hi, Paul,
we noticed there are similar commits and fix commits in newer branches.
dev.2025.08.19a
dev.2025.08.20a
but we didn't finish the test/bisect for new branches.
this report is just FYI, if the issue was already fixed in new branches, please
ignore this report. sorry if any inconvenience.
Hello,
kernel test robot noticed "WARNING:at_mm/slub.c:#free_large_kmalloc" on:
commit: 2ad3ef4260e9bd8628025b35fa2613c7e4e7720f ("rcu: Re-implement RCU Tasks
Trace in terms of SRCU-fast")
https://github.com/paulmckrcu/linux dev.2025.08.14a
in testcase: rcutorture
version:
with following parameters:
runtime: 300s
test: default
torture_type: tasks-tracing
config: i386-randconfig-013-20250820
compiler: clang-20
test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <[email protected]>
| Closes: https://lore.kernel.org/oe-lkp/[email protected]
[ 5.780201][ T1] ------------[ cut here ]------------
[ 5.780793][ T1] WARNING: CPU: 0 PID: 1 at mm/slub.c:4790 free_large_kmalloc
(mm/slub.c:4790 (discriminator 12))
[ 5.781568][ T1] Modules linked in:
[ 5.782001][ T1] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Tainted: G
T 6.17.0-rc1-00030-g2ad3ef4260e9 #1 PREEMPT(lazy)
f3de4fe5b382f5192602efb6727d7dab8a9b7f2f
[ 5.784147][ T1] Tainted: [T]=RANDSTRUCT
[ 5.784803][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 5.786255][ T1] EIP: free_large_kmalloc (mm/slub.c:4790 (discriminator 12))
[ 5.787027][ T1] Code: 89 d9 d3 e2 c1 fa 0c 01 15 ac cf d2 d0 01 15 d4 d5 5c d1
83 3e ff 74 06 c7 06 ff ff ff ff 89 da e8 8d 55 ff ff 5e 5f 5b 5d c3 <0f> 0b ba
2c b2 4e d0 e8 6c a4 c7 ff eb ed 89 c7 b8 30 26 b3 d0 ba
All code
========
0: 89 d9 mov %ebx,%ecx
2: d3 e2 shl %cl,%edx
4: c1 fa 0c sar $0xc,%edx
7: 01 15 ac cf d2 d0 add %edx,-0x2f2d3054(%rip) #
0xffffffffd0d2cfb9
d: 01 15 d4 d5 5c d1 add %edx,-0x2ea32a2c(%rip) #
0xffffffffd15cd5e7
13: 83 3e ff cmpl $0xffffffff,(%rsi)
16: 74 06 je 0x1e
18: c7 06 ff ff ff ff movl $0xffffffff,(%rsi)
1e: 89 da mov %ebx,%edx
20: e8 8d 55 ff ff call 0xffffffffffff55b2
25: 5e pop %rsi
26: 5f pop %rdi
27: 5b pop %rbx
28: 5d pop %rbp
29: c3 ret
2a:* 0f 0b ud2 <-- trapping instruction
2c: ba 2c b2 4e d0 mov $0xd04eb22c,%edx
31: e8 6c a4 c7 ff call 0xffffffffffc7a4a2
36: eb ed jmp 0x25
38: 89 c7 mov %eax,%edi
3a: b8 30 26 b3 d0 mov $0xd0b32630,%eax
3f: ba .byte 0xba
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: ba 2c b2 4e d0 mov $0xd04eb22c,%edx
7: e8 6c a4 c7 ff call 0xffffffffffc7a478
c: eb ed jmp 0xfffffffffffffffb
e: 89 c7 mov %eax,%edi
10: b8 30 26 b3 d0 mov $0xd0b32630,%eax
15: ba .byte 0xba
[ 5.789718][ T1] EAX: e7722700 EBX: e7238660 ECX: ff000000 EDX: e7238660
[ 5.790702][ T1] ESI: e7722700 EDI: cecc63c8 EBP: c1259a80 ESP: c1259a74
[ 5.791669][ T1] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS:
00010206
[ 5.792787][ T1] CR0: 80050033 CR2: b7fa3cd4 CR3: 10ed1000 CR4: 000406d0
[ 5.793708][ T1] Call Trace:
[ 5.794192][ T1] ? crypto842_free_ctx (crypto/842.c:40)
[ 5.794849][ T1] kfree (mm/slub.c:4874)
[ 5.795393][ T1] crypto842_free_ctx (crypto/842.c:40)
[ 5.796104][ T1] crypto_acomp_alloc_streams (include/linux/err.h:70
crypto/acompress.c:431)
[ 5.796915][ T1] crypto_scomp_init_tfm (crypto/scompress.c:128)
[ 5.797665][ T1] crypto_create_tfm_node (crypto/api.c:541)
[ 5.798430][ T1] crypto_init_scomp_ops_async (include/linux/err.h:70
crypto/scompress.c:314)
[ 5.799284][ T1] crypto_acomp_init_tfm (crypto/acompress.c:124)
[ 5.800029][ T1] crypto_create_tfm_node (crypto/api.c:541)
[ 5.800809][ T1] crypto_alloc_tfm_node (crypto/api.c:642)
[ 5.801584][ T1] crypto_alloc_acomp_node (crypto/acompress.c:162)
[ 5.802380][ T1] zswap_cpu_comp_prepare (mm/zswap.c:836)
[ 5.803160][ T1] ? zswap_setup (mm/zswap.c:822)
[ 5.803856][ T1] cpuhp_issue_call (kernel/cpu.c:205)
[ 5.804563][ T1] ? mutex_lock_nested (kernel/locking/mutex.c:760
kernel/locking/mutex.c:812)
[ 5.805313][ T1] ? zswap_setup (mm/zswap.c:822)
[ 5.806053][ T1] __cpuhp_state_add_instance (kernel/cpu.c:2427
kernel/cpu.c:2448)
[ 5.806918][ T1] zswap_pool_create (mm/zswap.c:295)
[ 5.807704][ T1] __zswap_pool_create_fallback (mm/zswap.c:362)
[ 5.808596][ T1] zswap_setup (mm/zswap.c:1868)
[ 5.809302][ T1] zswap_init (mm/zswap.c:?)
[ 5.809938][ T1] do_one_initcall (init/main.c:1269)
[ 5.810654][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4674)
[ 5.811372][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4674)
[ 5.812111][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4674)
[ 5.812834][ T1] ? __lock_acquire (kernel/locking/lockdep.c:4674)
[ 5.813557][ T1] ? __update_load_avg_cfs_rq (include/trace/events/sched.h:833
(discriminator 3))
[ 5.814379][ T1] ? lock_acquire (kernel/locking/lockdep.c:5868)
[ 5.815070][ T1] ? lock_acquire (kernel/locking/lockdep.c:5868)
[ 5.815799][ T1] ? ktime_get (include/linux/seqlock.h:226 (discriminator 3))
[ 5.816484][ T1] ? ktime_get (include/linux/seqlock.h:226 (discriminator 3))
[ 5.817045][ T1] ? ktime_get (include/linux/seqlock.h:226 (discriminator 3))
[ 5.817486][ T1] ? kvm_clock_get_cycles (arch/x86/include/asm/preempt.h:95
arch/x86/kernel/kvmclock.c:80 arch/x86/kernel/kvmclock.c:86)
[ 5.817998][ T1] ? ktime_get (kernel/time/timekeeping.c:289
kernel/time/timekeeping.c:398 kernel/time/timekeeping.c:820)
[ 5.818440][ T1] ? clockevents_program_event (kernel/time/clockevents.c:336)
[ 5.818995][ T1] ? profile_tick (include/linux/profile.h:50)
[ 5.819423][ T1] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:80)
[ 5.819882][ T1] ? irqentry_exit (kernel/entry/common.c:?)
[ 5.820317][ T1] ? sysvec_hyperv_stimer0 (arch/x86/kernel/apic/apic.c:1050)
[ 5.820829][ T1] ? sysvec_apic_timer_interrupt
(arch/x86/kernel/apic/apic.c:1050 (discriminator 6))
[ 5.821357][ T1] ? handle_exception (arch/x86/entry/entry_32.S:1048)
[ 5.821826][ T1] ? strlen (arch/x86/lib/string_32.c:167)
[ 5.822209][ T1] ? next_arg (lib/cmdline.c:273)
[ 5.822623][ T1] ? parameq (kernel/params.c:90 (discriminator 1)
kernel/params.c:99 (discriminator 1))
[ 5.823014][ T1] ? swapfile_init (mm/zswap.c:1900)
[ 5.823449][ T1] do_initcall_level (init/main.c:1330 (discriminator 6))
[ 5.823906][ T1] do_initcalls (init/main.c:1344 (discriminator 2))
[ 5.824319][ T1] ? rest_init (init/main.c:1461)
[ 5.824747][ T1] ? rest_init (init/main.c:1461)
[ 5.825163][ T1] do_basic_setup (init/main.c:1367)
[ 5.825590][ T1] kernel_init_freeable (init/main.c:1581)
[ 5.826058][ T1] kernel_init (init/main.c:1471)
[ 5.826472][ T1] ret_from_fork (arch/x86/kernel/process.c:154)
[ 5.826906][ T1] ? rest_init (init/main.c:1461)
[ 5.827326][ T1] ret_from_fork_asm (arch/x86/entry/entry_32.S:737)
[ 5.827778][ T1] entry_INT80_32 (arch/x86/entry/entry_32.S:945)
[ 5.828225][ T1] irq event stamp: 1016907
[ 5.828641][ T1] hardirqs last enabled at (1016917): __console_unlock
(arch/x86/include/asm/irqflags.h:19 arch/x86/include/asm/irqflags.h:109
arch/x86/include/asm/irqflags.h:151 kernel/printk/printk.c:344
kernel/printk/printk.c:2885)
[ 5.829782][ T1] hardirqs last disabled at (1016928): __console_unlock
(kernel/printk/printk.c:342 (discriminator 9))
[ 5.831001][ T1] softirqs last enabled at (1008778): __do_softirq
(kernel/softirq.c:614)
[ 5.832169][ T1] softirqs last disabled at (1008769): __do_softirq
(kernel/softirq.c:614)
[ 5.833335][ T1] ---[ end trace 0000000000000000 ]---
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250822/[email protected]
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
