[pipe] d60337eff1: BUG:kernel_NULL_pointer_dereference,address
From: kernel test robot <hidden>
Date: 2019-11-10 03:14:19
Also in:
linux-usb, lkml, oe-lkp
FYI, we noticed the following commit (built with gcc-7):
commit: d60337eff18a3c587832ab8053a567f1da9710d2 ("[RFC PATCH 04/11] pipe: Use head and tail pointers for the ring, not cursor and length [ver #3]")
url: https://github.com/0day-ci/linux/commits/David-Howells/pipe-Notification-queue-preparation-ver-3/20191103-044740
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 8G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+---------------------------------------------+------------+------------+
| | 77a98a59a1 | d60337eff1 |
+---------------------------------------------+------------+------------+
| boot_successes | 4 | 0 |
| boot_failures | 0 | 6 |
| BUG:kernel_NULL_pointer_dereference,address | 0 | 6 |
| Oops:#[##] | 0 | 6 |
| RIP:iov_iter_get_pages_alloc | 0 | 6 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 6 |
+---------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <redacted>
[ 9.423019] BUG: kernel NULL pointer dereference, address: 0000000000000008
[ 9.425646] #PF: supervisor read access in kernel mode
[ 9.427714] #PF: error_code(0x0000) - not-present page
[ 9.429851] PGD 80000001fb937067 P4D 80000001fb937067 PUD 1739e1067 PMD 0
[ 9.432468] Oops: 0000 [#1] SMP PTI
[ 9.434064] CPU: 0 PID: 178 Comm: cat Not tainted 5.4.0-rc5-00353-gd60337eff18a3 #1
[ 9.437139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 9.440439] RIP: 0010:iov_iter_get_pages_alloc+0x2a8/0x400
[ 9.442643] Code: 50 48 83 ee 01 8b 54 24 0c 4c 89 c1 48 c1 ee 0c 4d 8d 4c f0 08 49 8b 77 78 44 21 f2 48 8d 14 92 48 8d 14 d6 48 8b 12 48 89 11 <48> 8b 72 08 48 8d 7e ff 83 e6 01 48 0f 45 d7 f0 ff 42 34 8b 74 24
[ 9.461768] RSP: 0018:ffffb1488012fbc0 EFLAGS: 00010202
[ 9.463844] RAX: 0000000000010000 RBX: 0000000000010000 RCX: ffff9650349be388
[ 9.466543] RDX: 0000000000000000 RSI: ffff9650bb8c5800 RDI: dead0000000000ff
[ 9.469324] RBP: ffffb1488012fc30 R08: ffff9650349be380 R09: ffff9650349be400
[ 9.471927] R10: ffffe15f47ee7dc0 R11: 0000000000000000 R12: ffffb1488012fc48
[ 9.474760] R13: ffffb1488012fc38 R14: 000000000000000f R15: ffff9650349ec840
[ 9.477481] FS: 0000000000000000(0000) GS:ffff9650ffc00000(0063) knlGS:00000000f7f5bde4
[ 9.480663] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 9.482971] CR2: 0000000000000008 CR3: 00000001fb9fa000 CR4: 00000000000406f0
[ 9.485544] Call Trace:
[ 9.486800] default_file_splice_read+0x95/0x320
[ 9.488665] ? kmem_cache_alloc_trace+0x3b/0x230
[ 9.490528] ? terminate_walk+0xd3/0xf0
[ 9.492053] ? _cond_resched+0x19/0x30
[ 9.493657] ? __inode_security_revalidate+0x73/0x90
[ 9.495440] ? splice_direct_to_actor+0xd6/0x230
[ 9.497362] splice_direct_to_actor+0xd6/0x230
[ 9.499140] ? generic_pipe_buf_nosteal+0x10/0x10
[ 9.501025] do_splice_direct+0x9a/0xd0
[ 9.502757] do_sendfile+0x1c9/0x3d0
[ 9.504228] __ia32_sys_sendfile64+0xaf/0xd0
[ 9.506082] do_fast_syscall_32+0xa9/0x330
[ 9.507980] entry_SYSENTER_compat+0x7f/0x91
[ 9.509722] Modules linked in:
[ 9.511134] CR2: 0000000000000008
[ 9.512616] ---[ end trace 8bec6d03e0029a1e ]---
To reproduce:
# build kernel
cd linux
cp config-5.4.0-rc5-00353-gd60337eff18a3 .config
make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
lkp
Attachments
- config-5.4.0-rc5-00353-gd60337eff18a3 [text/plain] 200562 bytes · preview
- job-script [text/plain] 4764 bytes · preview
- dmesg.xz [application/x-xz] 12820 bytes