Re: [PATCH 1/1] sget_dev() bug fix: dev_t passed by value but stored via stack address

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hello,

kernel test robot noticed "canonical_address#:#[##]" on:

commit: 22170ab79e39d9675bf9aa8d8e08c28759e14533 ("[PATCH 1/1] sget_dev() bug fix: dev_t passed by value but stored via stack address")
url: https://github.com/intel-lab-lkp/linux/commits/John-Groves/sget_dev-bug-fix-dev_t-passed-by-value-but-stored-via-stack-address/20240410-073305
patch link: https://lore.kernel.org/all/7a37d4832e0c2e7cfe8000b0bf47dcc2c50d78d0.1712704849.git.john@xxxxxxxxxx/
patch subject: [PATCH 1/1] sget_dev() bug fix: dev_t passed by value but stored via stack address

in testcase: xfstests
version: xfstests-x86_64-e72e052d-1_20240415
with following parameters:

	disk: 4HDD
	fs: f2fs
	test: generic-group-15



compiler: gcc-13
test machine: 8 threads Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz (Skylake) with 28G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202404171222.628d7c98-oliver.sang@xxxxxxxxx



[   42.142026][ T1384] general protection fault, probably for non-canonical address 0xdffffc0000100000: 0000 [#1] PREEMPT SMP KASAN PTI
[   42.153892][ T1384] KASAN: probably user-memory-access in range [0x0000000000800000-0x0000000000800007]
[   42.163241][ T1384] CPU: 1 PID: 1384 Comm: mount Tainted: G S                 6.9.0-rc3-00001-g22170ab79e39 #1
[   42.173196][ T1384] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016
[ 42.181248][ T1384] RIP: 0010:test_bdev_super (kbuild/src/consumer/fs/super.c:1636 (discriminator 1)) 
[ 42.186453][ T1384] Code: 8d 7b 10 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 04 3c 03 7e 3a 48 b8 00 00 00 00 00 fc ff df 48 89 f2 8b 5b 10 48 c1 ea 03 <0f> b6 14 02 48 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 20 31
All code
========
   0:	8d 7b 10             	lea    0x10(%rbx),%edi
   3:	48 89 fa             	mov    %rdi,%rdx
   6:	48 c1 ea 03          	shr    $0x3,%rdx
   a:	0f b6 04 02          	movzbl (%rdx,%rax,1),%eax
   e:	84 c0                	test   %al,%al
  10:	74 04                	je     0x16
  12:	3c 03                	cmp    $0x3,%al
  14:	7e 3a                	jle    0x50
  16:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  1d:	fc ff df 
  20:	48 89 f2             	mov    %rsi,%rdx
  23:	8b 5b 10             	mov    0x10(%rbx),%ebx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
  2a:*	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx		<-- trapping instruction
  2e:	48 89 f0             	mov    %rsi,%rax
  31:	83 e0 07             	and    $0x7,%eax
  34:	83 c0 03             	add    $0x3,%eax
  37:	38 d0                	cmp    %dl,%al
  39:	7c 04                	jl     0x3f
  3b:	84 d2                	test   %dl,%dl
  3d:	75 20                	jne    0x5f
  3f:	31                   	.byte 0x31

Code starting with the faulting instruction
===========================================
   0:	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx
   4:	48 89 f0             	mov    %rsi,%rax
   7:	83 e0 07             	and    $0x7,%eax
   a:	83 c0 03             	add    $0x3,%eax
   d:	38 d0                	cmp    %dl,%al
   f:	7c 04                	jl     0x15
  11:	84 d2                	test   %dl,%dl
  13:	75 20                	jne    0x35
  15:	31                   	.byte 0x31
[   42.205827][ T1384] RSP: 0018:ffffc90000e1fba8 EFLAGS: 00010206
[   42.211722][ T1384] RAX: dffffc0000000000 RBX: 0000000000800001 RCX: ffffffff83bf0f85
[   42.219517][ T1384] RDX: 0000000000100000 RSI: 0000000000800002 RDI: ffff888161ef1010
[   42.227310][ T1384] RBP: ffffffffc1739580 R08: 0000000000000001 R09: fffff520001c3f6d
[   42.235103][ T1384] R10: 0000000000000003 R11: ffffffff85fecd94 R12: ffffffff81b413b0
[   42.242896][ T1384] R13: ffffffff84b229a0 R14: 0000000000800002 R15: ffff888161ef1000
[   42.250692][ T1384] FS:  00007fed4c83a840(0000) GS:ffff888635080000(0000) knlGS:0000000000000000
[   42.259435][ T1384] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   42.265846][ T1384] CR2: 0000560fcf853018 CR3: 000000074c9ac001 CR4: 00000000003706f0
[   42.273641][ T1384] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   42.281432][ T1384] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   42.289224][ T1384] Call Trace:
[   42.292350][ T1384]  <TASK>
[ 42.295131][ T1384] ? die_addr (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:421 kbuild/src/consumer/arch/x86/kernel/dumpstack.c:460) 
[ 42.299126][ T1384] ? exc_general_protection (kbuild/src/consumer/arch/x86/kernel/traps.c:702 kbuild/src/consumer/arch/x86/kernel/traps.c:644) 
[ 42.304501][ T1384] ? asm_exc_general_protection (kbuild/src/consumer/arch/x86/include/asm/idtentry.h:617) 
[ 42.310049][ T1384] ? __pfx_test_bdev_super (kbuild/src/consumer/fs/super.c:1635) 


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240417/202404171222.628d7c98-oliver.sang@xxxxxxxxx



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux