lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 15 Oct 2021 16:24:09 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Kent Overstreet <kent.overstreet@...il.com>
Cc:     0day robot <lkp@...el.com>, LKML <linux-kernel@...r.kernel.org>,
        lkp@...ts.01.org, linux-mm@...ck.org, akpm@...ux-foundation.org,
        linux-raid@...r.kernel.org, linux-block@...r.kernel.org,
        axboe@...nel.dk, Kent Overstreet <kent.overstreet@...il.com>,
        alexander.h.duyck@...ux.intel.com
Subject: [mm]  1609369623: BUG:kernel_NULL_pointer_dereference,address



Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: 1609369623c4b6fe45602ee0d8192f6df9d4b1fe ("[PATCH 1/5] mm: Make free_area->nr_free per migratetype")
url: https://github.com/0day-ci/linux/commits/Kent-Overstreet/Minor-mm-struct-page-work/20211014-000511
base: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git 5816b3e6577eaa676ceb00a848f0fd65fe2adc29

in testcase: xfstests
version: xfstests-x86_64-99bc497-1_20211014
with following parameters:

	disk: 4HDD
	fs: xfs
	test: xfs-reflink-25
	ucode: 0x28

test-description: xfstests is a regression test suite for xfs and other files ystems.
test-url: git://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git


on test machine: 8 threads 1 sockets Intel(R) Core(TM) i7-4790 v3 @ 3.60GHz with 6G memory

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+-------------------------------------------------------------+-----------+------------+
|                                                             | v5.15-rc3 | 1609369623 |
+-------------------------------------------------------------+-----------+------------+
| boot_successes                                              | 121       | 0          |
| BUG:kernel_NULL_pointer_dereference,address                 | 0         | 6          |
| Oops:#[##]                                                  | 0         | 6          |
| RIP:steal_suitable_fallback                                 | 0         | 6          |
| Kernel_panic-not_syncing:Fatal_exception                    | 0         | 6          |
+-------------------------------------------------------------+-----------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>



[    1.331661][    T0] BUG: kernel NULL pointer dereference, address: 0000000000000028
[    1.339184][    T0] #PF: supervisor read access in kernel mode
[    1.344956][    T0] #PF: error_code(0x0000) - not-present page
[    1.350724][    T0] PGD 0 P4D 0
[    1.353914][    T0] Oops: 0000 [#1] SMP PTI
[    1.358047][    T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.0-rc3-00001-g1609369623c4 #1
[    1.366659][    T0] Hardware name: Dell Inc. OptiPlex 9020/03CPWF, BIOS A11 04/01/2015
[    1.374497][    T0] RIP: 0010:steal_suitable_fallback+0x2a/0x240
[    1.380438][    T0] Code: 0f 1f 44 00 00 41 57 41 89 d7 ba 07 00 00 00 41 56 41 55 49 89 fd 41 54 49 89 f4 55 4c 89 e7 48 63 e9 53 44 89 c3 48 83 ec 18 <4c> 8b 76 28 48 2b 35 1b 7a 32 01 65 48 8b 04 25 28 00 00 00 48 89
[    1.399730][    T0] RSP: 0000:ffffffff828039d8 EFLAGS: 00010096
[    1.405587][    T0] RAX: ffff88819edd6720 RBX: 0000000000000001 RCX: 0000000000000002
[    1.413338][    T0] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[    1.421088][    T0] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000000000
[    1.428837][    T0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[    1.436585][    T0] R13: ffff88819edd6080 R14: 0000000000000000 R15: 0000000000000101
[    1.444338][    T0] FS:  0000000000000000(0000) GS:ffff88817de00000(0000) knlGS:0000000000000000
[    1.453034][    T0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.459405][    T0] CR2: 0000000000000028 CR3: 000000019da10001 CR4: 00000000000606b0
[    1.467155][    T0] Call Trace:
[    1.470255][    T0]  rmqueue_bulk+0x882/0x980
[    1.474559][    T0]  rmqueue+0x551/0xe00
[    1.478434][    T0]  ? rmqueue_bulk+0x331/0x980
[    1.482911][    T0]  ? rmqueue_bulk+0x331/0x980
[    1.487389][    T0]  ? __raw_callee_save___native_queued_spin_unlock+0x11/0x1e
[    1.494535][    T0]  get_page_from_freelist+0xde/0x400
[    1.499615][    T0]  __alloc_pages+0x197/0x380
[    1.504008][    T0]  allocate_slab+0x2f8/0x440
[    1.508399][    T0]  ___slab_alloc+0x6aa/0x800
[    1.512790][    T0]  ? radix_tree_node_alloc+0x40/0xc0
[    1.518901][    T0]  ? pcpu_alloc_area+0x1d8/0x300
[    1.523636][    T0]  ? __raw_callee_save___native_queued_spin_unlock+0x11/0x1e
[    1.530786][    T0]  ? radix_tree_node_alloc+0x40/0xc0
[    1.536897][    T0]  __slab_alloc+0x1c/0x40
[    1.541636][    T0]  kmem_cache_alloc+0x382/0x400
[    1.546287][    T0]  radix_tree_node_alloc+0x40/0xc0
[    1.552230][    T0]  idr_get_free+0x1e1/0x300
[    1.556537][    T0]  idr_alloc_u32+0x5f/0xc0
[    1.560758][    T0]  idr_alloc+0x39/0x80
[    1.564632][    T0]  workqueue_init_early+0x17d/0x33b
[    1.569627][    T0]  start_kernel+0x378/0x5fb
[    1.573933][    T0]  ? load_ucode_intel_bsp+0x21/0x52
[    1.578927][    T0]  secondary_startup_64_no_verify+0xc2/0xcb
[    1.584611][    T0] Modules linked in:
[    1.588313][    T0] CR2: 0000000000000028
[    1.592275][    T0] ---[ end trace 1ab7942b05fdb9ba ]---
[    1.597526][    T0] RIP: 0010:steal_suitable_fallback+0x2a/0x240
[    1.603469][    T0] Code: 0f 1f 44 00 00 41 57 41 89 d7 ba 07 00 00 00 41 56 41 55 49 89 fd 41 54 49 89 f4 55 4c 89 e7 48 63 e9 53 44 89 c3 48 83 ec 18 <4c> 8b 76 28 48 2b 35 1b 7a 32 01 65 48 8b 04 25 28 00 00 00 48 89
[    1.622760][    T0] RSP: 0000:ffffffff828039d8 EFLAGS: 00010096
[    1.628614][    T0] RAX: ffff88819edd6720 RBX: 0000000000000001 RCX: 0000000000000002
[    1.636365][    T0] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[    1.644115][    T0] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000000000
[    1.651867][    T0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[    1.659616][    T0] R13: ffff88819edd6080 R14: 0000000000000000 R15: 0000000000000101
[    1.667368][    T0] FS:  0000000000000000(0000) GS:ffff88817de00000(0000) knlGS:0000000000000000
[    1.676065][    T0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.682438][    T0] CR2: 0000000000000028 CR3: 000000019da10001 CR4: 00000000000606b0
[    1.690190][    T0] Kernel panic - not syncing: Fatal exception




To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        sudo bin/lkp install job.yaml           # job file is attached in this email
        bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run
        sudo bin/lkp run generated-yaml-file

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.



---
0DAY/LKP+ Test Infrastructure                   Open Source Technology Center
https://lists.01.org/hyperkitty/list/lkp@lists.01.org       Intel Corporation

Thanks,
Oliver Sang


View attachment "config-5.15.0-rc3-00001-g1609369623c4" of type "text/plain" (176716 bytes)

View attachment "job-script" of type "text/plain" (5944 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (5412 bytes)

View attachment "job.yaml" of type "text/plain" (4753 bytes)

Powered by blists - more mailing lists