BUG: kernel NULL pointer dereference, address: RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750
While running LTP fs on qemu x86 and qemu_i386 these kernel BUGs noticed.
metadata: git branch: master git repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next git commit: f965d3ec86fa89285db0fbb983da76ba9c398efa git describe: next-20200914 make_kernelversion: 5.9.0-rc5 kernel-config: https://builds.tuxbuild.com/g15vEMQfzQXPX_7pG6QPpQ/kernel.config
Steps to reproduce: # boot qemu x86_64 with linux next 20200914 tag kernel # cd /opt/ltp # ./runltp -f fs
kernel BUG on x86_64,
[ 528.439815] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 528.440734] #PF: supervisor read access in kernel mode [ 528.440775] #PF: error_code(0x0000) - not-present page [ 528.440775] PGD 138d1a067 P4D 138d1a067 PUD 139eff067 PMD 0 [ 528.440775] Oops: 0000 [#1] SMP NOPTI [ 528.440775] CPU: 3 PID: 723 Comm: growfiles Not tainted 5.9.0-rc5-next-20200914 #1 [ 528.440775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 528.440775] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.440775] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.440775] RSP: 0018:ffffafb301097b70 EFLAGS: 00010246 [ 528.440775] RAX: 0000000000000000 RBX: ffff934df9e5ce30 RCX: 0000000000000000 [ 528.440775] RDX: 0000000000000039 RSI: ffff934de5c09240 RDI: 0000000000000000 [ 528.440775] RBP: ffffafb301097c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.440775] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000039 [ 528.440775] R13: ffffafb301097c70 R14: 0000000000000000 R15: ffff934df9e5cfa8 [ 528.440775] FS: 00007fe4cb7b8740(0000) GS:ffff934dfbd80000(0000) knlGS:0000000000000000 [ 528.440775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.440775] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506e0 [ 528.440775] Call Trace: [ 528.440775] ? release_pages+0x2e6/0x350 [ 528.440775] shmem_undo_range+0x39b/0x7c0 [ 528.440775] shmem_truncate_range+0x14/0x40 [ 528.440775] shmem_setattr+0x265/0x2b0 [ 528.440775] notify_change+0x348/0x4c0 [ 528.440775] do_truncate+0x78/0xd0 [ 528.440775] ? do_truncate+0x78/0xd0 [ 528.440775] do_sys_ftruncate+0xf0/0x1a0 [ 528.440775] __x64_sys_ftruncate+0x1b/0x20 [ 528.440775] do_syscall_64+0x38/0x50 [ 528.440775] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.440775] RIP: 0033:0x7fe4caeb0a17 [ 528.440775] Code: 77 01 c3 48 8b 15 81 14 2c 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 51 14 2c 00 f7 d8 64 89 02 b8 [ 528.440775] RSP: 002b:00007fff37fb9578 EFLAGS: 00000202 ORIG_RAX: 000000000000004d [ 528.440775] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe4caeb0a17 [ 528.440775] RDX: 00000000000397ad RSI: 00000000000399ad RDI: 0000000000000006 [ 528.440775] RBP: 0000000000000006 R08: 00000005deece66d R09: 00007fe4caef6930 [ 528.440775] R10: 6d20736574796220 R11: 0000000000000202 R12: 0000000000001000 [ 528.440775] R13: 000000000004bcb7 R14: 00000000000399ad R15: 0000000000000042 [ 528.440775] Modules linked in: [ 528.440775] CR2: 0000000000000020 [ 528.440775] ---[ end trace a5ebcc25e2e2a58e ]--- [ 528.440775] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.440775] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.440775] RSP: 0018:ffffafb301097b70 EFLAGS: 00010246 [ 528.440775] RAX: 0000000000000000 RBX: ffff934df9e5ce30 RCX: 0000000000000000 [ 528.440775] RDX: 0000000000000039 RSI: ffff934de5c09240 RDI: 0000000000000000 [ 528.440775] RBP: ffffafb301097c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.440775] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000039 [ 528.440775] R13: ffffafb301097c70 R14: 0000000000000000 R15: ffff934df9e5cfa8 [ 528.440775] FS: 00007fe4cb7b8740(0000) GS:ffff934dfbd80000(0000) knlGS:0000000000000000 [ 528.440775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.440775] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506e0 gf21 1 TPASS : Test passed gf22 1 TPASS : Test passed [ 528.520376] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 528.520793] #PF: supervisor read access in kernel mode [ 528.520793] #PF: error_code(0x0000) - not-present page [ 528.520793] PGD 13365c067 P4D 13365c067 PUD 139768067 PMD 0 [ 528.520793] Oops: 0000 [#2] SMP NOPTI [ 528.520793] CPU: 1 PID: 726 Comm: growfiles Tainted: G D 5.9.0-rc5-next-20200914 #1 [ 528.520793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 528.520793] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.520793] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.520793] RSP: 0018:ffffafb30109fb70 EFLAGS: 00010246 [ 528.520793] RAX: 0000000000000000 RBX: ffff934df8f453b0 RCX: 0000000000000000 [ 528.520793] RDX: 0000000000000000 RSI: 0000000000000051 RDI: 0000000000000000 [ 528.520793] RBP: ffffafb30109fc10 R08: 0000000000100cca R09: 0000000000000000 [ 528.520793] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000051 [ 528.520793] R13: ffffafb30109fc70 R14: 0000000000000000 R15: ffff934df8f45528 [ 528.520793] FS: 00007fb165faf740(0000) GS:ffff934dfbc80000(0000) knlGS:0000000000000000 [ 528.520793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.520793] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506e0 [ 528.520793] Call Trace: [ 528.520793] ? release_pages+0x2e6/0x350 [ 528.520793] shmem_undo_range+0x39b/0x7c0 [ 528.520793] ? _cond_resched+0x19/0x30 [ 528.520793] ? find_lock_entry+0x30/0xa0 [ 528.520793] ? avc_has_perm+0xca/0x1f0 [ 528.520793] ? _cond_resched+0x19/0x30 [ 528.520793] ? down_write+0x13/0x50 [ 528.520793] ? unmap_mapping_pages+0x60/0x130 [ 528.520793] shmem_truncate_range+0x14/0x40 [ 528.520793] shmem_setattr+0x265/0x2b0 [ 528.520793] notify_change+0x348/0x4c0 [ 528.520793] do_truncate+0x78/0xd0 [ 528.520793] ? do_truncate+0x78/0xd0 [ 528.520793] do_sys_ftruncate+0xf0/0x1a0 [ 528.520793] __x64_sys_ftruncate+0x1b/0x20 [ 528.520793] do_syscall_64+0x38/0x50 [ 528.520793] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.520793] RIP: 0033:0x7fb1656a7a17 [ 528.520793] Code: 77 01 c3 48 8b 15 81 14 2c 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 51 14 2c 00 f7 d8 64 89 02 b8 [ 528.520793] RSP: 002b:00007fff5da67b18 EFLAGS: 00000206 ORIG_RAX: 000000000000004d [ 528.520793] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb1656a7a17 [ 528.520793] RDX: 0000000000051745 RSI: 0000000000051746 RDI: 0000000000000006 [ 528.520793] RBP: 0000000000000006 R08: 00000005deece66d R09: 00007fb1656ed930 [ 528.520793] R10: 00000000000000bb R11: 0000000000000206 R12: 0000000000001000 [ 528.520793] R13: 00000000000615d4 R14: 0000000000051746 R15: 0000000000000042 [ 528.520793] Modules linked in: [ 528.520793] CR2: 0000000000000020 [ 528.520793] ---[ end trace a5ebcc25e2e2a58f ]--- [ 528.520793] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.520793] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.520793] RSP: 0018:ffffafb301097b70 EFLAGS: 00010246 [ 528.520793] RAX: 0000000000000000 RBX: ffff934df9e5ce30 RCX: 0000000000000000 [ 528.520793] RDX: 0000000000000039 RSI: ffff934de5c09240 RDI: 0000000000000000 [ 528.520793] RBP: ffffafb301097c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.520793] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000039 [ 528.520793] R13: ffffafb301097c70 R14: 0000000000000000 R15: ffff934df9e5cfa8 [ 528.520793] FS: 00007fb165faf740(0000) GS:ffff934dfbc80000(0000) knlGS:0000000000000000 [ 528.520793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.520793] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506e0 gf24 1 TPASS : Test passed [ 528.625925] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 528.626774] #PF: supervisor read access in kernel mode [ 528.626774] #PF: error_code(0x0000) - not-present page [ 528.626774] PGD 138d7b067 P4D 138d7b067 PUD 133421067 PMD 0 [ 528.626774] Oops: 0000 [#3] SMP NOPTI [ 528.626774] CPU: 0 PID: 728 Comm: growfiles Tainted: G D 5.9.0-rc5-next-20200914 #1 [ 528.626774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 528.626774] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.626774] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.626774] RSP: 0018:ffffafb3010afb70 EFLAGS: 00010246 [ 528.626774] RAX: 0000000000000000 RBX: ffff934df3fc3770 RCX: 0000000000000000 [ 528.626774] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000000 [ 528.626774] RBP: ffffafb3010afc10 R08: 0000000000100cca R09: 0000000000000000 [ 528.626774] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000006 [ 528.626774] R13: ffffafb3010afc70 R14: 0000000000000000 R15: ffff934df3fc38e8 [ 528.626774] FS: 00007f32510fa740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.626774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.626774] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506f0 [ 528.626774] Call Trace: [ 528.626774] ? release_pages+0x2e6/0x350 [ 528.626774] shmem_undo_range+0x39b/0x7c0 [ 528.626774] ? memcg_check_events+0xb0/0x1c0 [ 528.626774] shmem_truncate_range+0x14/0x40 [ 528.626774] shmem_setattr+0x265/0x2b0 [ 528.626774] notify_change+0x348/0x4c0 [ 528.626774] do_truncate+0x78/0xd0 [ 528.626774] ? do_truncate+0x78/0xd0 [ 528.626774] do_sys_ftruncate+0xf0/0x1a0 [ 528.626774] __x64_sys_ftruncate+0x1b/0x20 [ 528.626774] do_syscall_64+0x38/0x50 [ 528.626774] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.626774] RIP: 0033:0x7f32507f2a17 [ 528.626774] Code: 77 01 c3 48 8b 15 81 14 2c 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 51 14 2c 00 f7 d8 64 89 02 b8 [ 528.626774] RSP: 002b:00007ffc9eb08088 EFLAGS: 00000206 ORIG_RAX: 000000000000004d [ 528.626774] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f32507f2a17 [ 528.626774] RDX: 00000000000054f8 RSI: 00000000000064f7 RDI: 0000000000000006 [ 528.626774] RBP: 0000000000000006 R08: 00000005deece66d R09: 00007f3250838930 [ 528.626774] R10: 00000000000000bb R11: 0000000000000206 R12: 0000000000001000 [ 528.626774] R13: 000000000030a253 R14: 00000000000064f7 R15: 0000000000000042 [ 528.626774] Modules linked in: [ 528.626774] CR2: 0000000000000020 [ 528.626774] ---[ end trace a5ebcc25e2e2a590 ]--- [ 528.626774] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.626774] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.626774] RSP: 0018:ffffafb301097b70 EFLAGS: 00010246 [ 528.626774] RAX: 0000000000000000 RBX: ffff934df9e5ce30 RCX: 0000000000000000 [ 528.626774] RDX: 0000000000000039 RSI: ffff934de5c09240 RDI: 0000000000000000 [ 528.626774] RBP: ffffafb301097c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.626774] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000039 [ 528.626774] R13: ffffafb301097c70 R14: 0000000000000000 R15: ffff934df9e5cfa8 [ 528.626774] FS: 00007f32510fa740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.626774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.626774] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506f0 [ 528.672531] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 528.672783] #PF: supervisor read access in kernel mode [ 528.672783] #PF: error_code(0x0000) - not-present page [ 528.672783] PGD 133c9a067 P4D 133c9a067 PUD 1334b1067 PMD 0 [ 528.672783] Oops: 0000 [#4] SMP NOPTI [ 528.672783] CPU: 0 PID: 729 Comm: growfiles Tainted: G D 5.9.0-rc5-next-20200914 #1 [ 528.672783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 528.672783] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.672783] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.672783] RSP: 0018:ffffafb3010b7b70 EFLAGS: 00010246 [ 528.672783] RAX: 0000000000000000 RBX: ffff934df3fc29b0 RCX: 0000000000000000 [ 528.672783] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 528.672783] RBP: ffffafb3010b7c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.672783] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000001 [ 528.672783] R13: ffffafb3010b7c70 R14: 0000000000000000 R15: ffff934df3fc2b28 [ 528.672783] FS: 00007f525e976740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.672783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.672783] CR2: 0000000000000020 CR3: 0000000139e94000 CR4: 00000000003506f0 [ 528.672783] Call Trace: [ 528.672783] ? release_pages+0x2e6/0x350 [ 528.672783] shmem_undo_range+0x39b/0x7c0 [ 528.672783] shmem_truncate_range+0x14/0x40 [ 528.672783] shmem_setattr+0x265/0x2b0 [ 528.672783] notify_change+0x348/0x4c0 [ 528.672783] do_truncate+0x78/0xd0 [ 528.672783] ? do_truncate+0x78/0xd0 [ 528.672783] do_sys_ftruncate+0xf0/0x1a0 [ 528.672783] __x64_sys_ftruncate+0x1b/0x20 [ 528.672783] do_syscall_64+0x38/0x50 [ 528.672783] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.672783] RIP: 0033:0x7f525e06ea17 [ 528.672783] Code: 77 01 c3 48 8b 15 81 14 2c 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 51 14 2c 00 f7 d8 64 89 02 b8 [ 528.672783] RSP: 002b:00007ffd407309c8 EFLAGS: 00000206 ORIG_RAX: 000000000000004d [ 528.672783] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f525e06ea17 [ 528.672783] RDX: 0000000000000f99 RSI: 0000000000001199 RDI: 0000000000000006 [ 528.672783] RBP: 0000000000000006 R08: 00000005deece66d R09: 00007f525e0b4930 [ 528.672783] R10: 6d20736574796220 R11: 0000000000000206 R12: 0000000000001000 [ 528.672783] R13: 0000000000013371 R14: 0000000000001199 R15: 0000000000000042 [ 528.672783] Modules linked in: [ 528.672783] CR2: 0000000000000020 [ 528.672783] ---[ end trace a5ebcc25e2e2a591 ]--- [ 528.672783] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.672783] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.672783] RSP: 0018:ffffafb301097b70 EFLAGS: 00010246 [ 528.672783] RAX: 0000000000000000 RBX: ffff934df9e5ce30 RCX: 0000000000000000 [ 528.672783] RDX: 0000000000000039 RSI: ffff934de5c09240 RDI: 0000000000000000 [ 528.672783] RBP: ffffafb301097c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.672783] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000039 [ 528.672783] R13: ffffafb301097c70 R14: 0000000000000000 R15: ffff934df9e5cfa8 [ 528.672783] FS: 00007f525e976740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.672783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.672783] CR2: 0000000000000020 CR3: 0000000139e94000 CR4: 00000000003506f0 [ 528.722527] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 528.722791] #PF: supervisor read access in kernel mode [ 528.722791] #PF: error_code(0x0000) - not-present page [ 528.722791] PGD 133c61067 P4D 133c61067 PUD 13aa06067 PMD 0 [ 528.722791] Oops: 0000 [#5] SMP NOPTI [ 528.722791] CPU: 0 PID: 730 Comm: growfiles Tainted: G D 5.9.0-rc5-next-20200914 #1 [ 528.722791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 528.722791] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.722791] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.722791] RSP: 0018:ffffafb3010bfce8 EFLAGS: 00010246 [ 528.722791] RAX: 0000000000000000 RBX: ffff934df3fc34b0 RCX: 0000000000000000 [ 528.722791] RDX: 0000000000000000 RSI: ffff934df7bf9918 RDI: 0000000000000000 [ 528.722791] RBP: ffffafb3010bfd88 R08: 0000000000100cca R09: 0000000000000000 [ 528.722791] R10: ffffafb3010bfe68 R11: 0000000000000000 R12: 0000000000000000 [ 528.722791] R13: ffff934df3fc34b0 R14: 0000000000000000 R15: ffff934df3fc3628 [ 528.722791] FS: 00007f5769397740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.722791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.722791] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506f0 [ 528.722791] Call Trace: [ 528.722791] ? avc_has_perm+0xca/0x1f0 [ 528.722791] shmem_file_read_iter+0xf7/0x380 [ 528.722791] new_sync_read+0x110/0x1a0 [ 528.722791] vfs_read+0x154/0x1b0 [ 528.722791] ksys_read+0x67/0xe0 [ 528.722791] __x64_sys_read+0x1a/0x20 [ 528.722791] do_syscall_64+0x38/0x50 [ 528.722791] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.722791] RIP: 0033:0x7f5768d6756e [ 528.722791] Code: 8a 20 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 8b 05 7a ce 20 00 85 c0 75 16 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 41 54 49 89 [ 528.722791] RSP: 002b:00007ffdd45b2328 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 528.722791] RAX: ffffffffffffffda RBX: 0000000000008000 RCX: 00007f5768d6756e [ 528.722791] RDX: 0000000000008000 RSI: 0000000002320270 RDI: 0000000000000006 [ 528.722791] RBP: 0000000000000006 R08: 0000000000000005 R09: 00007ffdd45b20d3 [ 528.722791] R10: 000000000000006f R11: 0000000000000246 R12: 0000000002320270 [ 528.722791] R13: 0000000000008000 R14: 0000000000000000 R15: 0000000000000000 [ 528.722791] Modules linked in: [ 528.722791] CR2: 0000000000000020 [ 528.722791] ---[ end trace a5ebcc25e2e2a592 ]--- [ 528.722791] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.722791] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.722791] RSP: 0018:ffffafb301097b70 EFLAGS: 00010246 [ 528.722791] RAX: 0000000000000000 RBX: ffff934df9e5ce30 RCX: 0000000000000000 [ 528.722791] RDX: 0000000000000039 RSI: ffff934de5c09240 RDI: 0000000000000000 [ 528.722791] RBP: ffffafb301097c10 R08: 0000000000100cca R09: 0000000000000000 [ 528.722791] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000039 [ 528.722791] R13: ffffafb301097c70 R14: 0000000000000000 R15: ffff934df9e5cfa8 [ 528.722791] FS: 00007f5769397740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.722791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.722791] CR2: 0000000000000020 CR3: 000000013363c000 CR4: 00000000003506f0 [ 528.776714] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 528.776789] #PF: supervisor read access in kernel mode [ 528.776789] #PF: error_code(0x0000) - not-present page [ 528.776789] PGD 133dc8067 P4D 133dc8067 PUD 138f87067 PMD 0 [ 528.776789] Oops: 0000 [#6] SMP NOPTI [ 528.776789] CPU: 0 PID: 731 Comm: growfiles Tainted: G D 5.9.0-rc5-next-20200914 #1 [ 528.776789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 528.776789] RIP: 0010:shmem_getpage_gfp.isra.0+0x470/0x750 [ 528.776789] Code: f6 0f 85 e6 fd ff ff e8 2e f3 fd ff 48 8b 7d c8 48 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa f0 ff 4f 34 0f 84 ff 01 00 00 31 ff <4c> 2b 67 20 48 8b 85 70 ff ff ff 45 31 c0 49 c1 e4 06 4c 01 e7 48 [ 528.776789] RSP: 0018:ffffafb3010c7ce8 EFLAGS: 00010246 [ 528.776789] RAX: 0000000000000000 RBX: ffff934df3fc3cf0 RCX: 0000000000000000 [ 528.776789] RDX: 0000000000000000 RSI: ffff934df7bf9ff0 RDI: 0000000000000000 [ 528.776789] RBP: ffffafb3010c7d88 R08: 0000000000100cca R09: 0000000000000000 [ 528.776789] R10: ffffafb3010c7e68 R11: 0000000000000000 R12: 0000000000000000 [ 528.776789] R13: ffff934df3fc3cf0 R14: 0000000000000000 R15: ffff934df3fc3e68 [ 528.776789] FS: 00007fd47a493740(0000) GS:ffff934dfbc00000(0000) knlGS:0000000000000000 [ 528.776789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 528.776789] CR2: 0000000000000020 CR3: 0000000139f5e000 CR4: 00000000003506f0 [ 528.776789] Call Trace: [ 528.776789] ? avc_has_perm+0xca/0x1f0 [ 528.776789] shmem_file_read_iter+0xf7/0x380 [ 528.776789] new_sync_read+0x110/0x1a0 [ 528.776789] vfs_read+0x154/0x1b0 [ 528.776789] ksys_read+0x67/0xe0 [ 528.776789] __x64_sys_read+0x1a/0x20 [ 528.776789] do_syscall_64+0x38/0x50 [ 528.776789] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 528.776789] RIP: 0033:0x7fd479e6356e [ 528.776789] Code: 8a 20 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 8b 05 7a ce 20 00 85 c0 75 16 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 41 54 49 89 [ 528.776789] RSP: 002b:00007ffd1c581e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 528.776789] RAX: ffffffffffffffda RBX: 0000000000010000 RCX: 00007fd479e6356e [ 528.776789] RDX: 0000000000010000 RSI: 0000000001931270 RDI: 0000000000000006 [ 528.776789] RBP: 0000000000000006 R08: 0000000000000005 R09: 00007ffd1c581c03 [ 528.776789] R10: 000000000000006f R11: 0000000000000246 R12: 0000000001931270 [ 528.776789] R13: 0000000000010000 R14: 0000000000000000 R15: 0000000000000000 [ 528.776789] Modules linked in: [ 528.776789] CR2: 0000000000000020 [ 528.776789] ---[ end trace a5ebcc25e2e2a593 ]---
i386 log: ------------ [ 75.900706] BUG: kernel NULL pointer dereference, address: 00000010 [ 75.900969] #PF: supervisor read access in kernel mode [ 75.900969] #PF: error_code(0x0000) - not-present page [ 75.900969] *pde = 00000000 [ 75.900969] Oops: 0000 [#1] SMP [ 75.900969] CPU: 0 PID: 10104 Comm: fsx-linux Not tainted 5.9.0-rc5-next-20200914 #1 [ 75.900969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 75.900969] EIP: shmem_getpage_gfp.isra.0+0x39e/0x7c0 [ 75.900969] Code: d2 0f 85 b4 00 00 00 e8 90 23 fe ff 8b 45 ec 8b 50 04 8d 4a ff 83 e2 01 0f 45 c1 f0 ff 48 1c 0f 84 7f 03 00 00 31 c0 8b 55 e4 <2b> 50 10 31 db 8b 7d b0 8d 14 92 8d 04 d0 89 07 e9 ed 01 00 00 8d [ 75.900969] EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 0000000c [ 75.900969] ESI: f3868c78 EDI: f2c57180 EBP: f2e61e90 ESP: f2e61e38 [ 75.900969] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246 [ 75.900969] CR0: 80050033 CR2: 00000010 CR3: 33994000 CR4: 003506d0 [ 75.900969] Call Trace: [ 75.900969] shmem_file_read_iter+0xd8/0x2d0 [ 75.900969] vfs_read+0x1be/0x320 [ 75.900969] ksys_read+0x58/0xd0 [ 75.900969] __ia32_sys_read+0x15/0x20 [ 75.900969] __do_fast_syscall_32+0x45/0x80 [ 75.900969] do_fast_syscall_32+0x29/0x60 [ 75.900969] do_SYSENTER_32+0x15/0x20 [ 75.900969] entry_SYSENTER_32+0x9f/0xf2 [ 75.900969] EIP: 0xb7f6f549 [ 75.900969] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76 [ 75.900969] EAX: ffffffda EBX: 00000006 ECX: 085df2d0 EDX: 0000f0c4 [ 75.900969] ESI: 0000f0c4 EDI: bfa07aa8 EBP: 085df160 ESP: bfa07a50 [ 75.900969] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000246 [ 75.900969] Modules linked in: [ 75.900969] CR2: 0000000000000010 [ 75.900969] ---[ end trace 3b0d162207b86ec2 ]--- [ 75.900969] EIP: shmem_getpage_gfp.isra.0+0x39e/0x7c0 [ 75.900969] Code: d2 0f 85 b4 00 00 00 e8 90 23 fe ff 8b 45 ec 8b 50 04 8d 4a ff 83 e2 01 0f 45 c1 f0 ff 48 1c 0f 84 7f 03 00 00 31 c0 8b 55 e4 <2b> 50 10 31 db 8b 7d b0 8d 14 92 8d 04 d0 89 07 e9 ed 01 00 00 8d [ 75.900969] EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 0000000c [ 75.900969] ESI: f3868c78 EDI: f2c57180 EBP: f2e61e90 ESP: f2e61e38 [ 75.900969] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246 [ 75.900969] CR0: 80050033 CR2: 00000010 CR3: 33994000 CR4: 003506d0
x86_64 full test log, https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20200914/tes...
i386 full test log, https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20200914/tes...
On Mon, Sep 14, 2020 at 03:49:43PM +0530, Naresh Kamboju wrote:
While running LTP fs on qemu x86 and qemu_i386 these kernel BUGs noticed.
I actually sent the fix for this a couple of days ago [1], but I think Andrew overlooked it while constructing the -mm tree. Here's a fix you can apply to the -mm tree:
[1] https://lore.kernel.org/linux-mm/20200912032042.GA6583@casper.infradead.org/
diff --git a/mm/shmem.c b/mm/shmem.c index d2a46ef7df43..58bc9e326d0d 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1793,7 +1793,7 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, struct mm_struct *charge_mm; struct page *page; enum sgp_type sgp_huge = sgp; - pgoff_t hindex; + pgoff_t hindex = index; int error; int once = 0; int alloced = 0; @@ -1822,6 +1822,8 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, return error; }
+ if (page) + hindex = page->index; if (page && sgp == SGP_WRITE) mark_page_accessed(page);
@@ -1832,6 +1834,7 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, unlock_page(page); put_page(page); page = NULL; + hindex = index; } if (page || sgp == SGP_READ) goto out; @@ -1982,7 +1985,7 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, goto unlock; } out: - *pagep = page + index - page->index; + *pagep = page + index - hindex; return 0;
/*
Hi all,
On Mon, 14 Sep 2020 12:55:59 +0100 Matthew Wilcox willy@infradead.org wrote:
On Mon, Sep 14, 2020 at 03:49:43PM +0530, Naresh Kamboju wrote:
While running LTP fs on qemu x86 and qemu_i386 these kernel BUGs noticed.
I actually sent the fix for this a couple of days ago [1], but I think Andrew overlooked it while constructing the -mm tree. Here's a fix you can apply to the -mm tree:
[1] https://lore.kernel.org/linux-mm/20200912032042.GA6583@casper.infradead.org/
diff --git a/mm/shmem.c b/mm/shmem.c index d2a46ef7df43..58bc9e326d0d 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1793,7 +1793,7 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, struct mm_struct *charge_mm; struct page *page; enum sgp_type sgp_huge = sgp;
- pgoff_t hindex;
- pgoff_t hindex = index; int error; int once = 0; int alloced = 0;
@@ -1822,6 +1822,8 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, return error; }
- if (page)
hindex = page->index;@@ -1832,6 +1834,7 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, unlock_page(page); put_page(page); page = NULL;
hindex = index;@@ -1982,7 +1985,7 @@ static int shmem_getpage_gfp(struct inode *inode, pgoff_t index, goto unlock; } out:
- *pagep = page + index - page->index;
- *pagep = page + index - hindex; return 0;
/*
I have applied that to linux-next today.
On Tue, Sep 15, 2020 at 04:52:43PM +1000, Stephen Rothwell wrote:
I have applied that to linux-next today.
Thanks! Can you also pick up these two:
https://lore.kernel.org/linux-mm/20200914112738.GM6583@casper.infradead.org/ https://lore.kernel.org/linux-mm/20200914165032.GS6583@casper.infradead.org/
Hi all,
On Tue, 15 Sep 2020 14:10:48 +0100 Matthew Wilcox willy@infradead.org wrote:
On Tue, Sep 15, 2020 at 04:52:43PM +1000, Stephen Rothwell wrote:
I have applied that to linux-next today.
Thanks! Can you also pick up these two:
https://lore.kernel.org/linux-mm/20200914112738.GM6583@casper.infradead.org/ https://lore.kernel.org/linux-mm/20200914165032.GS6583@casper.infradead.org/
I have added both those to linux-next today.
-
Matthew Wilcox -
Naresh Kamboju -
Stephen Rothwell