lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20211031014530.GC25131@xsang-OptiPlex-9020>
Date:   Sun, 31 Oct 2021 09:45:30 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Petr Mladek <pmladek@...e.com>
Cc:     lkp@...ts.01.org, lkp@...el.com,
        John Ogness <john.ogness@...utronix.de>,
        "chunlei.wang" <Chunlei.wang@...iatek.com>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Matthias Brugger <matthias.bgg@...il.com>,
        linux-arm-kernel@...ts.infradead.org,
        linux-mediatek@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: [printk]  ebd5ebf476: BUG:kernel_NULL_pointer_dereference,address



Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: ebd5ebf4767439d2528d8c9afc6c86363dc92488 ("[PATCH v2] printk: ringbuffer: Improve prb_next_seq() performance")
url: https://github.com/0day-ci/linux/commits/Petr-Mladek/printk-ringbuffer-Improve-prb_next_seq-performance/20211027-220945
base: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git d25f27432f80a800a3592db128254c8140bd71bf
patch link: https://lore.kernel.org/linux-arm-kernel/YXlddJxLh77DKfIO@alley

in testcase: stress-ng
version: stress-ng-x86_64-0.11-06_20211029
with following parameters:

	nr_threads: 10%
	disk: 1HDD
	testtime: 60s
	fs: ext4
	class: os
	test: dev
	cpufreq_governor: performance
	ucode: 0x5003006



on test machine: 96 threads 2 sockets Intel(R) Xeon(R) Gold 6252 CPU @ 2.10GHz with 192G memory

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):



If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>



[   56.519320][ T5857] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   56.527377][ T5857] #PF: supervisor write access in kernel mode
[   56.527379][ T5857] #PF: error_code(0x0002) - not-present page
[   56.527381][ T5857] PGD 0 P4D 0
[   56.540017][ T5857] Oops: 0002 [#1] SMP NOPTI
[   56.540020][ T5857] CPU: 6 PID: 5857 Comm: stress-ng Not tainted 5.15.0-rc7-00019-gebd5ebf47674 #1
[   56.557846][ T5857] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019
[   56.557848][ T5857] RIP: 0010:desc_read+0xa1/0xc0
[   56.574672][ T5857] Code: 49 89 09 4d 85 c0 74 06 8b 40 14 41 89 00 48 b8 ff ff ff ff ff ff ff 3f 48 8b 0b 48 21 c8 48 39 c6 75 1b 48 89 c8 48 c1 e8 3e
<48> 89 0a 48 8b 5d f8 c9 c3 48 89 0a 48 8b 5d f8 31 c0 c9 c3 b8 ff
[   56.574675][ T5857] RSP: 0018:ffffc90025ab3ec0 EFLAGS: 00010a02
[   56.574678][ T5857] RAX: 0000000000000002 RBX: ffffffff82b2ff78 RCX: 80000000ffff8e81
[   56.574680][ T5857] RDX: 0000000000000000 RSI: 00000000ffff8e81 RDI: 0000000000004885
[   56.620421][ T5857] RBP: ffffc90025ab3ed0 R08: 0000000000000000 R09: ffffc90025ab3ee0
[   56.620427][ T5857] R10: 00000000ffff8e81 R11: 0000000000000002 R12: 0000000000000002
[   56.620429][ T5857] R13: ffffffffffffffea R14: ffff88b01dd09f00 R15: 0000000000000000
[   56.646759][ T5857] FS:  00007fc24c328740(0000) GS:ffff8897e0780000(0000) knlGS:0000000000000000
[   56.646764][ T5857] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   56.646768][ T5857] CR2: 0000000000000000 CR3: 00000001ab9cc005 CR4: 00000000007706e0
[   56.673115][ T5857] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   56.673118][ T5857] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   56.673121][ T5857] PKRU: 55555554
[   56.695346][ T5857] Call Trace:
[   56.695352][ T5857]  prb_next_seq+0x2e/0xc0
[   56.704792][ T5857]  devkmsg_llseek+0x71/0xc0
[   56.704799][ T5857]  ksys_lseek+0x60/0xc0
[   56.714966][ T5857]  do_syscall_64+0x38/0xc0
[   56.714979][ T5857]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   56.726717][ T5857] RIP: 0033:0x7fc24c438597
[   56.726726][ T5857] Code: c7 c0 ff ff ff ff c3 48 8b 15 f5 08 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b6 0f 1f 80 00 00 00 00 b8 08 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 c9 08 0d 00 f7 d8 64 89 02 48
[   56.753847][ T5857] RSP: 002b:00007ffc4d28fe48 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[   56.753853][ T5857] RAX: ffffffffffffffda RBX: 000055fe3be2c700 RCX: 00007fc24c438597
[   56.753856][ T5857] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000005
[   56.781564][ T5857] RBP: 0000000000000005 R08: 00000000617cb6ed R09: 00007ffc4d337080
[   56.781566][ T5857] R10: 0000000000018c78 R11: 0000000000000246 R12: 000055fe3be2c710
[   56.799455][ T5857] R13: 00007ffc4d291360 R14: 0000000000000001 R15: 000055fe3bbe4ba0
[   56.799464][ T5857] Modules linked in: vfio_iommu_type1 vfio loop hci_vhci bluetooth ecdh_generic ecc rfkill cuse fuse dm_mod binfmt_misc btrfs blake2b_generic xor zstd_compress raid6_pq libcrc32c intel_rapl_msr intel_rapl_common skx_edac nfit libnvdimm x86_pkg_temp_thermal intel_powerclamp coretemp sd_mod t10_pi sg kvm_intel kvm ast irqbypass drm_vram_helper crct10dif_pclmul drm_ttm_helper crc32_pclmul ipmi_ssif crc32c_intel ttm ghash_clmulni_intel drm_kms_helper ahci syscopyarea sysfillrect acpi_ipmi libahci sysimgblt rapl ipmi_si fb_sys_fops intel_cstate mei_me drm ioatdma intel_uncore libata mei joydev ipmi_devintf intel_pch_thermal dca wmi ipmi_msghandler acpi_pad acpi_power_meter ip_tables
[   56.878664][ T5857] CR2: 0000000000000000
[   56.884268][ T5857] ---[ end trace 1d2ed0095167d93e ]---



To reproduce:
        # build kernel with attached config file

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        sudo bin/lkp install job.yaml           # job file is attached in this email
        bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run
        sudo bin/lkp run generated-yaml-file

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.



---
0DAY/LKP+ Test Infrastructure                   Open Source Technology Center
https://lists.01.org/hyperkitty/list/lkp@lists.01.org       Intel Corporation

Thanks,
Oliver Sang


View attachment "config-5.15.0-rc7-00019-gebd5ebf47674" of type "text/plain" (172649 bytes)

View attachment "job-script" of type "text/plain" (8425 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (49256 bytes)

View attachment "job.yaml" of type "text/plain" (5478 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ