lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20181221083456.GJ23332@shao2-debian>
Date:   Fri, 21 Dec 2018 16:34:56 +0800
From:   kernel test robot <rong.a.chen@...el.com>
To:     Christian König <christian.koenig@....com>
Cc:     Alex Deucher <alexander.deucher@....com>,
        Junwei Zhang <Jerry.Zhang@....com>,
        LKML <linux-kernel@...r.kernel.org>,
        Stephen Rothwell <sfr@...b.auug.org.au>, lkp@...org
Subject: [LKP] [drm/ttm] 27eb1fa913: BUG:unable_to_handle_kernel

FYI, we noticed the following commit (built with gcc-7):

commit: 27eb1fa9130a98edd2b321d4dbce5c8b244ee7af ("drm/ttm: use a static ttm_mem_global instance")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

in testcase: rcutorture
with following parameters:

	runtime: 300s
	test: cpuhotplug

test-description: rcutorture is rcutorture kernel module load/unload test.
test-url: https://www.kernel.org/doc/Documentation/RCU/torture.txt


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 768M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+--------------------------------------------------------------------------------------------+------------+------------+
|                                                                                            | 7e07834c12 | 27eb1fa913 |
+--------------------------------------------------------------------------------------------+------------+------------+
| boot_successes                                                                             | 0          | 4          |
| boot_failures                                                                              | 20         | 20         |
| WARNING:at_fs/proc/generic.c:#remove_proc_entry                                            | 20         | 5          |
| RIP:remove_proc_entry                                                                      | 20         | 5          |
| BUG:unable_to_handle_kernel                                                                | 0          | 17         |
| Oops:#[##]                                                                                 | 0          | 17         |
| RIP:kfree                                                                                  | 0          | 14         |
| Kernel_panic-not_syncing:Fatal_exception                                                   | 0          | 20         |
| general_protection_fault:#[##]                                                             | 0          | 3          |
| RIP:___cache_free                                                                          | 0          | 2          |
| kobject((____ptrval____)):tried_to_init_an_initialized_object,something_is_seriously_wrong | 0          | 1          |
| RIP:__lock_acquire                                                                         | 0          | 4          |
+--------------------------------------------------------------------------------------------+------------+------------+



[  142.467206] BUG: unable to handle kernel paging request at fffff1fac0c94448
[  142.479361] PGD 2ffd1067 P4D 2ffd1067 PUD 2ffd0067 PMD 0 
[  142.488785] Oops: 0000 [#1] PREEMPT PTI
[  142.495534] CPU: 0 PID: 211 Comm: udevd Tainted: G        W         4.20.0-rc1-00065-g27eb1fa #5
[  142.510627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[  142.525018] RIP: 0010:kfree+0xf7/0x2a0
[  142.531602] Code: c7 c0 00 00 00 80 48 2b 05 7e f4 be 01 48 01 c3 31 c9 31 d2 48 c1 eb 0c 48 c7 c7 48 79 e3 a9 48 c1 e3 06 48 03 1d 51 f4 be 01 <4c> 8b 6b 08 4d 89 ee 49 83 ed 01 41 83 e6 01 44 89 f6 e8 12 22 f0
[  142.563814] RSP: 0018:ffff9981af05bab0 EFLAGS: 00010082
[  142.572984] RAX: fffffffff2200000 RBX: fffff1fac0c94440 RCX: 0000000000000000
[  142.585524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffa9e37948
[  142.597841] RBP: ffffffffc0311580 R08: 0000000000000000 R09: 0000000000000001
[  142.610210] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000282
[  142.622525] R13: ffff9981af2b9400 R14: ffff9981af2b9400 R15: 0000000000000000
[  142.634838] FS:  00007f51ff7e5780(0000) GS:ffffffffa9a31000(0000) knlGS:0000000000000000
[  142.648809] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  142.658819] CR2: fffff1fac0c94448 CR3: 000000002f05e000 CR4: 00000000000006b0
[  142.671167] Call Trace:
[  142.675645]  kobject_put+0x16f/0x3b0
[  142.682672]  drm_global_item_unref+0xca/0xf0 [drm]
[  142.691195]  bochs_mm_fini+0x5e/0x80 [bochs_drm]
[  142.699390]  bochs_unload+0x26/0x50 [bochs_drm]
[  142.707401]  bochs_pci_remove+0x1d/0x30 [bochs_drm]
[  142.716112]  pci_device_remove+0x52/0xa0
[  142.723246]  really_probe+0x28c/0x780
[  142.729887]  driver_probe_device+0x1bc/0x1e0
[  142.737575]  __driver_attach+0x1af/0x220
[  142.744702]  ? driver_probe_device+0x1e0/0x1e0
[  142.752609]  ? driver_probe_device+0x1e0/0x1e0
[  142.760608]  bus_for_each_dev+0x97/0xd0
[  142.767574]  ? preempt_count_sub+0x19b/0x280
[  142.775257]  bus_add_driver+0x228/0x3c0
[  142.782100]  ? 0xffffffffc01e9000
[  142.788191]  driver_register+0xb6/0x150
[  142.795183]  ? 0xffffffffc01e9000
[  142.801217]  do_one_initcall+0xba/0x480
[  142.808054]  ? do_init_module+0x26/0x5dc
[  142.815021]  ? rcu_read_lock_sched_held+0xb3/0xc0
[  142.823394]  ? kmem_cache_alloc_trace+0x27c/0x4a0
[  142.831842]  do_init_module+0xa7/0x5dc
[  142.838750]  load_module+0x1e53/0x1fa0
[  142.845491]  ? kernel_read+0x2a/0x40
[  142.852358]  ? __se_sys_finit_module+0x157/0x170
[  142.860625]  ? load_module+0x5/0x1fa0
[  142.867266]  __se_sys_finit_module+0x157/0x170
[  142.875400]  do_syscall_64+0x108/0x630
[  142.882238]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  142.891217] RIP: 0033:0x7f51feeba4a9
[  142.897697] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d bf 79 2b 00 f7 d8 64 89 01 48
[  142.930489] RSP: 002b:00007fff1afe6ef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[  142.943844] RAX: ffffffffffffffda RBX: 000000000071b660 RCX: 00007f51feeba4a9
[  142.956386] RDX: 0000000000000000 RSI: 00007f51ff1860aa RDI: 000000000000000f
[  142.968925] RBP: 00007f51ff1860aa R08: 0000000000000000 R09: 000000000071b660
[  142.981496] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000000
[  142.994101] R13: 0000000000020000 R14: 0000000000000000 R15: 000000000071b660
[  143.006836] Modules linked in: bochs_drm(+) ttm drm_kms_helper crc32c_intel uio_pdrv_genirq drm uio evdev psmouse drm_panel_orientation_quirks pcspkr virtio_pci(+) intel_agp virtio_ring fb intel_gtt virtio fbdev agpgart piix(+) qemu_fw_cfg processor button
[  143.046274] CR2: fffff1fac0c94448
[  143.052393] ---[ end trace e494f2dec903eeb6 ]---


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email



Thanks,
Rong Chen

View attachment "config-4.20.0-rc1-00065-g27eb1fa" of type "text/plain" (129643 bytes)

View attachment "job-script" of type "text/plain" (4559 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (14916 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ