[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202405151506.639f3fc9-oliver.sang@intel.com>
Date: Wed, 15 May 2024 16:16:35 +0800
From: kernel test robot <oliver.sang@...el.com>
To: David Howells <dhowells@...hat.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
Steve French <sfrench@...ba.org>, Shyam Prasad N <nspmangalore@...il.com>,
Rohith Surabattula <rohiths.msft@...il.com>, Jeff Layton
<jlayton@...nel.org>, <netfs@...ts.linux.dev>,
<linux-fsdevel@...r.kernel.org>, <linux-cifs@...r.kernel.org>,
<samba-technical@...ts.samba.org>, <oliver.sang@...el.com>
Subject: [linus:master] [cifs] 3ee1a1fc39: canonical_address#:#[##]
Hello,
kernel test robot noticed "canonical_address#:#[##]" on:
commit: 3ee1a1fc39819906f04d6c62c180e760cd3a689d ("cifs: Cut over to using netfslib")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
[test still failed on linus/master 4f8b6f25eb1e51febd426da764a0b0ea652ad238]
[test still failed on linux-next/master 26dd54d03cd94ecc035d9e1e9fd4fc0f3ab311cf]
[test still failed on fix commit 14b1cd25346b1d615616a9c2dfdad9b4e6581e0d]
in testcase: xfstests
version: xfstests-x86_64-0e5c12df-1_20240430
with following parameters:
disk: 4HDD
fs: ext4
fs2: smbv3
test: generic-group-03
compiler: gcc-13
test machine: 4 threads Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (Skylake) with 32G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202405151506.639f3fc9-oliver.sang@intel.com
[ 428.991058][ T306]
[ 429.032352][ T306] generic/035 [expunged]
[ 429.032372][ T306]
[ 429.110038][ T1629] run fstests generic/036 at 2024-05-05 13:17:33
[ 430.012974][ T10] ==================================================================
[ 430.014766][ T42] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
[ 430.020950][ T10] BUG: KASAN: slab-use-after-free in netfs_write_collection_worker (kbuild/src/consumer/fs/netfs/write_collect.c:693)
[ 430.032914][ T42] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 430.041739][ T10] Read of size 8 at addr ffff888209bef808 by task kworker/u16:0/10
[ 430.050041][ T42] CPU: 3 PID: 42 Comm: kworker/u16:2 Tainted: G S 6.9.0-rc6-00034-g3ee1a1fc3981 #1
[ 430.057819][ T10]
[ 430.057821][ T10] CPU: 2 PID: 10 Comm: kworker/u16:0 Tainted: G S 6.9.0-rc6-00034-g3ee1a1fc3981 #1
[ 430.068389][ T42] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.8.1 12/05/2017
[ 430.070583][ T10] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.8.1 12/05/2017
[ 430.081152][ T42] Workqueue: events_unbound netfs_write_collection_worker
[ 430.089277][ T10] Workqueue: events_unbound netfs_write_collection_worker
[ 430.097401][ T42]
[ 430.104393][ T10]
[ 430.111386][ T42] RIP: 0010:aio_complete_rw (kbuild/src/consumer/fs/aio.c:1507)
[ 430.113579][ T10] Call Trace:
[ 430.113581][ T10] <TASK>
[ 430.115772][ T42] Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 04 00 00 48 8b ad a8 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 01 0f 8e 1a 04 00 00 0f b7 45 00 66 25
All code
========
0: 00 48 89 add %cl,-0x77(%rax)
3: fa cli
4: 48 c1 ea 03 shr $0x3,%rdx
8: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1)
c: 0f 85 2b 04 00 00 jne 0x43d
12: 48 8b ad a8 00 00 00 mov 0xa8(%rbp),%rbp
19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
20: fc ff df
23: 48 89 ea mov %rbp,%rdx
26: 48 c1 ea 03 shr $0x3,%rdx
2a:* 0f b6 04 02 movzbl (%rdx,%rax,1),%eax <-- trapping instruction
2e: 84 c0 test %al,%al
30: 74 08 je 0x3a
32: 3c 01 cmp $0x1,%al
34: 0f 8e 1a 04 00 00 jle 0x454
3a: 0f b7 45 00 movzwl 0x0(%rbp),%eax
3e: 66 data16
3f: 25 .byte 0x25
Code starting with the faulting instruction
===========================================
0: 0f b6 04 02 movzbl (%rdx,%rax,1),%eax
4: 84 c0 test %al,%al
6: 74 08 je 0x10
8: 3c 01 cmp $0x1,%al
a: 0f 8e 1a 04 00 00 jle 0x42a
10: 0f b7 45 00 movzwl 0x0(%rbp),%eax
14: 66 data16
15: 25 .byte 0x25
[ 430.121193][ T10] dump_stack_lvl (kbuild/src/consumer/lib/dump_stack.c:117)
[ 430.124345][ T42] RSP: 0018:ffffc90000337d18 EFLAGS: 00010246
[ 430.127150][ T10] print_address_description+0x30/0x410
[ 430.146700][ T42]
[ 430.151076][ T10] ? netfs_write_collection_worker (kbuild/src/consumer/fs/netfs/write_collect.c:693)
[ 430.157019][ T42] RAX: dffffc0000000000 RBX: ffff888269500300 RCX: 0000000000000000
[ 430.163490][ T10] print_report (kbuild/src/consumer/mm/kasan/report.c:489)
[ 430.165683][ T42] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffc90000337ce0
[ 430.171723][ T10] ? kasan_addr_to_slab (kbuild/src/consumer/mm/kasan/common.c:37)
[ 430.179601][ T42] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1041350f07
[ 430.183897][ T10] ? netfs_write_collection_worker (kbuild/src/consumer/fs/netfs/write_collect.c:693)
[ 430.191773][ T42] R10: ffff888209a8783f R11: 0000000000000400 R12: ffff888269500390
[ 430.196594][ T10] kasan_report (kbuild/src/consumer/mm/kasan/report.c:603)
[ 430.204460][ T42] R13: 0000000000000200 R14: 0000000000000200 R15: ffff888269500398
[ 430.210493][ T10] ? netfs_write_collection_worker (kbuild/src/consumer/fs/netfs/write_collect.c:693)
[ 430.218354][ T42] FS: 0000000000000000(0000) GS:ffff888795180000(0000) knlGS:0000000000000000
[ 430.222641][ T10] netfs_write_collection_worker (kbuild/src/consumer/fs/netfs/write_collect.c:693)
[ 430.230506][ T42] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 430.236538][ T10] process_one_work (kbuild/src/consumer/kernel/workqueue.c:3254)
[ 430.245360][ T42] CR2: 00007efd4765f000 CR3: 000000081a85a001 CR4: 00000000003706f0
[ 430.251220][ T10] worker_thread (kbuild/src/consumer/kernel/workqueue.c:3329 (discriminator 2) kbuild/src/consumer/kernel/workqueue.c:3416 (discriminator 2))
[ 430.257686][ T42] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 430.262498][ T10] ? __pfx_worker_thread (kbuild/src/consumer/kernel/workqueue.c:3362)
[ 430.270360][ T42] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 430.274909][ T10] kthread (kbuild/src/consumer/kernel/kthread.c:388)
[ 430.282775][ T42] Call Trace:
[ 430.287759][ T10] ? __pfx_kthread (kbuild/src/consumer/kernel/kthread.c:341)
[ 430.295623][ T42] <TASK>
[ 430.299564][ T10] ret_from_fork (kbuild/src/consumer/arch/x86/kernel/process.c:147)
[ 430.302716][ T42] ? die_addr (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:421 kbuild/src/consumer/arch/x86/kernel/dumpstack.c:460)
[ 430.307176][ T10] ? __pfx_kthread (kbuild/src/consumer/kernel/kthread.c:341)
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240515/202405151506.639f3fc9-oliver.sang@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists