lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202401152142.bfc28861-oliver.sang@intel.com>
Date: Mon, 15 Jan 2024 22:14:12 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Steven Rostedt <rostedt@...dmis.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, Linux Memory Management List
	<linux-mm@...ck.org>, Masami Hiramatsu <mhiramat@...nel.org>, Mark Rutland
	<mark.rutland@....com>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>, Ajay Kaher
	<akaher@...are.com>, Al Viro <viro@...iv.linux.org.uk>, Christian Brauner
	<brauner@...nel.org>, <linux-kernel@...r.kernel.org>,
	<linux-trace-kernel@...r.kernel.org>, <oliver.sang@...el.com>
Subject: [linux-next:master] [eventfs]  493ec81a8f: kernel_BUG_at_fs/dcache.c



Hello,

kernel test robot noticed "kernel_BUG_at_fs/dcache.c" on:

commit: 493ec81a8fb8e4ada6f223b8b73791a1280d4774 ("eventfs: Stop using dcache_readdir() for getdents()")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

[test failed on linux-next/master 8cb47d7cd090a690c1785385b2f3d407d4a53ad0]
[test failed on fix commit 1e4624eb5a0ecaae0d2c4e3019bece119725bb98]

in testcase: stress-ng
version: stress-ng-x86_64-3040a078a-1_20231212
with following parameters:

	nr_threads: 10%
	disk: 1HDD
	testtime: 60s
	fs: btrfs
	class: filesystem
	test: getdent
	cpufreq_governor: performance



compiler: gcc-12
test machine: 64 threads 2 sockets Intel(R) Xeon(R) Gold 6346 CPU @ 3.10GHz (Ice Lake) with 256G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202401152142.bfc28861-oliver.sang@intel.com


[   41.602502][ T4375] ------------[ cut here ]------------
[   41.602519][ T4376] ------------[ cut here ]------------
[   41.602607][ T4374] ------------[ cut here ]------------
[   41.602607][ T4378] ------------[ cut here ]------------
[   41.602608][ T4374] kernel BUG at fs/dcache.c:2031!
[   41.602608][ T4378] kernel BUG at fs/dcache.c:2031!
[   41.602613][ T4374] invalid opcode: 0000 [#1] SMP NOPTI
[   41.602616][ T4374] CPU: 50 PID: 4374 Comm: stress-ng-getde Not tainted 6.7.0-rc2-00042-g493ec81a8fb8 #1
[   41.602618][ T4374] Hardware name: Inspur NF5180M6/NF5180M6, BIOS 06.00.04 04/12/2022
[ 41.602619][ T4374] RIP: 0010:d_instantiate (fs/dcache.c:2031 (discriminator 1)) 
[   41.602623][ T4377] ------------[ cut here ]------------
[ 41.602623][ T4374] Code: e8 92 c0 1c 00 4c 89 e7 e8 0a 79 b8 00 48 89 ef 48 89 de e8 7f fc ff ff 4c 89 e7 c6 07 00 0f 1f 00 5b 5d 41 5c c3 cc cc cc cc <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00
All code
========
   0:	e8 92 c0 1c 00       	callq  0x1cc097
   5:	4c 89 e7             	mov    %r12,%rdi
   8:	e8 0a 79 b8 00       	callq  0xb87917
   d:	48 89 ef             	mov    %rbp,%rdi
  10:	48 89 de             	mov    %rbx,%rsi
  13:	e8 7f fc ff ff       	callq  0xfffffffffffffc97
  18:	4c 89 e7             	mov    %r12,%rdi
  1b:	c6 07 00             	movb   $0x0,(%rdi)
  1e:	0f 1f 00             	nopl   (%rax)
  21:	5b                   	pop    %rbx
  22:	5d                   	pop    %rbp
  23:	41 5c                	pop    %r12
  25:	c3                   	retq   
  26:	cc                   	int3   
  27:	cc                   	int3   
  28:	cc                   	int3   
  29:	cc                   	int3   
  2a:*	0f 0b                	ud2    		<-- trapping instruction
  2c:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  33:	00 00 00 00 
  37:	66                   	data16
  38:	66                   	data16
  39:	2e                   	cs
  3a:	0f                   	.byte 0xf
  3b:	1f                   	(bad)  
  3c:	84 00                	test   %al,(%rax)
	...

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2    
   2:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
   9:	00 00 00 00 
   d:	66                   	data16
   e:	66                   	data16
   f:	2e                   	cs
  10:	0f                   	.byte 0xf
  11:	1f                   	(bad)  
  12:	84 00                	test   %al,(%rax)
	...
[   41.602625][ T4377] kernel BUG at fs/dcache.c:2031!
[   41.602625][ T4374] RSP: 0018:ffa000000fcdfcd0 EFLAGS: 00010286
[   41.602629][ T4374] RAX: 0000000000000002 RBX: ff11000109392980 RCX: 0000000000000000
[   41.602630][ T4374] RDX: 0000000000000000 RSI: ff1100405e46c6f0 RDI: ff1100405f05afc0
[   41.602631][ T4374] RBP: ff1100405f05afc0 R08: ffffffff830ad0e0 R09: 0000000000000000
[   41.602632][ T4374] R10: 0000000000000280 R11: ffffffff8162036a R12: 0000000000000000
[   41.602633][ T4374] R13: ff1100405e46c6f0 R14: ff1100405f05aff8 R15: 0000000000000000
[   41.602634][ T4374] FS:  00007f2582ff9740(0000) GS:ff1100407fa80000(0000) knlGS:0000000000000000
[   41.602635][ T4374] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.602635][ T4374] CR2: 00005624511f3328 CR3: 000000208a342006 CR4: 0000000000771ef0
[   41.602636][ T4374] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   41.602637][ T4374] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   41.602638][ T4374] PKRU: 55555554
[   41.602638][ T4374] Call Trace:
[   41.602640][ T4374]  <TASK>
[ 41.602642][ T4374] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) 
[ 41.602644][ T4374] ? do_trap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153) 
[ 41.602645][ T4374] ? d_instantiate (fs/dcache.c:2031 (discriminator 1)) 
[ 41.602647][ T4374] ? do_error_trap (arch/x86/include/asm/traps.h:59 arch/x86/kernel/traps.c:174) 
[ 41.602648][ T4374] ? d_instantiate (fs/dcache.c:2031 (discriminator 1)) 
[ 41.602649][ T4374] ? exc_invalid_op (arch/x86/kernel/traps.c:265) 
[ 41.602652][ T4374] ? d_instantiate (fs/dcache.c:2031 (discriminator 1)) 
[ 41.602653][ T4374] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:568) 
[ 41.602655][ T4374] ? tracefs_alloc_inode (fs/tracefs/inode.c:38) 
[ 41.602657][ T4374] ? d_instantiate (fs/dcache.c:2031 (discriminator 1)) 
[ 41.602659][ T4374] create_dir_dentry (fs/tracefs/event_inode.c:329 fs/tracefs/event_inode.c:516) 
[ 41.602661][ T4374] eventfs_root_lookup (fs/tracefs/event_inode.c:611) 
[ 41.602662][ T4374] ? terminate_walk (fs/namei.c:691) 
[ 41.602665][ T4374] __lookup_slow (fs/namei.c:1694) 
[ 41.602667][ T4374] lookup_one_len (fs/namei.c:2746 (discriminator 1)) 
[ 41.602669][ T4374] eventfs_start_creating (fs/tracefs/inode.c:536) 
[ 41.602671][ T4374] create_dir_dentry (fs/tracefs/event_inode.c:309 fs/tracefs/event_inode.c:516) 
[ 41.602673][ T4374] eventfs_iterate (fs/tracefs/event_inode.c:701) 
[ 41.602674][ T4374] ? atime_needs_update (fs/inode.c:1842 fs/inode.c:1994) 
[ 41.602677][ T4374] iterate_dir (fs/readdir.c:106) 
[ 41.602680][ T4374] __x64_sys_getdents (fs/readdir.c:323 fs/readdir.c:307 fs/readdir.c:307) 
[ 41.602682][ T4374] ? __pfx_filldir (fs/readdir.c:260) 
[ 41.602684][ T4374] do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82) 
[ 41.602686][ T4374] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129) 
[   41.602690][ T4374] RIP: 0033:0x7f2583190f29
[ 41.602691][ T4374] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 37 8f 0d 00 f7 d8 64 89 01 48
All code
========
   0:	00 c3                	add    %al,%bl
   2:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
   9:	00 00 00 
   c:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  11:	48 89 f8             	mov    %rdi,%rax
  14:	48 89 f7             	mov    %rsi,%rdi
  17:	48 89 d6             	mov    %rdx,%rsi
  1a:	48 89 ca             	mov    %rcx,%rdx
  1d:	4d 89 c2             	mov    %r8,%r10
  20:	4d 89 c8             	mov    %r9,%r8
  23:	4c 8b 4c 24 08       	mov    0x8(%rsp),%r9
  28:	0f 05                	syscall 
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	retq   
  33:	48 8b 0d 37 8f 0d 00 	mov    0xd8f37(%rip),%rcx        # 0xd8f71
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	retq   
   9:	48 8b 0d 37 8f 0d 00 	mov    0xd8f37(%rip),%rcx        # 0xd8f47
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W
[   41.602692][ T4374] RSP: 002b:00007ffe038f3e28 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   41.602694][ T4374] RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 00007f2583190f29
[   41.602695][ T4374] RDX: 0000000000001000 RSI: 0000562451159150 RDI: 0000000000000008
[   41.602695][ T4374] RBP: 00007f2582fcd398 R08: 00007f2582fcd398 R09: 00007f2582fcd398
[   41.602696][ T4374] R10: 00007f2582fcd398 R11: 0000000000000246 R12: 00007f2582fcd398
[   41.602696][ T4374] R13: 0000562451159150 R14: 00007ffe038f80d8 R15: 0000000000000008
[   41.602697][ T4374]  </TASK>
[   41.602698][ T4374] Modules linked in: binfmt_misc dm_mod intel_rapl_msr intel_rapl_common btrfs blake2b_generic x86_pkg_temp_thermal xor coretemp raid6_pq libcrc32c kvm_intel ipmi_ssif kvm irqbypass nvme crct10dif_pclmul crc32_pclmul sd_mod crc32c_intel nvme_core sg ghash_clmulni_intel sha512_ssse3 ahci t10_pi rapl libahci ast intel_cstate mei_me crc64_rocksoft_generic drm_shmem_helper intel_uncore dax_hmem acpi_ipmi ioatdma i2c_i801 crc64_rocksoft megaraid_sas crc64 ipmi_si libata drm_kms_helper mei i2c_smbus intel_pch_thermal joydev dca wmi ipmi_devintf ipmi_msghandler acpi_power_meter drm fuse ip_tables
[   41.602723][ T4374] ---[ end trace 0000000000000000 ]---
[   41.602724][ T4378] invalid opcode: 0000 [#2] SMP NOPTI
[   41.602726][ T4378] CPU: 27 PID: 4378 Comm: stress-ng-getde Tainted: G      D            6.7.0-rc2-00042-g493ec81a8fb8 #1
[   41.602728][ T4378] Hardware name: Inspur NF5180M6/NF5180M6, BIOS 06.00.04 04/12/2022
[ 41.602729][ T4378] RIP: 0010:d_instantiate (fs/dcache.c:2031 (discriminator 1)) 
[ 41.602733][ T4378] Code: e8 92 c0 1c 00 4c 89 e7 e8 0a 79 b8 00 48 89 ef 48 89 de e8 7f fc ff ff 4c 89 e7 c6 07 00 0f 1f 00 5b 5d 41 5c c3 cc cc cc cc <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00
All code
========
   0:	e8 92 c0 1c 00       	callq  0x1cc097
   5:	4c 89 e7             	mov    %r12,%rdi
   8:	e8 0a 79 b8 00       	callq  0xb87917
   d:	48 89 ef             	mov    %rbp,%rdi
  10:	48 89 de             	mov    %rbx,%rsi
  13:	e8 7f fc ff ff       	callq  0xfffffffffffffc97
  18:	4c 89 e7             	mov    %r12,%rdi
  1b:	c6 07 00             	movb   $0x0,(%rdi)
  1e:	0f 1f 00             	nopl   (%rax)
  21:	5b                   	pop    %rbx
  22:	5d                   	pop    %rbp
  23:	41 5c                	pop    %r12
  25:	c3                   	retq   
  26:	cc                   	int3   
  27:	cc                   	int3   
  28:	cc                   	int3   
  29:	cc                   	int3   
  2a:*	0f 0b                	ud2    		<-- trapping instruction
  2c:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  33:	00 00 00 00 
  37:	66                   	data16
  38:	66                   	data16
  39:	2e                   	cs
  3a:	0f                   	.byte 0xf
  3b:	1f                   	(bad)  
  3c:	84 00                	test   %al,(%rax)
	...

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2    
   2:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
   9:	00 00 00 00 
   d:	66                   	data16
   e:	66                   	data16
   f:	2e                   	cs
  10:	0f                   	.byte 0xf
  11:	1f                   	(bad)  
  12:	84 00                	test   %al,(%rax)


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240115/202401152142.bfc28861-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ