lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <202503041036.ad427cb-lkp@intel.com>
Date: Tue, 4 Mar 2025 13:04:50 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Chaohai Chen <wdhh6@...yun.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-scsi@...r.kernel.org>,
	<James.Bottomley@...senpartnership.com>, <martin.petersen@...cle.com>,
	<linux-kernel@...r.kernel.org>, <bvanassche@....org>, Chaohai Chen
	<wdhh6@...yun.com>, <oliver.sang@...el.com>
Subject: Re: [PATCH v2] scsi: stop judging after finding a VPD page expected
 to be processed.



Hello,

kernel test robot noticed "BUG:unable_to_handle_page_fault_for_address" on:

commit: 8e44a5176a631b6b5ba7efa557d8b1895eb56d85 ("[PATCH v2] scsi: stop judging after finding a VPD page expected to be processed.")
url: https://github.com/intel-lab-lkp/linux/commits/Chaohai-Chen/scsi-stop-judging-after-finding-a-VPD-page-expected-to-be-processed/20250227-140720
base: https://git.kernel.org/cgit/linux/kernel/git/jejb/scsi.git for-next
patch link: https://lore.kernel.org/all/20250227060618.15787-1-wdhh6@aliyun.com/
patch subject: [PATCH v2] scsi: stop judging after finding a VPD page expected to be processed.

in testcase: boot

config: x86_64-rhel-9.4
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)


+---------------------------------------------+------------+------------+
|                                             | 5d51aea463 | 8e44a5176a |
+---------------------------------------------+------------+------------+
| boot_successes                              | 12         | 0          |
| boot_failures                               | 0          | 14         |
| BUG:unable_to_handle_page_fault_for_address | 0          | 14         |
| Oops                                        | 0          | 14         |
| RIP:build_detached_freelist                 | 0          | 14         |
| Kernel_panic-not_syncing:Fatal_exception    | 0          | 14         |
+---------------------------------------------+------------+------------+


If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202503041036.ad427cb-lkp@intel.com


[   14.245211][  T124] BUG: unable to handle page fault for address: ffffdeda9e000008
[   14.245852][  T124] #PF: supervisor read access in kernel mode
[   14.246293][  T124] #PF: error_code(0x0000) - not-present page
[   14.246740][  T124] PGD 0 P4D 0
[   14.247003][  T124] Oops: Oops: 0000 [#1] SMP PTI
[   14.247375][  T124] CPU: 1 UID: 0 PID: 124 Comm: kworker/u8:3 Not tainted 6.14.0-rc1-00076-g8e44a5176a63 #1
[   14.248100][  T124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   14.248837][  T124] Workqueue: events_unbound kfree_rcu_work
[ 14.249283][ T124] RIP: 0010:build_detached_freelist (include/linux/page-flags.h:243 include/linux/mm.h:1297 mm/slab.h:211 mm/slub.c:4941) 
[ 14.250299][ T124] Code: 8b 03 48 89 ca 48 01 c2 0f 82 ed 01 00 00 4d 89 d3 4c 2b 1d 74 b4 57 01 4c 01 da 48 c1 ea 0c 48 c1 e2 06 48 03 15 52 b4 57 01 <4c> 8b 6a 08 49 89 d3 41 f6 c5 01 0f 85 dd 00 00 00 0f 1f 44 00 00
All code
========
   0:	8b 03                	mov    (%rbx),%eax
   2:	48 89 ca             	mov    %rcx,%rdx
   5:	48 01 c2             	add    %rax,%rdx
   8:	0f 82 ed 01 00 00    	jb     0x1fb
   e:	4d 89 d3             	mov    %r10,%r11
  11:	4c 2b 1d 74 b4 57 01 	sub    0x157b474(%rip),%r11        # 0x157b48c
  18:	4c 01 da             	add    %r11,%rdx
  1b:	48 c1 ea 0c          	shr    $0xc,%rdx
  1f:	48 c1 e2 06          	shl    $0x6,%rdx
  23:	48 03 15 52 b4 57 01 	add    0x157b452(%rip),%rdx        # 0x157b47c
  2a:*	4c 8b 6a 08          	mov    0x8(%rdx),%r13		<-- trapping instruction
  2e:	49 89 d3             	mov    %rdx,%r11
  31:	41 f6 c5 01          	test   $0x1,%r13b
  35:	0f 85 dd 00 00 00    	jne    0x118
  3b:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)

Code starting with the faulting instruction
===========================================
   0:	4c 8b 6a 08          	mov    0x8(%rdx),%r13
   4:	49 89 d3             	mov    %rdx,%r11
   7:	41 f6 c5 01          	test   $0x1,%r13b
   b:	0f 85 dd 00 00 00    	jne    0xee
  11:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
[   14.252909][  T124] RSP: 0000:ffffa8e5004ebcd0 EFLAGS: 00010286
[   14.253973][  T124] RAX: 0000000080000000 RBX: ffffa8e5004ebd50 RCX: 0000000000000003
[   14.255143][  T124] RDX: ffffdeda9e000000 RSI: 0000000000000177 RDI: 0000000000000002
[   14.256313][  T124] RBP: ffff95f9e637b028 R08: ffffdd3284e15900 R09: 0000000000000000
[   14.257464][  T124] R10: ffffffff80000000 R11: 00006a0700000000 R12: 0000000000000178
[   14.258661][  T124] R13: 504d56b8f995ffff R14: ffff95f980042200 R15: 000000000000017d
[   14.259806][  T124] FS:  0000000000000000(0000) GS:ffff95fcafd00000(0000) knlGS:0000000000000000
[   14.261074][  T124] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   14.262173][  T124] CR2: ffffdeda9e000008 CR3: 0000000167df6000 CR4: 00000000000406f0
[   14.263363][  T124] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   14.264575][  T124] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   14.265747][  T124] Call Trace:
[   14.266530][  T124]  <TASK>
[ 14.267349][ T124] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) 
[ 14.268182][ T124] ? page_fault_oops (arch/x86/mm/fault.c:714) 
[ 14.269105][ T124] ? exc_page_fault (arch/x86/mm/fault.c:1478 arch/x86/mm/fault.c:1538) 
[ 14.269972][ T124] ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:623) 
[ 14.270888][ T124] ? build_detached_freelist (include/linux/page-flags.h:243 include/linux/mm.h:1297 mm/slab.h:211 mm/slub.c:4941) 
[ 14.271810][ T124] kmem_cache_free_bulk (mm/slub.c:4706) 
[ 14.272840][ T124] ? dequeue_entity (kernel/sched/fair.c:5488) 
[ 14.273683][ T124] ? kvfree_rcu_bulk (include/linux/slab.h:791 mm/slab_common.c:1498) 
[ 14.274542][ T124] kvfree_rcu_bulk (include/linux/slab.h:791 mm/slab_common.c:1498) 
[ 14.275389][ T124] kfree_rcu_work (mm/slab_common.c:1576) 
[ 14.276255][ T124] ? finish_task_switch+0x85/0x2b0 
[ 14.277161][ T124] process_one_work (kernel/workqueue.c:3241) 
[ 14.277998][ T124] worker_thread (kernel/workqueue.c:3311 kernel/workqueue.c:3398) 
[ 14.278830][ T124] ? __pfx_worker_thread (kernel/workqueue.c:3344) 
[ 14.279670][ T124] kthread (kernel/kthread.c:464) 
[ 14.280456][ T124] ? __pfx_kthread (kernel/kthread.c:413) 
[ 14.281263][ T124] ret_from_fork (arch/x86/kernel/process.c:154) 
[ 14.282106][ T124] ? __pfx_kthread (kernel/kthread.c:413) 
[ 14.282915][ T124] ret_from_fork_asm (arch/x86/entry/entry_64.S:257) 
[   14.283726][  T124]  </TASK>
[   14.284397][  T124] Modules linked in: ipmi_devintf ipmi_msghandler sr_mod cdrom sg snd_pcm intel_rapl_msr ata_generic intel_rapl_common snd_timer ghash_clmulni_intel ppdev rapl snd bochs drm_client_lib drm_shmem_helper soundcore i2c_piix4 ata_piix i2c_smbus drm_kms_helper joydev pcspkr parport_pc libata serio_raw parport fuse drm ip_tables
[   14.287967][  T124] CR2: ffffdeda9e000008
[   14.288794][  T124] ---[ end trace 0000000000000000 ]---
[ 14.289744][ T124] RIP: 0010:build_detached_freelist (include/linux/page-flags.h:243 include/linux/mm.h:1297 mm/slab.h:211 mm/slub.c:4941) 
[ 14.290724][ T124] Code: 8b 03 48 89 ca 48 01 c2 0f 82 ed 01 00 00 4d 89 d3 4c 2b 1d 74 b4 57 01 4c 01 da 48 c1 ea 0c 48 c1 e2 06 48 03 15 52 b4 57 01 <4c> 8b 6a 08 49 89 d3 41 f6 c5 01 0f 85 dd 00 00 00 0f 1f 44 00 00
All code
========
   0:	8b 03                	mov    (%rbx),%eax
   2:	48 89 ca             	mov    %rcx,%rdx
   5:	48 01 c2             	add    %rax,%rdx
   8:	0f 82 ed 01 00 00    	jb     0x1fb
   e:	4d 89 d3             	mov    %r10,%r11
  11:	4c 2b 1d 74 b4 57 01 	sub    0x157b474(%rip),%r11        # 0x157b48c
  18:	4c 01 da             	add    %r11,%rdx
  1b:	48 c1 ea 0c          	shr    $0xc,%rdx
  1f:	48 c1 e2 06          	shl    $0x6,%rdx
  23:	48 03 15 52 b4 57 01 	add    0x157b452(%rip),%rdx        # 0x157b47c
  2a:*	4c 8b 6a 08          	mov    0x8(%rdx),%r13		<-- trapping instruction
  2e:	49 89 d3             	mov    %rdx,%r11
  31:	41 f6 c5 01          	test   $0x1,%r13b
  35:	0f 85 dd 00 00 00    	jne    0x118
  3b:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)

Code starting with the faulting instruction
===========================================
   0:	4c 8b 6a 08          	mov    0x8(%rdx),%r13
   4:	49 89 d3             	mov    %rdx,%r11
   7:	41 f6 c5 01          	test   $0x1,%r13b
   b:	0f 85 dd 00 00 00    	jne    0xee
  11:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250304/202503041036.ad427cb-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ