lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Fri, 04 Jul 2014 12:07:51 +0800
From:	Jet Chen <jet.chen@...el.com>
To:	Tejun Heo <tj@...nel.org>
CC:	Fengguang Wu <fengguang.wu@...el.com>, LKP <lkp@...org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: [block, blk] BUG: unable to handle kernel NULL pointer dereference
 at 0000000000000028

Hi Tejun,

FYI, we noticed the below changes on

git://git.kernel.org/pub/scm/linux/kernel/git/tj/misc.git review-mq-percpu_ref
commit c924ec35e72ce0d6c289b858d323f7eb3f5076a5 ("block, blk-mq: draining can't be skipped even if bypass_depth was non-zero")

+------------------------------------------------------+------------+------------+
|                                                      | ea854572ee | c924ec35e7 |
+------------------------------------------------------+------------+------------+
| boot_successes                                       | 26         | 10         |
| early-boot-hang                                      | 1          |            |
| boot_failures                                        | 0          | 16         |
| BUG:unable_to_handle_kernel_NULL_pointer_dereference | 0          | 16         |
| Oops                                                 | 0          | 16         |
| RIP:blk_throtl_drain                                 | 0          | 16         |
| kernel_BUG_at_arch/x86/mm/pageattr.c                 | 0          | 7          |
| invalid_opcode                                       | 0          | 7          |
| RIP:change_page_attr_set_clr                         | 0          | 7          |
| Kernel_panic-not_syncing:Fatal_exception             | 0          | 16         |
| backtrace:scsi_debug_exit                            | 0          | 6          |
| backtrace:SyS_delete_module                          | 0          | 6          |
| backtrace:do_vfs_ioctl                               | 0          | 10         |
| backtrace:SyS_ioctl                                  | 0          | 10         |
+------------------------------------------------------+------------+------------+


[  522.186410] EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: acl,user_xattr
[  522.368967] EXT4-fs (dm-0): recovery complete
[  522.415305] EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: acl,user_xattr
[  523.030685] BUG: unable to handle kernel NULL pointer dereference at 0000000000000028
[  523.031682] IP: [<ffffffff813cea30>] blk_throtl_drain+0x30/0x150
[  523.031682] PGD a8d1c067 PUD a71fd067 PMD 0 [  523.031682] Oops: 0000 [#1] SMP [  523.031682] Modules linked in: dm_flakey dm_mod fuse sg sr_mod cdrom ata_generic pata_acpi cirrus syscopyarea snd_pcm sysfillrect snd_timer sysimgblt floppy snd ttm soundcore parport_pc drm_kms_helper parport drm pcspkr i2c_piix4 ata_piix libata
[  523.031682] CPU: 0 PID: 30028 Comm: dmsetup Not tainted 3.16.0-rc1-01463-g94b6452 #1
[  523.031682] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  523.031682] task: ffff88011560bb20 ti: ffff8800a6c7c000 task.ti: ffff8800a6c7c000
[  523.031682] RIP: 0010:[<ffffffff813cea30>]  [<ffffffff813cea30>] blk_throtl_drain+0x30/0x150
[  523.031682] RSP: 0018:ffff8800a6c7fb58  EFLAGS: 00010046
[  523.031682] RAX: 0000000000000000 RBX: ffff88011503be40 RCX: 000000007fffffff
[  523.031682] RDX: 0000000000000016 RSI: 0000000000000000 RDI: 0000000000000000
[  523.031682] RBP: ffff8800a6c7fb70 R08: 0000000000000000 R09: 0000000000000046
[  523.031682] R10: ffff8800a6c7fb70 R11: ffffffff813dcbb1 R12: ffff88011503be40
[  523.031682] R13: ffff8800d50a7700 R14: ffff88011503c498 R15: 0000000000000000
[  523.031682] FS:  00007fa84cf11800(0000) GS:ffff88011fc00000(0000) knlGS:0000000000000000
[  523.031682] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  523.031682] CR2: 0000000000000028 CR3: 000000007ed12000 CR4: 00000000000006f0
[  523.031682] Stack:
[  523.031682]  ffff88011503be40 0000000000000000 ffff88011503c4a8 ffff8800a6c7fb80
[  523.031682]  ffffffff813cba6e ffff8800a6c7fbb0 ffffffff813b0b6c ffff88011503be40
[  523.031682]  ffffffff81cf3920 ffff88011503be40 ffff8800aad17a00 ffff8800a6c7fbc8
[  523.031682] Call Trace:
[  523.031682]  [<ffffffff813cba6e>] blkcg_drain_queue+0xe/0x10
[  523.031682]  [<ffffffff813b0b6c>] __blk_drain_queue+0x7c/0x180
[  523.031682]  [<ffffffff813b0cfe>] blk_queue_bypass_start+0x8e/0xd0
[  523.031682]  [<ffffffff813cac18>] blkcg_deactivate_policy+0x38/0x140
[  523.031682]  [<ffffffff813cec84>] blk_throtl_exit+0x34/0x50
[  523.031682]  [<ffffffff813cbab8>] blkcg_exit_queue+0x48/0x70
[  523.031682]  [<ffffffff813b43c6>] blk_release_queue+0x26/0x100
[  523.031682]  [<ffffffff813dcb97>] kobject_cleanup+0x77/0x1b0
[  523.031682]  [<ffffffff813dca48>] kobject_put+0x28/0x60
[  523.031682]  [<ffffffff813b0e59>] blk_cleanup_queue+0x119/0x1c0
[  523.031682]  [<ffffffffa019c243>] __dm_destroy+0x1f3/0x280 [dm_mod]
[  523.031682]  [<ffffffffa019d083>] dm_destroy+0x13/0x20 [dm_mod]
[  523.031682]  [<ffffffffa01a27de>] dev_remove+0x11e/0x180 [dm_mod]
[  523.031682]  [<ffffffffa01a26c0>] ? dev_suspend+0x250/0x250 [dm_mod]
[  523.031682]  [<ffffffffa01a2ea9>] ctl_ioctl+0x269/0x500 [dm_mod]
[  523.031682]  [<ffffffff814c5c4b>] ? extract_buf+0xbb/0x130
[  523.031682]  [<ffffffffa01a3153>] dm_ctl_ioctl+0x13/0x20 [dm_mod]
[  523.031682]  [<ffffffff811da350>] do_vfs_ioctl+0x300/0x520
[  523.031682]  [<ffffffff813729f6>] ? file_has_perm+0x86/0xa0
[  523.031682]  [<ffffffff811da5f1>] SyS_ioctl+0x81/0xa0
[  523.031682]  [<ffffffff818348a9>] system_call_fastpath+0x16/0x1b
[  523.031682] Code: 55 65 ff 04 25 a0 c7 00 00 48 89 e5 41 55 41 54 49 89 fc 53 4c 8b af 40 07 00 00 49 8b 85 a0 00 00 00 31 ff 48 8b 80 c8 05 00 00 <48> 8b 70 28 e8 37 8d d2 ff 48 85 c0 48 89 c3 74 61 0f 1f 80 00 [  523.031682] RIP  [<ffffffff813cea30>] blk_throtl_drain+0x30/0x150
[  523.031682]  RSP <ffff8800a6c7fb58>
[  523.031682] CR2: 0000000000000028
[  523.031682] ---[ end trace ef34f58eab34804c ]---
[  523.031682] Kernel panic - not syncing: Fatal exception



Disclaimer:
Results have been estimated based on internal Intel analysis and are provided
for informational purposes only. Any difference in system hardware or software
design or configuration may affect actual performance.

Thanks,
Jet


View attachment "reproduce" of type "text/plain" (1502 bytes)

View attachment ".dmesg" of type "text/plain" (39584 bytes)

Powered by blists - more mailing lists