| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Jun 2022 15:04:23 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Matthew Wilcox <willy@...radead.org>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org, lkp@...ts.01.org,
lkp@...el.com
Subject: [vmscan] 4282498868: BUG:kernel_NULL_pointer_dereference,address
Greeting,
FYI, we noticed the following commit (built with gcc-11):
commit: 4282498868c4eb66578dd559f9b33648baf157df ("vmscan: Add check_move_unevictable_folios()")
git://git.infradead.org/users/willy/pagecache for-5.20
in testcase: boot
on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 4.209631][ T1] BUG: kernel NULL pointer dereference, address: 00000000
[ 4.210155][ T1] #PF: supervisor read access in kernel mode
[ 4.210155][ T1] #PF: error_code(0x0000) - not-present page
[ 4.210155][ T1] *pde = 00000000
[ 4.210155][ T1] Oops: 0000 [#1]
[ 4.210155][ T1] CPU: 0 PID: 1 Comm: swapper Not tainted 5.18.0-13969-g4282498868c4 #1 cb1a01cf05650f436832064f7c804c10408ad1bc
[ 4.210155][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 4.210155][ T1] EIP: compound_nr+0x0/0x4b
[ 4.210155][ T1] Code: 08 56 89 4d ec e8 b8 cd 02 00 8b 4d ec 84 c0 5a 8b 55 f0 75 0d 47 81 c3 18 03 00 00 eb cd 41 0f 94 c0 8d 65 f4 5b 5e 5f 5d c3 <8b> 10 0f ba e2 10 73 35 8b 10 31 c9 0f ba e2 10 73 31 0f b6 48 29
[ 4.210155][ T1] EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: ee4d3b60
[ 4.210155][ T1] ESI: c3e37de8 EDI: 00000300 EBP: c3e37d7c ESP: c3e37d48
[ 4.210155][ T1] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS: 00010202
[ 4.210155][ T1] CR0: 80050033 CR2: 00000000 CR3: 03431000 CR4: 000406d0
[ 4.210155][ T1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 4.210155][ T1] DR6: fffe0ff0 DR7: 00000400
[ 4.210155][ T1] Call Trace:
[ 4.210155][ T1] ? check_move_unevictable_folios+0x4d/0x245
[ 4.210155][ T1] ? __lock_acquire+0x5fe/0x680
[ 4.210155][ T1] check_move_unevictable_pages+0x4e/0x65
[ 4.210155][ T1] ? drm_gem_shmem_put_pages+0x1b/0x2d
[ 4.210155][ T1] ? lock_acquire+0x1bc/0x202
[ 4.210155][ T1] drm_gem_check_release_pagevec+0x11/0x31
[ 4.210155][ T1] drm_gem_put_pages+0x90/0xc0
[ 4.210155][ T1] ? print_task+0x1ba/0x3c0
[ 4.210155][ T1] drm_gem_shmem_put_pages_locked+0x5d/0x6d
[ 4.210155][ T1] drm_gem_shmem_put_pages+0x22/0x2d
[ 4.210155][ T1] drm_gem_shmem_vunmap+0x5c/0x72
[ 4.210155][ T1] drm_gem_shmem_object_vunmap+0x8/0xa
[ 4.210155][ T1] drm_gem_vunmap+0x21/0x35
[ 4.210155][ T1] drm_client_buffer_vunmap+0x13/0x15
[ 4.210155][ T1] drm_fbdev_cleanup+0x5e/0x6b
[ 4.210155][ T1] drm_fbdev_client_hotplug+0xa1/0xca
[ 4.210155][ T1] drm_fbdev_generic_setup+0xf0/0x11b
[ 4.210155][ T1] vkms_create+0x17b/0x1ba
[ 4.210155][ T1] ? vgem_init+0xf1/0xf1
[ 4.210155][ T1] vkms_init+0x49/0x4f
[ 4.210155][ T1] do_one_initcall+0xa5/0x1cb
[ 4.210155][ T1] ? rdinit_setup+0x3d/0x3d
[ 4.210155][ T1] ? lock_is_held+0xb/0xd
[ 4.210155][ T1] ? rcu_read_lock_sched_held+0x31/0x61
[ 4.210155][ T1] do_initcalls+0xf6/0x114
[ 4.210155][ T1] kernel_init_freeable+0xa3/0xcd
[ 4.210155][ T1] ? rest_init+0xc0/0xc0
[ 4.210155][ T1] kernel_init+0x17/0xf3
[ 4.210155][ T1] ret_from_fork+0x19/0x24
[ 4.210155][ T1] Modules linked in:
[ 4.210155][ T1] CR2: 0000000000000000
[ 4.210155][ T1] ---[ end trace 0000000000000000 ]---
[ 4.210155][ T1] EIP: compound_nr+0x0/0x4b
[ 4.210155][ T1] Code: 08 56 89 4d ec e8 b8 cd 02 00 8b 4d ec 84 c0 5a 8b 55 f0 75 0d 47 81 c3 18 03 00 00 eb cd 41 0f 94 c0 8d 65 f4 5b 5e 5f 5d c3 <8b> 10 0f ba e2 10 73 35 8b 10 31 c9 0f ba e2 10 73 31 0f b6 48 29
[ 4.210155][ T1] EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: ee4d3b60
[ 4.210155][ T1] ESI: c3e37de8 EDI: 00000300 EBP: c3e37d7c ESP: c3e37d48
[ 4.210155][ T1] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS: 00010202
[ 4.210155][ T1] CR0: 80050033 CR2: 00000000 CR3: 03431000 CR4: 000406d0
[ 4.210155][ T1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 4.210155][ T1] DR6: fffe0ff0 DR7: 00000400
[ 4.210155][ T1] Kernel panic - not syncing: Fatal exception
[ 4.210155][ T1] Kernel Offset: disabled
To reproduce:
# build kernel
cd linux
cp config-5.18.0-13969-g4282498868c4 .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
View attachment "config-5.18.0-13969-g4282498868c4" of type "text/plain" (161020 bytes)
View attachment "job-script" of type "text/plain" (4708 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (31484 bytes)
Powered by blists - more mailing lists