Hello, kernel test robot noticed "WARNING:at_mm/memblock.c:#memblock_remove_region" on: commit: 9e46e4dcd9d6cd88342b028dbfa5f4fb7483d39c ("mm,memblock: reset memblock.reserved to system init state to prevent UAF") https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master [test failed on linux-next/master 0ba5d07205771c50789fd9063950aa75e7f1183f] in testcase: vm-scalability version: vm-scalability-x86_64-1.0-0_20220518 with following parameters: runtime: 300 thp_enabled: always thp_defrag: always nr_task: 8 nr_ssd: 1 priority: 1 test: swap-w-seq-mt cpufreq_governor: performance test-description: The motivation behind this suite is to exercise functions and regions of the mm/ of the Linux kernel which are of interest to us. test-url: https://git.kernel.org/cgit/linux/kernel/git/wfg/vm-scalability.git/ compiler: gcc-12 test machine: 128 threads 2 sockets Intel(R) Xeon(R) Platinum 8358 CPU @ 2.60GHz (Ice Lake) with 128G memory (please refer to attached dmesg/kmsg for entire log/backtrace) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot | Closes: https://lore.kernel.org/oe-lkp/202307271656.447aa17e-oliver.sang@intel.com [ 4.971006][ T1] ------------[ cut here ]------------ [ 4.971904][ T1] WARNING: CPU: 0 PID: 1 at mm/memblock.c:352 memblock_remove_region (kbuild/src/x86_64/mm/memblock.c:352 (discriminator 1)) [ 4.972901][ T1] Modules linked in: [ 4.973901][ T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.5.0-rc3-00001-g9e46e4dcd9d6 #2 [ 4.974901][ T1] RIP: 0010:memblock_remove_region (kbuild/src/x86_64/mm/memblock.c:352 (discriminator 1)) [ 4.975900][ T1] Code: 00 00 48 8b 43 18 48 c7 40 08 00 00 00 00 48 8b 43 18 c7 40 10 00 00 00 00 48 8b 43 18 c7 40 14 00 04 00 00 5b c3 cc cc cc cc <0f> 0b eb c2 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 All code ======== 0: 00 00 add %al,(%rax) 2: 48 8b 43 18 mov 0x18(%rbx),%rax 6: 48 c7 40 08 00 00 00 movq $0x0,0x8(%rax) d: 00 e: 48 8b 43 18 mov 0x18(%rbx),%rax 12: c7 40 10 00 00 00 00 movl $0x0,0x10(%rax) 19: 48 8b 43 18 mov 0x18(%rbx),%rax 1d: c7 40 14 00 04 00 00 movl $0x400,0x14(%rax) 24: 5b pop %rbx 25: c3 retq 26: cc int3 27: cc int3 28: cc int3 29: cc int3 2a:* 0f 0b ud2 <-- trapping instruction 2c: eb c2 jmp 0xfffffffffffffff0 2e: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1) 35: 00 00 00 00 39: 66 data16 3a: 66 data16 3b: 2e cs 3c: 0f .byte 0xf 3d: 1f (bad) 3e: 84 00 test %al,(%rax) Code starting with the faulting instruction =========================================== 0: 0f 0b ud2 2: eb c2 jmp 0xffffffffffffffc6 4: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1) b: 00 00 00 00 f: 66 data16 10: 66 data16 11: 2e cs 12: 0f .byte 0xf 13: 1f (bad) 14: 84 00 test %al,(%rax) [ 4.976901][ T1] RSP: 0000:ffa0000000077e78 EFLAGS: 00010206 [ 4.977900][ T1] RAX: ffffffff82f4bc40 RBX: ffffffff82f4bc18 RCX: 0000000000000000 [ 4.978900][ T1] RDX: 0000000000000000 RSI: ffffffff82f4bc58 RDI: ffffffff82f4bc40 [ 4.979900][ T1] RBP: 0000000000000000 R08: ff1100207ffd4d00 R09: 0000000000000002 [ 4.980901][ T1] R10: ffd4000081ff9d00 R11: ff1100207ffd4000 R12: 0000000000000000 [ 4.981900][ T1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 4.982900][ T1] FS: 0000000000000000(0000) GS:ff1100103f200000(0000) knlGS:0000000000000000 [ 4.983900][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 4.984899][ T1] CR2: ff1100207fc00000 CR3: 000000207ea18001 CR4: 0000000000771ef0 [ 4.985900][ T1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 4.986900][ T1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 4.987900][ T1] PKRU: 55555554 [ 4.988899][ T1] Call Trace: [ 4.989902][ T1] [ 4.990900][ T1] ? memblock_remove_region (kbuild/src/x86_64/mm/memblock.c:352 (discriminator 1)) [ 4.991900][ T1] ? __warn (kbuild/src/x86_64/kernel/panic.c:673) [ 4.992901][ T1] ? memblock_remove_region (kbuild/src/x86_64/mm/memblock.c:352 (discriminator 1)) [ 4.993900][ T1] ? report_bug (kbuild/src/x86_64/lib/bug.c:180 kbuild/src/x86_64/lib/bug.c:219) [ 4.994900][ T1] ? handle_bug (kbuild/src/x86_64/arch/x86/kernel/traps.c:324) [ 4.995899][ T1] ? exc_invalid_op (kbuild/src/x86_64/arch/x86/kernel/traps.c:345 (discriminator 1)) [ 4.996899][ T1] ? asm_exc_invalid_op (kbuild/src/x86_64/arch/x86/include/asm/idtentry.h:568) [ 4.997900][ T1] ? memblock_remove_region (kbuild/src/x86_64/mm/memblock.c:352 (discriminator 1)) [ 4.998900][ T1] ? memblock_remove_region (kbuild/src/x86_64/mm/memblock.c:348) [ 4.999899][ T1] memblock_discard (kbuild/src/x86_64/mm/memblock.c:383) [ 5.000901][ T1] page_alloc_init_late (kbuild/src/x86_64/include/linux/find.h:208 kbuild/src/x86_64/include/linux/nodemask.h:266 kbuild/src/x86_64/mm/mm_init.c:2405) [ 5.001900][ T1] kernel_init_freeable (kbuild/src/x86_64/init/main.c:1325 kbuild/src/x86_64/init/main.c:1546) [ 5.002901][ T1] ? __pfx_kernel_init (kbuild/src/x86_64/init/main.c:1429) [ 5.003900][ T1] kernel_init (kbuild/src/x86_64/init/main.c:1439) [ 5.004900][ T1] ret_from_fork (kbuild/src/x86_64/arch/x86/kernel/process.c:145) [ 5.005900][ T1] ? __pfx_kernel_init (kbuild/src/x86_64/init/main.c:1429) [ 5.006900][ T1] ret_from_fork_asm (kbuild/src/x86_64/arch/x86/entry/entry_64.S:298) [ 5.007900][ T1] RIP: 0000:0x0 [ 5.008902][ T1] Code: Unable to access opcode bytes at 0xffffffffffffffd6. Code starting with the faulting instruction =========================================== [ 5.009900][ T1] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 5.010900][ T1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 5.011900][ T1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 5.012900][ T1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 5.013900][ T1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 5.014900][ T1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 5.015900][ T1] [ 5.016900][ T1] ---[ end trace 0000000000000000 ]--- [ 5.020980][ T1] devtmpfs: initialized [ 5.024945][ T1] x86/mm: Memory block size: 2048MB [ 5.030509][ T1] ACPI: PM: Registering ACPI NVS region [mem 0x67dae000-0x68fdefff] (19075072 bytes) [ 5.040153][ T1] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns [ 5.049937][ T1] futex hash table entries: 32768 (order: 9, 2097152 bytes, vmalloc) [ 5.058123][ T1] pinctrl core: initialized pinctrl subsystem [ 5.066539][ T1] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 5.073099][ T1] audit: initializing netlink subsys (disabled) [ 5.078923][ T812] audit: type=2000 audit(1690400749.912:1): state=initialized audit_enabled=0 res=1 [ 5.079041][ T1] thermal_sys: Registered thermal governor 'fair_share' [ 5.087902][ T1] thermal_sys: Registered thermal governor 'bang_bang' [ 5.094900][ T1] thermal_sys: Registered thermal governor 'step_wise' [ 5.101900][ T1] thermal_sys: Registered thermal governor 'user_space' [ 5.108901][ T1] cpuidle: using governor menu [ 5.111023][ T1] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 [ 5.118064][ T1] PCI: MMCONFIG for domain 0000 [bus 00-ff] at [mem 0x80000000-0x8fffffff] (base 0x80000000) [ 5.127904][ T1] PCI: MMCONFIG at [mem 0x80000000-0x8fffffff] reserved as E820 entry [ 5.135915][ T1] PCI: Using configuration type 1 for base access [ 5.147971][ T1] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. [ 5.157965][ T1] HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages [ 5.164901][ T1] HugeTLB: 16380 KiB vmemmap can be freed for a 1.00 GiB page [ 5.171900][ T1] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages [ 5.179900][ T1] HugeTLB: 28 KiB vmemmap can be freed for a 2.00 MiB page [ 5.186967][ T1] cryptd: max_cpu_qlen set to 1000 [ 5.192050][ T1] ACPI: Added _OSI(Module Device) [ 5.196901][ T1] ACPI: Added _OSI(Processor Device) [ 5.201900][ T1] ACPI: Added _OSI(3.0 _SCP Extensions) [ 5.207900][ T1] ACPI: Added _OSI(Processor Aggregator Device) [ 5.310712][ T1] ACPI: 8 ACPI AML tables successfully acquired and loaded [ 5.341828][ T1] ACPI: Dynamic OEM Table Load: [ 5.425053][ T1] ACPI: Dynamic OEM Table Load: [ 5.445470][ T1] ACPI: Dynamic OEM Table Load: [ 5.505735][ T1] ACPI: Dynamic OEM Table Load: [ 5.696225][ T1] ACPI: Interpreter enabled [ 5.700912][ T1] ACPI: PM: (supports S0 S5) [ 5.704901][ T1] ACPI: Using IOAPIC for interrupt routing [ 5.710943][ T1] HEST: Table parsing has been initialized. [ 5.716964][ T1] GHES: APEI firmware first mode is enabled by APEI bit and WHEA _OSC. [ 5.724901][ T1] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug [ 5.734901][ T1] PCI: Using E820 reservations for host bridge windows [ 5.754166][ T1] ACPI: Enabled 5 GPEs in block 00 to 7F [ 5.831967][ T1] ACPI: PCI Root Bridge [PC00] (domain 0000 [bus 00-15]) [ 5.838903][ T1] acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] [ 5.866885][ T1] acpi PNP0A08:00: _OSC: platform does not support [SHPCHotplug AER LTR] [ 5.875130][ T1] acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug PME PCIeCapability] [ 5.885142][ T1] PCI host bridge to bus 0000:00 [ 5.889901][ T1] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] [ 5.896901][ T1] pci_bus 0000:00: root bus resource [io 0x1000-0x4fff window] [ 5.904911][ T1] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] [ 5.912949][ T1] pci_bus 0000:00: root bus resource [mem 0x000c8000-0x000cffff window] [ 5.920928][ T1] pci_bus 0000:00: root bus resource [mem 0xfe010000-0xfe010fff window] [ 5.928905][ T1] pci_bus 0000:00: root bus resource [mem 0x90000000-0x9b7fffff window] [ 5.936901][ T1] pci_bus 0000:00: root bus resource [mem 0x380000000000-0x383fffffffff window] [ 5.945901][ T1] pci_bus 0000:00: root bus resource [bus 00-15] [ 5.951934][ T1] pci 0000:00:00.0: [8086:09a2] type 00 class 0x088000 [ 5.959002][ T1] pci 0000:00:00.1: [8086:09a4] type 00 class 0x088000 [ 5.965965][ T1] pci 0000:00:00.2: [8086:09a3] type 00 class 0x088000 [ 5.972964][ T1] pci 0000:00:00.4: [8086:0998] type 00 class 0x060000 [ 5.978965][ T1] pci 0000:00:01.0: [8086:0b00] type 00 class 0x088000 [ 5.985909][ T1] pci 0000:00:01.0: reg 0x10: [mem 0x383ffff60000-0x383ffff63fff 64bit] [ 5.994010][ T1] pci 0000:00:01.1: [8086:0b00] type 00 class 0x088000 [ 6.000908][ T1] pci 0000:00:01.1: reg 0x10: [mem 0x383ffff5c000-0x383ffff5ffff 64bit] [ 6.009009][ T1] pci 0000:00:01.2: [8086:0b00] type 00 class 0x088000 [ 6.015909][ T1] pci 0000:00:01.2: reg 0x10: [mem 0x383ffff58000-0x383ffff5bfff 64bit] To reproduce: git clone https://github.com/intel/lkp-tests.git cd lkp-tests sudo bin/lkp install job.yaml # job file is attached in this email bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run sudo bin/lkp run generated-yaml-file # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki