[axboe-block:rw_iter] [fs/proc] a461a4f9ee: segfault_at_ip_sp_error
From: kernel test robot
Date: Thu Aug 08 2024 - 10:17:09 EST
Hello,
kernel test robot noticed "segfault_at_ip_sp_error" on:
commit: a461a4f9eea48aa2bb8ac2a5c5e6b235e233e891 ("fs/proc: convert to read/write iterators")
https://git.kernel.org/cgit/linux/kernel/git/axboe/linux-block.git rw_iter
in testcase: boot
compiler: clang-18
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+-------------------------+------------+------------+
| | a6f483c214 | a461a4f9ee |
+-------------------------+------------+------------+
| segfault_at_ip_sp_error | 0 | 6 |
+-------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202408082200.c3349d39-oliver.sang@xxxxxxxxx
[ OK ] Started OpenBSD Secure Shell server.
LKP: ttyS0: 221: Kernel tests: Boot OK!
[ OK ] Started System Logging Service.
LKP: ttyS0: 221: HOSTNAME vm-snb, MAC 52:54:00:12:34:56, kernel 6.11.0-rc2-00295-ga461a4f9eea4 1
LKP: ttyS0: 221: /lkp/lkp/src/bin/run-lkp /lkp/jobs/scheduled/vm-meta-189/boot-1-debian-11.1-i386-20220923.cgz-x86_64-randconfig-076-20240807-a461a4f9eea4-20240808-123352-1sio433-5.yaml
[ 157.838726][ T408] vmstat[408]: segfault at 56633000 ip 00000000f7f4e774 sp 00000000ffbaee70 error 6 in libprocps.so.8.0.3[3774,f7f4e000+a000] likely on CPU 1 (core 1, socket 0)
[ 157.844239][ T408] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 158.373225][ T352] vmstat[352]: segfault at 56630000 ip 00000000f7edd774 sp 00000000ffec1aa0 error 6 in libprocps.so.8.0.3[3774,f7edd000+a000] likely on CPU 1 (core 1, socket 0)
[ 158.434212][ T352] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 172.712196][ T457] kill[457]: segfault at 565a1000 ip 00000000f7f70774 sp 00000000fff806a0 error 6 in libprocps.so.8.0.3[3774,f7f70000+a000] likely on CPU 1 (core 1, socket 0)
[ 172.716785][ T457] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 174.021512][ T463] ps[463]: segfault at 565da000 ip 00000000f7ede774 sp 00000000fff285e0 error 6 in libprocps.so.8.0.3[3774,f7ede000+a000] likely on CPU 1 (core 1, socket 0)
[ 174.026251][ T463] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 174.448659][ T236] is_virt=true
[ 174.448714][ T236]
[ 175.157784][ T238] Segmentation fault
[ 175.157850][ T238]
[ 175.163573][ T238] Segmentation fault
[ 175.163622][ T238]
[ 175.439350][ T471] kill[471]: segfault at 5657f000 ip 00000000f7f2c774 sp 00000000ffc71110 error 6 in libprocps.so.8.0.3[3774,f7f2c000+a000] likely on CPU 1 (core 1, socket 0)
[ 175.443889][ T471] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 176.730643][ T236] lkp: kernel tainted state: 131072
[ 176.730707][ T236]
[ 177.388622][ T236] LKP: stdout: 221: Kernel tests: Boot OK!
[ 177.388806][ T236]
[ 177.573487][ T485] pgrep[485]: segfault at 565b5000 ip 00000000f7e99774 sp 00000000ff9741c0 error 6 in libprocps.so.8.0.3[3774,f7e99000+a000] likely on CPU 1 (core 1, socket 0)
[ 177.578143][ T485] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 177.720110][ T487] ps[487]: segfault at 5668d000 ip 00000000f7f31774 sp 00000000ffd757e0 error 6 in libprocps.so.8.0.3[3774,f7f31000+a000] likely on CPU 1 (core 1, socket 0)
[ 177.724735][ T487] Code: 74 24 0c 89 ee 89 cd 8d b4 26 00 00 00 00 57 6a 01 6a 08 55 e8 7d fb ff ff 8b 54 24 24 8b 4c 24 28 83 c4 10 8b 83 20 0b 00 00 <89> 14 30 89 4c 30 04 8b 44 24 14 83 c6 08 85 c0 75 d2 8b 74 24 0c
All code
========
0: 74 24 je 0x26
2: 0c 89 or $0x89,%al
4: ee out %al,(%dx)
5: 89 cd mov %ecx,%ebp
7: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
e: 57 push %rdi
f: 6a 01 pushq $0x1
11: 6a 08 pushq $0x8
13: 55 push %rbp
14: e8 7d fb ff ff callq 0xfffffffffffffb96
19: 8b 54 24 24 mov 0x24(%rsp),%edx
1d: 8b 4c 24 28 mov 0x28(%rsp),%ecx
21: 83 c4 10 add $0x10,%esp
24: 8b 83 20 0b 00 00 mov 0xb20(%rbx),%eax
2a:* 89 14 30 mov %edx,(%rax,%rsi,1) <-- trapping instruction
2d: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
31: 8b 44 24 14 mov 0x14(%rsp),%eax
35: 83 c6 08 add $0x8,%esi
38: 85 c0 test %eax,%eax
3a: 75 d2 jne 0xe
3c: 8b 74 24 0c mov 0xc(%rsp),%esi
Code starting with the faulting instruction
===========================================
0: 89 14 30 mov %edx,(%rax,%rsi,1)
3: 89 4c 30 04 mov %ecx,0x4(%rax,%rsi,1)
7: 8b 44 24 14 mov 0x14(%rsp),%eax
b: 83 c6 08 add $0x8,%esi
e: 85 c0 test %eax,%eax
10: 75 d2 jne 0xffffffffffffffe4
12: 8b 74 24 0c mov 0xc(%rsp),%esi
[ 179.252315][ T238] failed to kill background process /tmp/lkp/pid-bg-proc-kmsg
[ 179.252379][ T238]
[ 179.256801][ T238] Segmentation fault
[ 179.256847][ T238]
[ 179.260181][ T238] Segmentation fault
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240808/202408082200.c3349d39-oliver.sang@xxxxxxxxx
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki