Re: [vbabka:slab-kfree_rcu-destroy-v1r0] [mm, slab] df00e211c9: WARNING:at_mm/slab_common.c:#kmem_cache_kfree_rcu_destroy_workfn

Vlastimil Babka Fri, 26 Jul 2024 02:35:23 -0700

On 7/25/24 7:59 AM, kernel test robot wrote:
> 
> hi, Vlastimil Babka,
> 
> we noticed by this commit:
> 
> 7fd4dfd0d38db6f3 df00e211c9c11e8d20f2ea7b4ab
> ---------------- ---------------------------
>        fail:runs  %reproduction    fail:runs
>            |             |             |
>           6:6         -100%            :6     
> dmesg.WARNING:at_mm/slab_common.c:#kmem_cache_destroy
>            :6          100%           6:6     
> dmesg.WARNING:at_mm/slab_common.c:#kmem_cache_kfree_rcu_destroy_workfn
> 
> below formal report just FYI what we observed in our tests. not sure if it's
> valuable to supply any hints.
> 
> 
> Hello,
> 
> kernel test robot noticed 
> "WARNING:at_mm/slab_common.c:#kmem_cache_kfree_rcu_destroy_workfn" on:
> 
> commit: df00e211c9c11e8d20f2ea7b4ab1d7c9760fe822 ("mm, slab: asynchronously 
> destroy caches with outstanding objects")
> https://git.kernel.org/cgit/linux/kernel/git/vbabka/linux.git 
> slab-kfree_rcu-destroy-v1r0


Yes, that's expected proves we need the proper barrier added from the RCU
folks :)

Thanks,
Vlastimil

> in testcase: rcutorture
> version: 
> with following parameters:
> 
>       runtime: 300s
>       test: default
>       torture_type: tasks-tracing
> 
> 
> 
> compiler: clang-18
> test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
> 
> (please refer to attached dmesg/kmsg for entire log/backtrace)
> 
> 
> 
> If you fix the issue in a separate patch/commit (i.e. not just a new version 
> of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <[email protected]>
> | Closes: 
> https://lore.kernel.org/oe-lkp/[email protected]
> 
> 
> [  339.985807][   T98] ------------[ cut here ]------------
> [  339.986460][   T98] kmem_cache_destroy rcuscale: Slab cache still has 
> objects
> [ 339.986476][ T98] WARNING: CPU: 1 PID: 98 at mm/slab_common.c:562 
> kmem_cache_kfree_rcu_destroy_workfn (mm/slab_common.c:561) 
> [  339.988490][   T98] Modules linked in: rcutorture(-) torture crc32c_intel 
> serio_raw stm_p_basic
> [  339.989490][   T98] CPU: 1 PID: 98 Comm: kworker/1:3 Not tainted 
> 6.10.0-rc6-00022-gdf00e211c9c1 #1
> [  339.990127][   T98] Workqueue: events kmem_cache_kfree_rcu_destroy_workfn
> [ 339.990888][ T98] EIP: kmem_cache_kfree_rcu_destroy_workfn 
> (mm/slab_common.c:561) 
> [ 339.991546][ T98] Code: 74 d3 e8 d8 f1 72 00 e8 63 31 e7 ff 83 c4 04 5e 5f 
> 5b 5d 31 c0 31 c9 31 d2 c3 ff 76 f4 68 05 a9 2a d3 e8 38 28 e7 ff 83 c4 08 
> <0f> 0b eb cf 90 3e 8d 74 26 00 55 89 e5 53 57 56 83 ec 0c 64 a1 30
> All code
> ========
>    0: 74 d3                   je     0xffffffffffffffd5
>    2: e8 d8 f1 72 00          call   0x72f1df
>    7: e8 63 31 e7 ff          call   0xffffffffffe7316f
>    c: 83 c4 04                add    $0x4,%esp
>    f: 5e                      pop    %rsi
>   10: 5f                      pop    %rdi
>   11: 5b                      pop    %rbx
>   12: 5d                      pop    %rbp
>   13: 31 c0                   xor    %eax,%eax
>   15: 31 c9                   xor    %ecx,%ecx
>   17: 31 d2                   xor    %edx,%edx
>   19: c3                      ret
>   1a: ff 76 f4                push   -0xc(%rsi)
>   1d: 68 05 a9 2a d3          push   $0xffffffffd32aa905
>   22: e8 38 28 e7 ff          call   0xffffffffffe7285f
>   27: 83 c4 08                add    $0x8,%esp
>   2a:*        0f 0b                   ud2             <-- trapping instruction
>   2c: eb cf                   jmp    0xfffffffffffffffd
>   2e: 90                      nop
>   2f: 3e 8d 74 26 00          ds lea 0x0(%rsi,%riz,1),%esi
>   34: 55                      push   %rbp
>   35: 89 e5                   mov    %esp,%ebp
>   37: 53                      push   %rbx
>   38: 57                      push   %rdi
>   39: 56                      push   %rsi
>   3a: 83 ec 0c                sub    $0xc,%esp
>   3d: 64                      fs
>   3e: a1                      .byte 0xa1
>   3f: 30                      .byte 0x30
> 
> Code starting with the faulting instruction
> ===========================================
>    0: 0f 0b                   ud2
>    2: eb cf                   jmp    0xffffffffffffffd3
>    4: 90                      nop
>    5: 3e 8d 74 26 00          ds lea 0x0(%rsi,%riz,1),%esi
>    a: 55                      push   %rbp
>    b: 89 e5                   mov    %esp,%ebp
>    d: 53                      push   %rbx
>    e: 57                      push   %rdi
>    f: 56                      push   %rsi
>   10: 83 ec 0c                sub    $0xc,%esp
>   13: 64                      fs
>   14: a1                      .byte 0xa1
>   15: 30                      .byte 0x30
> [  339.993706][   T98] EAX: 00000000 EBX: ed3f3000 ECX: 00000000 EDX: 00000000
> [  339.994569][   T98] ESI: ed3f3048 EDI: 00010000 EBP: eda63f00 ESP: eda63ef0
> [  339.994972][   T98] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 
> 00010296
> [  339.995835][   T98] CR0: 80050033 CR2: b7296028 CR3: 2e17c000 CR4: 000406d0
> [  339.996669][   T98] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [  339.997563][   T98] DR6: fffe0ff0 DR7: 00000400
> [  339.998168][   T98] Call Trace:
> [ 339.998550][ T98] ? show_regs (arch/x86/kernel/dumpstack.c:478) 
> [ 339.999044][ T98] ? kmem_cache_kfree_rcu_destroy_workfn 
> (mm/slab_common.c:561) 
> [ 339.999854][ T98] ? __warn (kernel/panic.c:239 kernel/panic.c:693) 
> [ 340.000309][ T98] ? kmem_cache_kfree_rcu_destroy_workfn 
> (mm/slab_common.c:561) 
> [ 340.001084][ T98] ? kmem_cache_kfree_rcu_destroy_workfn 
> (mm/slab_common.c:561) 
> [ 340.001837][ T98] ? report_bug (lib/bug.c:199) 
> [ 340.002138][ T98] ? exc_overflow (arch/x86/kernel/traps.c:252) 
> [ 340.002374][ T98] ? handle_bug (arch/x86/kernel/traps.c:?) 
> [ 340.002602][ T98] ? exc_invalid_op (arch/x86/kernel/traps.c:260) 
> [ 340.003063][ T98] ? handle_exception (arch/x86/entry/entry_32.S:1054) 
> [ 340.003641][ T98] ? exc_overflow (arch/x86/kernel/traps.c:252) 
> [ 340.004094][ T98] ? kmem_cache_kfree_rcu_destroy_workfn 
> (mm/slab_common.c:561) 
> [ 340.004932][ T98] ? exc_overflow (arch/x86/kernel/traps.c:252) 
> [ 340.005201][ T98] ? kmem_cache_kfree_rcu_destroy_workfn 
> (mm/slab_common.c:561) 
> [ 340.005814][ T98] process_one_work (kernel/workqueue.c:3253) 
> [ 340.006385][ T98] worker_thread (kernel/workqueue.c:3323 
> kernel/workqueue.c:3409) 
> [ 340.006870][ T98] kthread (kernel/kthread.c:391) 
> [ 340.007165][ T98] ? pr_cont_work (kernel/workqueue.c:3356) 
> [ 340.007508][ T98] ? kthread_unuse_mm (kernel/kthread.c:342) 
> [ 340.007852][ T98] ? kthread_unuse_mm (kernel/kthread.c:342) 
> [ 340.008205][ T98] ret_from_fork (arch/x86/kernel/process.c:153) 
> [ 340.008546][ T98] ret_from_fork_asm (arch/x86/entry/entry_32.S:737) 
> [ 340.008966][ T98] entry_INT80_32 (arch/x86/entry/entry_32.S:944) 
> [  340.009348][   T98] irq event stamp: 13099
> [ 340.009686][ T98] hardirqs last enabled at (13107): console_unlock 
> (arch/x86/include/asm/irqflags.h:19 arch/x86/include/asm/irqflags.h:67 
> arch/x86/include/asm/irqflags.h:127 kernel/printk/printk.c:341 
> kernel/printk/printk.c:2731 kernel/printk/printk.c:3050) 
> [ 340.015799][ T98] hardirqs last disabled at (13122): console_unlock 
> (kernel/printk/printk.c:339) 
> [ 340.016806][ T98] softirqs last enabled at (13120): __do_softirq 
> (kernel/softirq.c:589) 
> [ 340.017976][ T98] softirqs last disabled at (13115): __do_softirq 
> (kernel/softirq.c:589) 
> [  340.019062][   T98] ---[ end trace 0000000000000000 ]---
> 
> 
> 
> The kernel config and materials to reproduce are available at:
> https://download.01.org/0day-ci/archive/20240725/[email protected]
> 
> 
>

Re: [vbabka:slab-kfree_rcu-destroy-v1r0] [mm, slab] df00e211c9: WARNING:at_mm/slab_common.c:#kmem_cache_kfree_rcu_destroy_workfn

Reply via email to