Dear Song Liu,
my kernel (5.17-rc2) experiences a NULL pointer dereference when
activating an LDM (Windows Logical Disk Manager) on Arch Linux using
ldmtool [1]. I have attached the relevant excerpt of dmesg. This bug
causes my LDM RAID to fail activating (see ldmtool-status.txt and
lsblk.txt). Since this worked fine with 5.16 I bisected the kernel and
found, that commit f51d46d0e7cb5b8494aa534d276a9d8915a2443d [2]
introduced the issue.
I'm not sure what else to add, if there's more information I can
provide, please tell me. Otherwise I'll happily assist in fixing this
issue - if there's something I can do.
Best Regards,
Leon
[1] https://github.com/mdbooth/libldm
[2]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f51d46d0e7cb5b8494aa534d276a9d8915a2443d
$ systemctl status ldmtool.service
× ldmtool.service - Windows Dynamic Disk Mount
Loaded: loaded (/usr/lib/systemd/system/ldmtool.service; enabled; vendor preset: disabled)
Active: failed (Result: signal) since Tue 2022-02-01 17:48:17 CET; 42s ago
Process: 484 ExecStart=/usr/bin/ldmtool create all (code=killed, signal=KILL)
Main PID: 484 (code=killed, signal=KILL)
CPU: 216ms
Feb 01 17:48:17 benziuminator systemd[1]: ldmtool.service: Main process exited, code=killed, status=9/KILL
Feb 01 17:48:17 benziuminator systemd[1]: ldmtool.service: Failed with result 'signal'.[ 15.123761] device-mapper: raid: Loading target version 1.15.1
[ 15.124185] device-mapper: raid: Ignoring chunk size parameter for RAID 1
[ 15.124192] device-mapper: raid: Choosing default region size of 4MiB
[ 15.129524] BUG: kernel NULL pointer dereference, address: 0000000000000060
[ 15.129530] #PF: supervisor write access in kernel mode
[ 15.129533] #PF: error_code(0x0002) - not-present page
[ 15.129535] PGD 0 P4D 0
[ 15.129538] Oops: 0002 [#1] PREEMPT SMP NOPTI
[ 15.129541] CPU: 5 PID: 494 Comm: ldmtool Not tainted 5.17.0-rc2-1-mainline #1 9fe89d43dfcb215d2731e6f8851740520778615e
[ 15.129546] Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS ELITE/X570 AORUS ELITE, BIOS F36e 10/14/2021
[ 15.129549] RIP: 0010:blk_queue_flag_set+0x7/0x20
[ 15.129555] Code: 00 00 00 0f 1f 44 00 00 48 8b 35 e4 e0 04 02 48 8d 57 28 bf 40 01 00 00 e9 16 c1 be ff 66 0f 1f 44 00 00 0f 1f 44 00 00 89 ff <f0> 48 0f ab 7e 60 31 f6 89 f7 c3 66 66 2e 0f 1f 84 00 00 00 00 00
[ 15.129559] RSP: 0018:ffff966b81987a88 EFLAGS: 00010202
[ 15.129562] RAX: ffff8b11c363a0d0 RBX: ffff8b11e294b070 RCX: 0000000000000000
[ 15.129564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001d
[ 15.129566] RBP: ffff8b11e294b058 R08: 0000000000000000 R09: 0000000000000000
[ 15.129568] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8b11e294b070
[ 15.129570] R13: 0000000000000000 R14: ffff8b11e294b000 R15: 0000000000000001
[ 15.129572] FS: 00007fa96e826780(0000) GS:ffff8b18deb40000(0000) knlGS:0000000000000000
[ 15.129575] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.129577] CR2: 0000000000000060 CR3: 000000010b8ce000 CR4: 00000000003506e0
[ 15.129580] Call Trace:
[ 15.129582] <TASK>
[ 15.129584] md_run+0x67c/0xc70 [md_mod 1e470c1b6bcf1114198109f42682f5a2740e9531]
[ 15.129597] raid_ctr+0x134a/0x28ea [dm_raid 6a645dd7519e72834bd7e98c23497eeade14cd63]
[ 15.129604] ? dm_split_args+0x63/0x150 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[ 15.129615] dm_table_add_target+0x188/0x380 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[ 15.129625] table_load+0x13b/0x370 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[ 15.129635] ? dev_suspend+0x2d0/0x2d0 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[ 15.129644] ctl_ioctl+0x1bd/0x460 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[ 15.129655] dm_ctl_ioctl+0xa/0x20 [dm_mod 0d7b0bc3414340a79c4553bae5ca97294b78336e]
[ 15.129663] __x64_sys_ioctl+0x8e/0xd0
[ 15.129667] do_syscall_64+0x5c/0x90
[ 15.129672] ? syscall_exit_to_user_mode+0x23/0x50
[ 15.129675] ? do_syscall_64+0x69/0x90
[ 15.129677] ? do_syscall_64+0x69/0x90
[ 15.129679] ? syscall_exit_to_user_mode+0x23/0x50
[ 15.129682] ? do_syscall_64+0x69/0x90
[ 15.129684] ? do_syscall_64+0x69/0x90
[ 15.129686] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.129689] RIP: 0033:0x7fa96ecd559b
[ 15.129692] Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a5 a8 0c 00 f7 d8 64 89 01 48
[ 15.129696] RSP: 002b:00007ffcaf85c258 EFLAGS: 00000206 ORIG_RAX: 0000000000000010
[ 15.129699] RAX: ffffffffffffffda RBX: 00007fa96f1b48f0 RCX: 00007fa96ecd559b
[ 15.129701] RDX: 00007fa97017e610 RSI: 00000000c138fd09 RDI: 0000000000000003
[ 15.129702] RBP: 00007fa96ebab583 R08: 00007fa97017c9e0 R09: 00007ffcaf85bf27
[ 15.129704] R10: 0000000000000001 R11: 0000000000000206 R12: 00007fa97017e610
[ 15.129706] R13: 00007fa97017e640 R14: 00007fa97017e6c0 R15: 00007fa97017e530
[ 15.129709] </TASK>
[ 15.129710] Modules linked in: raid1 amd64_edac(-) fjes(-) pcc_cpufreq(-) dm_raid raid456 md_mod async_raid6_recov async_memcpy async_pq async_xor intel_rapl_msr async_tx xor raid6_pq intel_rapl_common libcrc32c edac_mce_amd amdgpu(+) snd_hda_codec_realtek wmi_bmof snd_hda_codec_generic kvm_amd gigabyte_wmi ledtrig_audio snd_hda_codec_hdmi snd_hda_intel kvm snd_intel_dspcfg snd_intel_sdw_acpi snd_usb_audio snd_hda_codec gpu_sched sp5100_tco snd_usbmidi_lib irqbypass drm_ttm_helper snd_hda_core rapl i2c_piix4 joydev mousedev ttm snd_hwdep snd_rawmidi snd_seq_device igb dca wmi pinctrl_amd mac_hid acpi_cpufreq nls_iso8859_1 vfat fat snd_aloop snd_pcm snd_timer snd soundcore videodev mc sg crypto_user fuse ip_tables x_tables ext4 crc32c_generic crc16 mbcache jbd2 dm_crypt cbc encrypted_keys trusted asn1_encoder tee tpm uas usb_storage usbhid dm_mod crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel aesni_intel crypto_simd cryptd ccp sr_mod rng_core cdrom xhci_pci
[ 15.129750] xhci_pci_renesas
[ 15.129764] CR2: 0000000000000060
[ 15.129766] ---[ end trace 0000000000000000 ]---
[ 15.129767] RIP: 0010:blk_queue_flag_set+0x7/0x20
[ 15.129770] Code: 00 00 00 0f 1f 44 00 00 48 8b 35 e4 e0 04 02 48 8d 57 28 bf 40 01 00 00 e9 16 c1 be ff 66 0f 1f 44 00 00 0f 1f 44 00 00 89 ff <f0> 48 0f ab 7e 60 31 f6 89 f7 c3 66 66 2e 0f 1f 84 00 00 00 00 00
[ 15.129774] RSP: 0018:ffff966b81987a88 EFLAGS: 00010202
[ 15.129776] RAX: ffff8b11c363a0d0 RBX: ffff8b11e294b070 RCX: 0000000000000000
[ 15.129778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001d
[ 15.129780] RBP: ffff8b11e294b058 R08: 0000000000000000 R09: 0000000000000000
[ 15.129782] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8b11e294b070
[ 15.129784] R13: 0000000000000000 R14: ffff8b11e294b000 R15: 0000000000000001
[ 15.129786] FS: 00007fa96e826780(0000) GS:ffff8b18deb40000(0000) knlGS:0000000000000000
[ 15.129788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 15.129790] CR2: 0000000000000060 CR3: 000000010b8ce000 CR4: 00000000003506e0
########################## NORMAL lsblk ##########################
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sdb 8:16 1 7,3T 0 disk
├─sdb1 8:17 1 1M 0 part
├─sdb2 8:18 1 127M 0 part
├─sdb3 8:19 1 7,3T 0 part
└─ldm_part_BENZIUMINATOR-Dg0_Disk2-01 254:5 0 7,3T 0 ldm
└─ldm_vol_BENZIUMINATOR-Dg0_Volume1 254:6 0 7,3T 0 ldm
sdc 8:32 1 7,3T 0 disk
├─sdc1 8:33 1 7,3T 0 part
├─sdc2 8:34 1 1M 0 part
├─sdc3 8:35 1 127M 0 part
└─ldm_part_BENZIUMINATOR-Dg0_Disk1-01 254:4 0 7,3T 0 ldm
└─ldm_vol_BENZIUMINATOR-Dg0_Volume1 254:6 0 7,3T 0 ldm
############### lsblk with NULL pointer dereference ###############
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sdb 8:16 1 7,3T 0 disk
├─sdb1 8:17 1 1M 0 part
├─sdb2 8:18 1 127M 0 part
├─sdb3 8:19 1 7,3T 0 part
└─ldm_part_BENZIUMINATOR-Dg0_Disk2-01 254:5 0 7,3T 0 ldm
sdc 8:32 1 7,3T 0 disk
├─sdc1 8:33 1 7,3T 0 part
├─sdc2 8:34 1 1M 0 part
├─sdc3 8:35 1 127M 0 part
└─ldm_part_BENZIUMINATOR-Dg0_Disk1-01 254:4 0 7,3T 0 ldm
