Kernel crash(block/null_blk) while running blktests (block/10)

Sachin Sant sachinp at linux.ibm.com
Fri Jul 15 22:37:01 AEST 2022


While running blktests[*] (block/10) on a IBM Power server booted with
5.19.0-rc6-next-20220714 following crash is seen:

[ 9089.636612] null_blk: disk nullb30 created
[ 9089.640752] null_blk: disk nullb31 created
[ 9089.640759] null_blk: module loaded
[ 9134.099371] Kernel attempted to read user page (0) - exploit attempt? (uid: 0)
[ 9134.099396] BUG: Kernel NULL pointer dereference on read at 0x00000000
[ 9134.099401] Faulting instruction address: 0xc0080000064b254c
[ 9134.099407] Oops: Kernel access of bad area, sig: 11 [#1]
[ 9134.099411] LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[ 9134.099417] Modules linked in: null_blk(E+) xfs(E) dm_delay(E) overlay(E) dm_thin_pool(E) dm_persistent_data(E) dm_bio_prison(E) dm_flakey(E) dm_snapshot(E) dm_bufio(E) dm_zero(E) loop(E) dm_mod(E) nft_fib_inet(E) nft_fib_ipv4(E) nft_fib_ipv6(E) nft_fib(E) nft_reject_inet(E) nf_reject_ipv4(E) nf_reject_ipv6(E) nft_reject(E) nft_ct(E) nft_chain_nat(E) nf_nat(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) ip_set(E) bonding(E) rfkill(E) tls(E) nf_tables(E) libcrc32c(E) nfnetlink(E) sunrpc(E) pseries_rng(E) vmx_crypto(E) ext4(E) mbcache(E) jbd2(E) sr_mod(E) cdrom(E) sd_mod(E) sg(E) lpfc(E) nvmet_fc(E) nvmet(E) ibmvscsi(E) scsi_transport_srp(E) ibmveth(E) nvme_fc(E) nvme(E) nvme_fabrics(E) nvme_core(E) t10_pi(E) scsi_transport_fc(E) crc64_rocksoft(E) crc64(E) tg3(E) ipmi_devintf(E) ipmi_msghandler(E) fuse(E) [last unloaded: null_blk]
[ 9134.099502] CPU: 26 PID: 2910448 Comm: modprobe Tainted: G            E      5.19.0-rc6-next-20220714 #2
[ 9134.099510] NIP:  c0080000064b254c LR: c0080000064b907c CTR: c0080000064b8e80
[ 9134.099515] REGS: c000000091573600 TRAP: 0300   Tainted: G            E       (5.19.0-rc6-next-20220714)
[ 9134.099520] MSR:  8000000002009033 <SF,VEC,EE,ME,IR,DR,RI,LE>  CR: 24222424  XER: 00000000
[ 9134.099534] CFAR: c00000000000c9dc DAR: 0000000000000000 DSISR: 40000000 IRQMASK: 0 
[ 9134.099534] GPR00: c0080000064b907c c0000000915738a0 c0080000064e8100 0000000000000000 
[ 9134.099534] GPR04: c0080000064e18e0 0000000000000cc0 0000000000000040 ffffffffffffffff 
[ 9134.099534] GPR08: 0000000000000058 0000000000000001 0000000000000001 00000000000168a9 
[ 9134.099534] GPR12: c0080000064b8e80 c00000001ec20700 c000000091573d00 000001000c370950 
[ 9134.099534] GPR16: 000000000000ff20 c008000006243060 c008000006240000 0000000000003078 
[ 9134.099534] GPR20: 0000000000000001 c000000091573bc0 c0080000064e1488 0000000000000000 
[ 9134.099534] GPR24: 0000000000000000 c000000002960e40 c000000002960e70 c0080000064e1480 
[ 9134.099534] GPR28: 0000000000000000 ffffffffffffffff c0080000064e1880 c0080000064e02a8 
[ 9134.099598] NIP [c0080000064b254c] null_init_tag_set+0x74/0x180 [null_blk]
[ 9134.099610] LR [c0080000064b907c] null_init+0x1fc/0x354 [null_blk]
[ 9134.099619] Call Trace:
[ 9134.099622] [c0000000915738a0] [c0000000915738e0] 0xc0000000915738e0 (unreliable)
[ 9134.099630] [c0000000915738c0] [c0080000064b907c] null_init+0x1fc/0x354 [null_blk]
[ 9134.099640] [c000000091573960] [c000000000011ff4] do_one_initcall+0x64/0x300
[ 9134.099650] [c000000091573a30] [c0000000002365bc] do_init_module+0x6c/0x2d0
[ 9134.099659] [c000000091573ab0] [c000000000239a54] load_module+0x1ed4/0x2290
[ 9134.099667] [c000000091573c90] [c00000000023a170] __do_sys_finit_module+0xe0/0x180
[ 9134.099675] [c000000091573db0] [c000000000032e7c] system_call_exception+0x17c/0x350
[ 9134.099683] [c000000091573e10] [c00000000000c53c] system_call_common+0xec/0x270
[ 9134.099692] --- interrupt: c00 at 0x7fffa0edf164
[ 9134.099696] NIP:  00007fffa0edf164 LR: 00000001212e04fc CTR: 0000000000000000
[ 9134.099701] REGS: c000000091573e80 TRAP: 0c00   Tainted: G            E       (5.19.0-rc6-next-20220714)
[ 9134.099706] MSR:  800000000000f033 <SF,EE,PR,FP,ME,IR,DR,RI,LE>  CR: 28222244  XER: 00000000
[ 9134.099720] IRQMASK: 0 
[ 9134.099720] GPR00: 0000000000000161 00007fffe62a6870 00007fffa0fb7300 0000000000000003 
[ 9134.099720] GPR04: 000001000c370ec0 0000000000000000 0000000000000003 0000000000000000 
[ 9134.099720] GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 
[ 9134.099720] GPR12: 0000000000000000 00007fffa14bca50 0000000000040000 000001000c370950 
[ 9134.099720] GPR16: 000001000c370950 0000000000000020 000001000c370950 0000000000000000 
[ 9134.099720] GPR20: 0000000000000000 000000000000003a 000001000c370cb0 000000000000003a 
[ 9134.099720] GPR24: 00000001212eb068 000001000c370950 0000000000000000 000001000c370dc0 
[ 9134.099720] GPR28: 000001000c370ec0 0000000000040000 0000000000000000 000001000c370cb0 
[ 9134.099779] NIP [00007fffa0edf164] 0x7fffa0edf164
[ 9134.099783] LR [00000001212e04fc] 0x1212e04fc
[ 9134.099787] --- interrupt: c00
[ 9134.099790] Instruction dump:
[ 9134.099793] 7d0907b4 2ea90000 409600ec 814a0150 91440044 e9430000 e8ea013e 39000058 
[ 9134.099804] 39400001 90e40050 9104004c 91440058 <e9030000> 89480163 2f8a0000 419e0010 
[ 9134.099817] ---[ end trace 0000000000000000 ]---
[ 9134.116174] 
[ 9135.116180] Kernel panic - not syncing: Fatal exception

This regression was introduced in 5.19.0-rc6-next-20220713, next-20220712
build was good.

Git bisect leads me to following patch -

commit 37ae152c7a0d
     null_blk: add configfs variables for 2 options

Reverting this patch allows me to run the blktests to completion.

- Sachin

[*] -> https://github.com/osandov/blktests/


More information about the Linuxppc-dev mailing list