| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202309061448.29151a04-oliver.sang@intel.com>
Date: Wed, 6 Sep 2023 15:01:49 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Qais Yousef <qyousef@...alina.io>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
<linux-kernel@...r.kernel.org>, <aubrey.li@...ux.intel.com>,
<yu.c.chen@...el.com>, <oliver.sang@...el.com>
Subject: [qais-yousef:generalized-misfit-lb] [sched/fair] 64f5eb4cce:
BUG:kernel_NULL_pointer_dereference,address
Hello,
kernel test robot noticed "BUG:kernel_NULL_pointer_dereference,address" on:
commit: 64f5eb4cce71383f75074bf14ef47668098d5218 ("sched/fair: Implement new type of misfit MISFIT_POWER")
https://github.com/qais-yousef/linux generalized-misfit-lb
in testcase: boot
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+---------------------------------------------+------------+------------+
| | 7023f08515 | 64f5eb4cce |
+---------------------------------------------+------------+------------+
| boot_successes | 24 | 0 |
| boot_failures | 0 | 24 |
| BUG:kernel_NULL_pointer_dereference,address | 0 | 24 |
| Oops:#[##] | 0 | 24 |
| RIP:load_balance | 0 | 24 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 24 |
+---------------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202309061448.29151a04-oliver.sang@intel.com
[ 0.567014][ T2] BUG: kernel NULL pointer dereference, address: 0000000000000d10
[ 0.567066][ T2] #PF: supervisor read access in kernel mode
[ 0.567066][ T2] #PF: error_code(0x0000) - not-present page
[ 0.567066][ T2] PGD 0 P4D 0
[ 0.567066][ T2] Oops: 0000 [#1] SMP PTI
[ 0.567066][ T2] CPU: 0 PID: 2 Comm: kthreadd Not tainted 6.5.0-rc2-00048-g64f5eb4cce71 #1
[ 0.567066][ T2] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 0.567066][ T2] RIP: 0010:load_balance (kernel/sched/fair.c:11002 kernel/sched/fair.c:11077)
[ 0.567066][ T2] Code: 83 c4 02 00 00 48 c7 c0 c0 d9 02 00 48 89 1c 24 48 8b 5c 24 18 49 89 f8 48 89 44 24 10 4c 89 6c 24 20 45 89 fd 48 8b 44 24 60 <83> b8 10 0d 00 00 01 0f 84 20 03 00 00 31 d2 83 bc 24 84 00 00 00
All code
========
0: 83 c4 02 add $0x2,%esp
3: 00 00 add %al,(%rax)
5: 48 c7 c0 c0 d9 02 00 mov $0x2d9c0,%rax
c: 48 89 1c 24 mov %rbx,(%rsp)
10: 48 8b 5c 24 18 mov 0x18(%rsp),%rbx
15: 49 89 f8 mov %rdi,%r8
18: 48 89 44 24 10 mov %rax,0x10(%rsp)
1d: 4c 89 6c 24 20 mov %r13,0x20(%rsp)
22: 45 89 fd mov %r15d,%r13d
25: 48 8b 44 24 60 mov 0x60(%rsp),%rax
2a:* 83 b8 10 0d 00 00 01 cmpl $0x1,0xd10(%rax) <-- trapping instruction
31: 0f 84 20 03 00 00 je 0x357
37: 31 d2 xor %edx,%edx
39: 83 .byte 0x83
3a: bc 24 84 00 00 mov $0x8424,%esp
...
Code starting with the faulting instruction
===========================================
0: 83 b8 10 0d 00 00 01 cmpl $0x1,0xd10(%rax)
7: 0f 84 20 03 00 00 je 0x32d
d: 31 d2 xor %edx,%edx
f: 83 .byte 0x83
10: bc 24 84 00 00 mov $0x8424,%esp
...
[ 0.567066][ T2] RSP: 0000:ffffaeabc001bc78 EFLAGS: 00010007
[ 0.567066][ T2] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000fffffffe
[ 0.567066][ T2] RDX: 0000000000000000 RSI: ffff892280221f28 RDI: ffff8922803a9bc0
[ 0.567066][ T2] RBP: ffffaeabc001bd68 R08: ffff8922803a9bc0 R09: ffff892280221f28
[ 0.567066][ T2] R10: 00000000eac0c6e6 R11: 0000000000000000 R12: 0000000000000000
[ 0.567066][ T2] R13: 0000000000000000 R14: ffffaeabc001bd28 R15: 0000000000000000
[ 0.567066][ T2] FS: 0000000000000000(0000) GS:ffff8925afc00000(0000) knlGS:0000000000000000
[ 0.567066][ T2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.567066][ T2] CR2: 0000000000000d10 CR3: 00000000a7e18000 CR4: 00000000000406f0
[ 0.567066][ T2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 0.567066][ T2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 0.567066][ T2] Call Trace:
[ 0.567066][ T2] <TASK>
[ 0.567066][ T2] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)
[ 0.567066][ T2] ? page_fault_oops (arch/x86/mm/fault.c:707)
[ 0.567066][ T2] ? exc_page_fault (arch/x86/include/asm/irqflags.h:37 arch/x86/include/asm/irqflags.h:72 arch/x86/mm/fault.c:1494 arch/x86/mm/fault.c:1542)
[ 0.567066][ T2] ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:570)
[ 0.567066][ T2] ? load_balance (kernel/sched/fair.c:11002 kernel/sched/fair.c:11077)
[ 0.567066][ T2] ? load_balance (arch/x86/include/asm/jump_label.h:27 kernel/sched/fair.c:11074)
[ 0.567066][ T2] newidle_balance (kernel/sched/fair.c:12146)
[ 0.567066][ T2] pick_next_task_fair (kernel/sched/fair.c:8274)
[ 0.567066][ T2] __schedule (kernel/sched/core.c:6005 kernel/sched/core.c:6515 kernel/sched/core.c:6660)
[ 0.567066][ T2] schedule (arch/x86/include/asm/bitops.h:207 (discriminator 1) arch/x86/include/asm/bitops.h:239 (discriminator 1) include/linux/thread_info.h:184 (discriminator 1) include/linux/sched.h:2245 (discriminator 1) kernel/sched/core.c:6774 (discriminator 1))
[ 0.567066][ T2] kthreadd (kernel/kthread.c:735)
[ 0.567066][ T2] ? __pfx_kthreadd (kernel/kthread.c:720)
[ 0.567066][ T2] ret_from_fork (arch/x86/kernel/process.c:151)
[ 0.567066][ T2] ? __pfx_kthreadd (kernel/kthread.c:720)
[ 0.567066][ T2] ret_from_fork_asm (arch/x86/entry/entry_64.S:298)
[ 0.567066][ T2] RIP: 0000:0x0
[ 0.567066][ T2] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
Code starting with the faulting instruction
===========================================
[ 0.567066][ T2] RSP: 0000:0000000000000000 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[ 0.567066][ T2] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 0.567066][ T2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 0.567066][ T2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 0.567066][ T2] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 0.567066][ T2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 0.567066][ T2] </TASK>
[ 0.567066][ T2] Modules linked in:
[ 0.567066][ T2] CR2: 0000000000000d10
[ 0.567066][ T2] ---[ end trace 0000000000000000 ]---
[ 0.567066][ T2] RIP: 0010:load_balance (kernel/sched/fair.c:11002 kernel/sched/fair.c:11077)
[ 0.567066][ T2] Code: 83 c4 02 00 00 48 c7 c0 c0 d9 02 00 48 89 1c 24 48 8b 5c 24 18 49 89 f8 48 89 44 24 10 4c 89 6c 24 20 45 89 fd 48 8b 44 24 60 <83> b8 10 0d 00 00 01 0f 84 20 03 00 00 31 d2 83 bc 24 84 00 00 00
All code
========
0: 83 c4 02 add $0x2,%esp
3: 00 00 add %al,(%rax)
5: 48 c7 c0 c0 d9 02 00 mov $0x2d9c0,%rax
c: 48 89 1c 24 mov %rbx,(%rsp)
10: 48 8b 5c 24 18 mov 0x18(%rsp),%rbx
15: 49 89 f8 mov %rdi,%r8
18: 48 89 44 24 10 mov %rax,0x10(%rsp)
1d: 4c 89 6c 24 20 mov %r13,0x20(%rsp)
22: 45 89 fd mov %r15d,%r13d
25: 48 8b 44 24 60 mov 0x60(%rsp),%rax
2a:* 83 b8 10 0d 00 00 01 cmpl $0x1,0xd10(%rax) <-- trapping instruction
31: 0f 84 20 03 00 00 je 0x357
37: 31 d2 xor %edx,%edx
39: 83 .byte 0x83
3a: bc 24 84 00 00 mov $0x8424,%esp
...
Code starting with the faulting instruction
===========================================
0: 83 b8 10 0d 00 00 01 cmpl $0x1,0xd10(%rax)
7: 0f 84 20 03 00 00 je 0x32d
d: 31 d2 xor %edx,%edx
f: 83 .byte 0x83
10: bc 24 84 00 00 mov $0x8424,%esp
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20230906/202309061448.29151a04-oliver.sang@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists