netdev - [linux-next:master] [ptp] 8f5de6fb24: kernel_BUG_at_lib/list

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202310252217.816dfed6-oliver.sang@intel.com>
Date: Wed, 25 Oct 2023 23:12:25 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Xabier Marquiegui <reibax@...il.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, Linux Memory Management List
	<linux-mm@...ck.org>, "David S. Miller" <davem@...emloft.net>, "Richard
 Cochran" <richardcochran@...il.com>, <netdev@...r.kernel.org>,
	<oliver.sang@...el.com>
Subject: [linux-next:master] [ptp]  8f5de6fb24: kernel_BUG_at_lib/list_debug.c



Hello,

kernel test robot noticed "kernel_BUG_at_lib/list_debug.c" on:

commit: 8f5de6fb245326704f37d91780b9a10253a8a100 ("ptp: support multiple timestamp event readers")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

[test failed on linux-next/master 2030579113a1b1b5bfd7ff24c0852847836d8fd1]

in testcase: stress-ng
version: stress-ng-x86_64-0.15.04-1_20231012
with following parameters:

	nr_threads: 10%
	disk: 1HDD
	testtime: 60s
	fs: ext4
	class: os
	test: clock
	cpufreq_governor: performance



compiler: gcc-12
test machine: 64 threads 2 sockets Intel(R) Xeon(R) Gold 6346 CPU @ 3.10GHz (Ice Lake) with 256G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202310252217.816dfed6-oliver.sang@intel.com


[   58.146527][ T4761] ------------[ cut here ]------------
[   58.146528][ T4761] kernel BUG at lib/list_debug.c:32!
[   58.146534][ T4761] invalid opcode: 0000 [#1] SMP NOPTI
[   58.146537][ T4761] CPU: 55 PID: 4761 Comm: stress-ng-clock Not tainted 6.6.0-rc5-01265-g8f5de6fb2453 #1
[   58.146540][ T4761] Hardware name: Inspur NF5180M6/NF5180M6, BIOS 06.00.04 04/12/2022
[ 58.146542][ T4761] RIP: 0010:__list_add_valid_or_report (lib/list_debug.c:32 (discriminator 3)) 
[ 58.146552][ T4761] Code: a3 ff 0f 0b 48 89 c1 48 c7 c7 08 c8 72 82 e8 1f 31 a3 ff 0f 0b 48 89 d1 48 89 c6 4c 89 c2 48 c7 c7 60 c8 72 82 e8 08 31 a3 ff <0f> 0b 48 89 f2 48 89 c1 48 89 fe 48 c7 c7 b8 c8 72 82 e8 f1 30 a3
All code
========
   0:	a3 ff 0f 0b 48 89 c1 	movabs %eax,0xc748c189480b0fff
   7:	48 c7 
   9:	c7                   	(bad)
   a:	08 c8                	or     %cl,%al
   c:	72 82                	jb     0xffffffffffffff90
   e:	e8 1f 31 a3 ff       	call   0xffffffffffa33132
  13:	0f 0b                	ud2
  15:	48 89 d1             	mov    %rdx,%rcx
  18:	48 89 c6             	mov    %rax,%rsi
  1b:	4c 89 c2             	mov    %r8,%rdx
  1e:	48 c7 c7 60 c8 72 82 	mov    $0xffffffff8272c860,%rdi
  25:	e8 08 31 a3 ff       	call   0xffffffffffa33132
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	48 89 f2             	mov    %rsi,%rdx
  2f:	48 89 c1             	mov    %rax,%rcx
  32:	48 89 fe             	mov    %rdi,%rsi
  35:	48 c7 c7 b8 c8 72 82 	mov    $0xffffffff8272c8b8,%rdi
  3c:	e8                   	.byte 0xe8
  3d:	f1                   	int1
  3e:	30                   	.byte 0x30
  3f:	a3                   	.byte 0xa3

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	48 89 f2             	mov    %rsi,%rdx
   5:	48 89 c1             	mov    %rax,%rcx
   8:	48 89 fe             	mov    %rdi,%rsi
   b:	48 c7 c7 b8 c8 72 82 	mov    $0xffffffff8272c8b8,%rdi
  12:	e8                   	.byte 0xe8
  13:	f1                   	int1
  14:	30                   	.byte 0x30
  15:	a3                   	.byte 0xa3
[   58.146554][ T4761] RSP: 0018:ffa0000024d03c28 EFLAGS: 00010246
[   58.146556][ T4761] RAX: 0000000000000075 RBX: ff110020890c2000 RCX: 0000000000000000
[   58.146557][ T4761] RDX: 0000000000000000 RSI: ff11003fc09dc700 RDI: ff11003fc09dc700
[   58.146559][ T4761] RBP: ff11002086fa9330 R08: 80000000ffff8b8c R09: 0000000000ffff10
[   58.146560][ T4761] R10: 000000000000000f R11: 000000000000000f R12: ff11002086262800
[   58.146561][ T4761] R13: ff11002086aa1010 R14: ff110020890c3010 R15: ff11002086262bf0
[   58.146562][ T4761] FS:  00007f2138c47740(0000) GS:ff11003fc09c0000(0000) knlGS:0000000000000000
[   58.146563][ T4761] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   58.146565][ T4761] CR2: 00007f2138c1e8f8 CR3: 00000040581c0004 CR4: 0000000000771ee0
[   58.146566][ T4761] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.146568][ T4761] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.146569][ T4761] PKRU: 55555554
[   58.146570][ T4761] Call Trace:
[   58.146572][ T4761]  <TASK>
[ 58.146574][ T4761] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) 
[ 58.146578][ T4761] ? do_trap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153) 
[ 58.146589][ T4761] ? __list_add_valid_or_report (lib/list_debug.c:32 (discriminator 3)) 
[ 58.146592][ T4761] ? do_error_trap (arch/x86/include/asm/traps.h:59 arch/x86/kernel/traps.c:174) 
[ 58.146595][ T4761] ? __list_add_valid_or_report (lib/list_debug.c:32 (discriminator 3)) 
[ 58.146597][ T4761] ? exc_invalid_op (arch/x86/kernel/traps.c:265) 
[ 58.146603][ T4761] ? __list_add_valid_or_report (lib/list_debug.c:32 (discriminator 3)) 
[ 58.146605][ T4761] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:568) 
[ 58.146615][ T4761] ? __list_add_valid_or_report (lib/list_debug.c:32 (discriminator 3)) 
[ 58.146617][ T4761] ? __list_add_valid_or_report (lib/list_debug.c:32 (discriminator 3)) 
[ 58.146619][ T4761] ptp_open (include/linux/list.h:150 include/linux/list.h:183 drivers/ptp/ptp_chardev.c:114) 
[ 58.146624][ T4761] posix_clock_open (kernel/time/posix-clock.c:134) 
[ 58.146632][ T4761] chrdev_open (fs/char_dev.c:414) 
[ 58.146638][ T4761] ? __pfx_chrdev_open (fs/char_dev.c:374) 
[ 58.146640][ T4761] do_dentry_open (fs/open.c:929) 
[ 58.146644][ T4761] do_open (fs/namei.c:3642) 
[ 58.146652][ T4761] ? open_last_lookups (fs/namei.c:3586) 
[ 58.146655][ T4761] path_openat (fs/namei.c:3797) 
[ 58.146658][ T4761] do_filp_open (fs/namei.c:3823) 
[ 58.146661][ T4761] do_sys_openat2 (fs/open.c:1422) 
[ 58.146666][ T4761] __x64_sys_openat (fs/open.c:1448) 
[ 58.146669][ T4761] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) 
[ 58.146672][ T4761] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120) 
[   58.146676][ T4761] RIP: 0033:0x7f2138dd5127
[ 58.146678][ T4761] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25
All code
========
   0:	25 00 00 41 00       	and    $0x410000,%eax
   5:	3d 00 00 41 00       	cmp    $0x410000,%eax
   a:	74 47                	je     0x53
   c:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  13:	00 
  14:	85 c0                	test   %eax,%eax
  16:	75 6b                	jne    0x83
  18:	44 89 e2             	mov    %r12d,%edx
  1b:	48 89 ee             	mov    %rbp,%rsi
  1e:	bf 9c ff ff ff       	mov    $0xffffff9c,%edi
  23:	b8 01 01 00 00       	mov    $0x101,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	0f 87 95 00 00 00    	ja     0xcb
  36:	48 8b 4c 24 28       	mov    0x28(%rsp),%rcx
  3b:	64                   	fs
  3c:	48                   	rex.W
  3d:	2b                   	.byte 0x2b
  3e:	0c 25                	or     $0x25,%al

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	0f 87 95 00 00 00    	ja     0xa1
   c:	48 8b 4c 24 28       	mov    0x28(%rsp),%rcx
  11:	64                   	fs
  12:	48                   	rex.W
  13:	2b                   	.byte 0x2b
  14:	0c 25                	or     $0x25,%al


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231025/202310252217.816dfed6-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki