Re: [kernel/isolation] c427534e48: BUG:kernel_NULL_pointer_dereference,address

From: Nicholas Piggin
Date: Fri Jun 21 2019 - 19:44:11 EST

Next message: Dexuan Cui: "[PATCH v2] PCI: hv: Fix a use-after-free bug in hv_eject_device_work()"
Previous message: Josh Hunt: "Re: Steam is broken on new kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

kernel test robot's on June 21, 2019 6:20 pm:
> FYI, we noticed the following commit (built with gcc-7):
>
> commit: c427534e48381727924529455ddfa67e2985686d ("kernel/isolation: Asset that a housekeeping CPU comes up at boot time")
> https://git.kernel.org/cgit/linux/kernel/git/peterz/queue.git sched/core
>
> in testcase: rcuperf
> with following parameters:
>
> runtime: 300s
> perf_type: tasks
>
>
>
> on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 2G
>
> caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
>
>
> +-------------------------------------------------+------------+------------+
> | | 66567fcbae | c427534e48 |
> +-------------------------------------------------+------------+------------+
> | boot_successes | 5 | 0 |
> | boot_failures | 18 | 11 |
> | BUG:kernel_reboot-without-warning_in_test_stage | 18 | |
> | BUG:kernel_NULL_pointer_dereference,address | 0 | 11 |
> | Oops:#[##] | 0 | 11 |
> | RIP:housekeeping_verify_smp | 0 | 11 |
> | Kernel_panic-not_syncing:Fatal_exception | 0 | 11 |
> +-------------------------------------------------+------------+------------+
>
>
> If you fix the issue, kindly add following tag
> Reported-by: kernel test robot <rong.a.chen@xxxxxxxxx>
>
>
> [ 0.562433] BUG: kernel NULL pointer dereference, address: 0000000000000000
> [ 0.562994] #PF: supervisor read access in kernel mode
> [ 0.562994] #PF: error_code(0x0000) - not-present page
> [ 0.562994] PGD 0 P4D 0
> [ 0.562994] Oops: 0000 [#1] SMP PTI
> [ 0.562994] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.2.0-rc5-00015-gc427534 #1
> [ 0.562994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
> [ 0.562994] RIP: 0010:housekeeping_verify_smp+0x2b/0x41
> [ 0.562994] Code: 66 66 66 90 53 83 c8 ff 48 c7 c3 c0 e2 e3 84 48 89 de 89 c7 e8 94 d4 d7 fe 3b 05 22 77 b8 ff 73 13 89 c2 48 8b 0d db eb 28 00 <48> 0f a3 11 73 df 31 c0 5b c3 48 c7 c7 f0 0e 8d 84 e8 1b 84 3e fe
> [ 0.562994] RSP: 0000:ffffabda00327e18 EFLAGS: 00010293
> [ 0.562994] RAX: 0000000000000000 RBX: ffffffff84e3e2c0 RCX: 0000000000000000
> [ 0.562994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff84e3e2c0
> [ 0.562994] RBP: ffffffff852b7572 R08: 0000000000000044 R09: 0000000000000228
> [ 0.562994] R10: 0000000000000000 R11: ffff892f4f817e10 R12: ffffffff854a0938
> [ 0.562994] R13: 0000000000000002 R14: ffffffff852898d9 R15: 0000000000000000
> [ 0.562994] FS: 0000000000000000(0000) GS:ffff892fa1e00000(0000) knlGS:0000000000000000
> [ 0.562994] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 0.562994] CR2: 0000000000000000 CR3: 000000001ec0a000 CR4: 00000000000406f0
> [ 0.562994] Call Trace:
> [ 0.562994] do_one_initcall+0x46/0x214
> [ 0.562994] kernel_init_freeable+0x1c7/0x272
> [ 0.562994] ? rest_init+0xd0/0xd0
> [ 0.562994] kernel_init+0xa/0x110
> [ 0.562994] ret_from_fork+0x35/0x40
> [ 0.562994] Modules linked in:
> [ 0.562994] CR2: 0000000000000000
> [ 0.562994] ---[ end trace 1c0ad476e5b7f021 ]---

Oops, housekeeping_verify_smp needs to needs to check
housekeeping_overidden before testing housekeeping_mask.

You want me to resend with a fix?

Thanks,
Nick

Next message: Dexuan Cui: "[PATCH v2] PCI: hv: Fix a use-after-free bug in hv_eject_device_work()"
Previous message: Josh Hunt: "Re: Steam is broken on new kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]