lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <202209302013.dd5b88c0-yujie.liu@intel.com>
Date:   Fri, 30 Sep 2022 20:57:39 +0800
From:   kernel test robot <yujie.liu@...el.com>
To:     Jens Axboe <axboe@...nel.dk>
CC:     <lkp@...ts.01.org>, <lkp@...el.com>,
        <linux-fsdevel@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [eventpoll] ee22f2b4c8: kernel_BUG_at_arch/x86/mm/physaddr.c

Greeting,

FYI, we noticed the following commit (built with clang-14):

commit: ee22f2b4c8bfb80724a63e691b94413144cfdae2 ("eventpoll: add support for min-wait")
https://git.kernel.org/cgit/linux/kernel/git/axboe/linux-block.git io_uring-min_ts

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


[  252.128536][  T165] ------------[ cut here ]------------
[  252.130894][  T165] kernel BUG at arch/x86/mm/physaddr.c:28!
[  252.132812][  T165] invalid opcode: 0000 [#1] SMP KASAN PTI
[  252.134687][  T165] CPU: 1 PID: 165 Comm: udevd Tainted: G    B              6.0.0-rc2-00005-gee22f2b4c8bf #1 490456e38aa169273f99858be072300186fb46bb
[  252.138472][  T165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[  252.141568][  T165] RIP: 0010:__phys_addr+0x1a7/0x1b8
[  252.143544][  T165] Code: c7 c7 80 ac ad 85 4c 89 fe 4c 89 f2 e8 91 61 a1 01 e9 2f ff ff ff e8 68 31 3d 00 eb 05 e8 61 31 3d 00 48 ff 05 d2 8d 90 05 90 <0f> 0b e8 52 31 3d 00 48 ff 05 ab 8d 90 05 90 0f 0b 0f 1f 44 00 00
[  252.149297][  T165] RSP: 0018:ffffc900010afce8 EFLAGS: 00010202
[  252.151195][  T165] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff877f6770
[  252.153770][  T165] RDX: 0000000000000000 RSI: ffff8881bf855280 RDI: 0000000000000002
[  252.156440][  T165] RBP: ffffc900010afd00 R08: ffff8881bf8a5102 R09: 000000008010000e
[  252.162892][  T165] R10: fffffbfff0ceb2e6 R11: dffff7fff0ceb2e7 R12: 000effff8881bf8a
[  252.165559][  T165] R13: 000000000000008f R14: 000f00000881bf8a R15: 000f777f8881bf8a
[  252.171522][  T165] FS:  00007fee8c079300(0000) GS:ffff8883aed00000(0000) knlGS:0000000000000000
[  252.174412][  T165] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  252.176331][  T165] CR2: 00007f153af4f7b4 CR3: 0000000117a8c000 CR4: 00000000000006e0
[  252.178931][  T165] Call Trace:
[  252.180227][  T165]  <TASK>
[  252.181469][  T165]  qlink_to_cache+0x1f/0xab
[  252.183135][  T165]  qlist_free_all+0x40/0x83
[  252.184770][  T165]  kasan_quarantine_reduce+0x13d/0x14a
[  252.186596][  T165]  __kasan_slab_alloc+0x30/0x94
[  252.188276][  T165]  ? __llvm_gcov_reset+0x1031/0x1070
[  252.190080][  T165]  kmem_cache_alloc+0x313/0x46f
[  252.191851][  T165]  ? getname_flags+0x63/0x3f8
[  252.193488][  T165]  getname_flags+0x63/0x3f8
[  252.195015][  T165]  __se_sys_unlink+0x2c/0x45
[  252.196584][  T165]  __x64_sys_unlink+0x44/0x47
[  252.198182][  T165]  do_syscall_64+0x7b/0xb7
[  252.200095][  T165]  ? syscall_exit_to_user_mode+0xd1/0xfb
[  252.201727][  T165]  ? do_syscall_64+0x88/0xb7
[  252.203363][  T165]  ? do_syscall_64+0x88/0xb7
[  252.204989][  T165]  ? do_syscall_64+0x88/0xb7
[  252.206611][  T165]  ? sysvec_apic_timer_interrupt+0x57/0x9e
[  252.208433][  T165]  entry_SYSCALL_64_after_hwframe+0x5e/0xc8
[  252.210401][  T165] RIP: 0033:0x7fee8c1873f7
[  252.212191][  T165] Code: f0 ff ff 73 01 c3 48 8b 0d 96 8a 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 69 8a 0c 00 f7 d8 64 89 01 48
[  252.217680][  T165] RSP: 002b:00007fff06d01e18 EFLAGS: 00000202 ORIG_RAX: 0000000000000057
[  252.220369][  T165] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fee8c1873f7
[  252.222891][  T165] RDX: 0000000000000000 RSI: 000000000ef5f4c0 RDI: 000055915b1fea21
[  252.225464][  T165] RBP: 00000000ffffffff R08: 431bde82d7b634db R09: 00007fff06d7c0b8
[  252.228053][  T165] R10: 000000000000840e R11: 0000000000000202 R12: 0000000000000000
[  252.230614][  T165] R13: 000055915b1fe828 R14: 0000000000000000 R15: 0000000000000000
[  252.233057][  T165]  </TASK>
[  252.234305][  T165] Modules linked in: mousedev ppdev parport_pc input_leds psmouse parport evbug
[  252.237669][  T165] ---[ end trace 0000000000000000 ]---
[  252.239650][  T165] RIP: 0010:__phys_addr+0x1a7/0x1b8
[  252.241681][  T165] Code: c7 c7 80 ac ad 85 4c 89 fe 4c 89 f2 e8 91 61 a1 01 e9 2f ff ff ff e8 68 31 3d 00 eb 05 e8 61 31 3d 00 48 ff 05 d2 8d 90 05 90 <0f> 0b e8 52 31 3d 00 48 ff 05 ab 8d 90 05 90 0f 0b 0f 1f 44 00 00
[  252.248012][  T165] RSP: 0018:ffffc900010afce8 EFLAGS: 00010202
[  252.249967][  T165] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff877f6770
[  252.252528][  T165] RDX: 0000000000000000 RSI: ffff8881bf855280 RDI: 0000000000000002
[  252.255124][  T165] RBP: ffffc900010afd00 R08: ffff8881bf8a5102 R09: 000000008010000e
[  252.257962][  T165] R10: fffffbfff0ceb2e6 R11: dffff7fff0ceb2e7 R12: 000effff8881bf8a
[  252.260362][  T165] R13: 000000000000008f R14: 000f00000881bf8a R15: 000f777f8881bf8a
[  252.262982][  T165] FS:  00007fee8c079300(0000) GS:ffff8883aed00000(0000) knlGS:0000000000000000
[  252.265811][  T165] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  252.268148][  T165] CR2: 00007f153af4f7b4 CR3: 0000000117a8c000 CR4: 00000000000006e0
[  252.270703][  T165] Kernel panic - not syncing: Fatal exception
[  252.272981][  T165] Kernel Offset: disabled


If you fix the issue, kindly add following tag
| Reported-by: kernel test robot <yujie.liu@...el.com>
| Link: https://lore.kernel.org/r/202209302013.dd5b88c0-yujie.liu@intel.com


Please be noted that this may be a low confidence report since we only
have 1/3 chance to reproduce the problem by multiple runs, and we didn't
find clear relation between the code change and dmesg call trace. If
this is not a real issue, please kindly ignore this report. Thanks.


To reproduce:

        # build kernel
	cd linux
	cp config-6.0.0-rc2-00005-gee22f2b4c8bf .config
	make HOSTCC=clang-14 CC=clang-14 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
	make HOSTCC=clang-14 CC=clang-14 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
	cd <mod-install-dir>
	find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz


        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.


-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

View attachment "config-6.0.0-rc2-00005-gee22f2b4c8bf" of type "text/plain" (155011 bytes)

View attachment "job-script" of type "text/plain" (4755 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (37676 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ