 2.996635][ T0] Call Trace: [ 2.996998][ T0] ? show_stack+0x35/0x3b [ 2.997511][ T0] dump_stack_lvl+0x55/0x79 [ 2.997986][ T0] dump_stack+0xd/0x10 [ 2.998412][ T0] print_trailer+0x104/0x10c [ 2.998914][ T0] object_err+0x2b/0x3f [ 2.999367][ T0] deactivate_slab.cold+0x13/0x2e [ 2.999925][ T0] ? __kmem_cache_create+0x16/0xa0 [ 3.000519][ T0] ? kmem_cache_init+0x73/0xe9 [ 3.001069][ T0] ? start_kernel+0x1b8/0x413 [ 3.001585][ T0] ? i386_start_kernel+0x43/0x45 [ 3.002122][ T0] ? alloc_debug_processing+0x41/0x150 [ 3.002722][ T0] ? pcpu_alloc+0x734/0x9d0 [ 3.003235][ T0] ___slab_alloc+0x753/0xc00 [ 3.003853][ T0] ? init_kmem_cache_nodes+0x31/0x210 [ 3.004446][ T0] ? __mutex_unlock_slowpath+0x20/0x290 [ 3.005080][ T0] ? init_kmem_cache_nodes+0x31/0x210 [ 3.005676][ T0] ? rcu_read_lock_sched_held+0xe/0x70 [ 3.006282][ T0] ? pcpu_alloc+0x49f/0x9d0 [ 3.006772][ T0] kmem_cache_alloc+0x3b0/0x480 [ 3.007302][ T0] ? init_kmem_cache_nodes+0x31/0x210 [ 3.007874][ T0] init_kmem_cache_nodes+0x31/0x210 [ 3.008436][ T0] kmem_cache_open+0xf6/0x290 [ 3.008933][ T0] ? kmem_cache_open+0x192/0x290 [ 3.009454][ T0] __kmem_cache_create+0x16/0xa0 [ 3.009996][ T0] create_boot_cache+0x63/0x83 [ 3.010526][ T0] kmem_cache_init+0x73/0xe9 [ 3.011186][ T0] start_kernel+0x1b8/0x413 [ 3.011611][ T0] ? idt_setup_early_handler+0x39/0x4c [ 3.012209][ T0] i386_start_kernel+0x43/0x45 [ 3.012728][ T0] startup_32_smp+0x161/0x164 [ 3.013254][ T0] Disabling lock debugging due to kernel taint [ 3.013911][ T0] FIX kmem_cache_node: Isolate corrupted freechain ... If you fix the issue, kindly add following tag Reported-by: kernel test robot Link: https://lore.kernel.org/r/202209140949.45a9520d-yujie.liu@intel.com To reproduce: # build kernel cd linux cp config-6.0.0-rc3-00584-gfb670abe8729 .config make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH= modules_install cd find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k -m modules.cgz job-script # job-script is attached in this email # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://01.org/lkp