lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 17 Jun 2016 14:09:32 +0800
From:	kernel test robot <xiaolong.ye@...el.com>
To:	"J. Bruce Fields" <bfields@...hat.com>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	0day robot <fengguang.wu@...el.com>, lkp@...org
Subject: [svcrpc]  12e5cf2d75: BUG: unable to handle kernel NULL pointer
 dereference at 0000000000000014


FYI, we noticed the following commit:

https://github.com/0day-ci/linux Chuck-Lever/NFS-RDMA-client-patches-proposed-for-v4-8/20160615-114209
commit 12e5cf2d7547fc43a3004cdf52e562abfc95eb55 ("svcrpc: remove unnecessary svc_exit_thread serv check")

in testcase: fsmark
with following parameters: disk=1HDD/filesize=16MB/fs2=nfsv4/fs=ext4/iterations=1x/nr_directories=16d/nr_files_per_directory=256fpd/nr_threads=32t/sync_method=NoSync/test_size=60G

on test machine: vm-vp-1G: 2 threads qemu-system-x86_64 -enable-kvm -cpu Nehalem with 1G memory

caused below changes:


+------------------------------------------+------------+------------+
|                                          | 5a9570253a | 12e5cf2d75 |
+------------------------------------------+------------+------------+
| boot_successes                           | 8          | 4          |
| boot_failures                            | 0          | 4          |
| BUG:unable_to_handle_kernel              | 0          | 4          |
| Oops                                     | 0          | 4          |
| RIP:svc_destroy                          | 0          | 4          |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 4          |
| backtrace:nfsd                           | 0          | 4          |
+------------------------------------------+------------+------------+



[  106.491736] random: nonblocking pool is initialized
Terminated
[ 3635.898268] LKP: rebooting
[ 3636.338752] BUG: unable to handle kernel NULL pointer dereference at 0000000000000014
[ 3636.340257] IP: [<ffffffff81a25435>] svc_destroy+0xa/0x8e
[ 3636.341284] PGD 0 
[ 3636.341715] Oops: 0000 [#1] SMP
[ 3636.342301] Modules linked in: acpi_cpufreq
[ 3636.343143] CPU: 0 PID: 2686 Comm: nfsd Not tainted 4.7.0-rc3-00006-g12e5cf2 #1
[ 3636.344447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[ 3636.351717] task: ffff88003e8f2580 ti: ffff88003e6ac000 task.ti: ffff88003e6ac000
[ 3636.353040] RIP: 0010:[<ffffffff81a25435>]  [<ffffffff81a25435>] svc_destroy+0xa/0x8e
[ 3636.354525] RSP: 0000:ffff88003e6afe68  EFLAGS: 00010246
[ 3636.355434] RAX: 0000000000002710 RBX: ffff880019714000 RCX: 0000000000000001
[ 3636.356660] RDX: ffffffff8225df80 RSI: 0000000000000010 RDI: 0000000000000000
[ 3636.357864] RBP: ffff88003e6afe70 R08: 0000000000000001 R09: ffffffff81a25511
[ 3636.359725] R10: ffff88003e6afe38 R11: 0000000000000124 R12: ffff88003ed2f500
[ 3636.361563] R13: ffff88003ed2f504 R14: 0000000000000000 R15: 0000000000000000
[ 3636.363402] FS:  0000000000000000(0000) GS:ffff880038200000(0000) knlGS:0000000000000000
[ 3636.366025] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3636.367651] CR2: 0000000000000014 CR3: 0000000035a55000 CR4: 00000000000006f0
[ 3636.369493] Stack:
[ 3636.370482]  ffff880019714000 ffff88003e6afea0 ffffffff81a25769 ffff880019714000
[ 3636.372930]  ffffffff82355c00 ffff88001c674c00 ffff88003e8f2580 ffff88003e6afec8
[ 3636.375241]  ffffffff8137b367 ffff8800227a1040 ffff880019714000 ffffffff8137b228
[ 3636.377532] Call Trace:
[ 3636.378458]  [<ffffffff81a25769>] svc_exit_thread+0x72/0x7b
[ 3636.392474]  [<ffffffff8137b367>] nfsd+0x13f/0x15c
[ 3636.393743]  [<ffffffff8137b228>] ? nfsd_destroy+0x6a/0x6a
[ 3636.395098]  [<ffffffff8111d605>] kthread+0xdd/0xe5
[ 3636.396387]  [<ffffffff81a9bc5f>] ret_from_fork+0x1f/0x40
[ 3636.397725]  [<ffffffff8111d528>] ? kthread_create_on_node+0x18a/0x18a
[ 3636.399234] Code: e8 58 e0 00 00 48 8b 83 98 00 00 00 48 8b 00 48 85 c0 74 08 4c 89 e6 48 89 df ff d0 5b 41 5c 5d c3 66 66 66 66 90 55 48 89 e5 53 <8b> 47 14 48 89 fb 85 c0 74 10 ff c8 85 c0 89 47 14 74 18 e8 ba 
[ 3636.418176] RIP  [<ffffffff81a25435>] svc_destroy+0xa/0x8e
[ 3636.419584]  RSP <ffff88003e6afe68>
[ 3636.420643] CR2: 0000000000000014
[ 3636.422097] ---[ end trace c906da9fce8f6a66 ]---
[ 3636.423409] Kernel panic - not syncing: Fatal exception


FYI, raw QEMU command line is:

	qemu-system-x86_64 -enable-kvm -cpu Nehalem -kernel /pkg/linux/x86_64-lkp/gcc-4.9/12e5cf2d7547fc43a3004cdf52e562abfc95eb55/vmlinuz-4.7.0-rc3-00006-g12e5cf2 -append 'root=/dev/ram0 user=lkp job=/lkp/scheduled/vm-vp-1G-6/bisect_fsmark-1x-32t-1HDD-ext4-nfsv4-16MB-60G-NoSync-16d-256fpd-debian-x86_64-2015-02-07.cgz-x86_64-lkp-12e5cf2d7547fc43a3004cdf52e562abfc95eb55-20160616-124433-16zojbo-0.yaml~ ARCH=x86_64 kconfig=x86_64-lkp branch=linux-devel/devel-spot-201606151525 commit=12e5cf2d7547fc43a3004cdf52e562abfc95eb55 BOOT_IMAGE=/pkg/linux/x86_64-lkp/gcc-4.9/12e5cf2d7547fc43a3004cdf52e562abfc95eb55/vmlinuz-4.7.0-rc3-00006-g12e5cf2 max_uptime=3600 RESULT_ROOT=/result/fsmark/1x-32t-1HDD-ext4-nfsv4-16MB-60G-NoSync-16d-256fpd/vm-vp-1G/debian-x86_64-2015-02-07.cgz/x86_64-lkp/gcc-4.9/12e5cf2d7547fc43a3004cdf52e562abfc95eb55/0 LKP_SERVER=inn earlyprintk=ttyS0,115200 systemd.log_level=err debug apic=debug sysrq_always_enabled rcupdate.rcu_cpu_stall_timeout=100 panic=-1 softlockup_panic=1 nmi_watchdog=panic oops=panic load_ramdisk=2 prompt_ramdisk=0 console=ttyS0,115200 console=tty0 vga=normal rw ip=::::vm-vp-1G-6::dhcp'  -initrd /fs/sdh1/initrd-vm-vp-1G-6 -m 1024 -smp 2 -device e1000,netdev=net0 -netdev user,id=net0,hostfwd=tcp::23105-:22 -boot order=nc -no-reboot -watchdog i6300esb -rtc base=localtime -drive file=/fs/sdh1/disk0-vm-vp-1G-6,media=disk,if=virtio -drive file=/fs/sdh1/disk1-vm-vp-1G-6,media=disk,if=virtio -drive file=/fs/sdh1/disk2-vm-vp-1G-6,media=disk,if=virtio -drive file=/fs/sdh1/disk3-vm-vp-1G-6,media=disk,if=virtio -drive file=/fs/sdh1/disk4-vm-vp-1G-6,media=disk,if=virtio -drive file=/fs/sdh1/disk5-vm-vp-1G-6,media=disk,if=virtio -pidfile /dev/shm/kboot/pid-vm-vp-1G-6 -serial file:/dev/shm/kboot/serial-vm-vp-1G-6 -daemonize -display none -monitor null 


To reproduce:

        git clone git://git.kernel.org/pub/scm/linux/kernel/git/wfg/lkp-tests.git
        cd lkp-tests
        bin/lkp install job.yaml  # job file is attached in this email
        bin/lkp run     job.yaml



Thanks,
Xiaolong

View attachment "config-4.7.0-rc3-00006-g12e5cf2" of type "text/plain" (96804 bytes)

Download attachment "dmesg.xz" of type "application/octet-stream" (14600 bytes)

View attachment "job.yaml" of type "text/plain" (3667 bytes)

View attachment "reproduce" of type "text/plain" (864 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ