2022-11-02 13:42:21

by Naresh Kamboju

[permalink] [raw]
Subject: arm32: kselftest: zram: Unable to handle kernel NULL pointer dereference at virtual address 00000144

While running kselftest zram test case on x15 device and qemu-arm on
stable-rc 6.0.7-rc1 the following kernel crash noticed the image was
built with gcc-10.

This is not regression because it has been happening on mainline and next.

Reported-by: Linux Kernel Functional Testing <[email protected]>

# selftests: zram: zram.sh
# --------------------
# running zram tests
# --------------------
# create '1' zram device(s)
[ 677.430297] zram: Added device: zram0
# all zram devices (/dev/zram0~0) successfully created
# set max_comp_streams to zram device(s)
# The device attribute max_comp_streams was[ 677.485321] zram0:
detected capacity change from 0 to 4096
deprecated in 4.7
# test that we can set compression algorithm
# supported algs: lzo [lzo-rle] lz4 lz4hc 842 zstd
# /sys/block/zram0/comp_algorithm = 'lzo'
# zram set compression algorithm: OK
# set disk size to zram device(s)
# /sys/block/zram0/disksize = '2097152'
# zram set disksizes: OK
# set memory limit to zram device(s)
# /sys/block/zram0/mem_limit = '2M'
# zram set memory limit: OK
# make ext4 filesystem on /dev/zram0
[ 677.550018] 8<--- cut here ---
[ 677.553100] Unable to handle kernel NULL pointer dereference at
virtual address 00000144
[ 677.561218] [00000144] *pgd=fb0e8835
[ 677.564819] Internal error: Oops: 17 [#1] SMP ARM
[ 677.569549] Modules linked in: zram zsmalloc cfg80211 bluetooth
snd_soc_simple_card snd_soc_simple_card_utils etnaviv gpu_sched
onboard_usb_hub snd_soc_davinci_mcasp snd_soc_ti_udma snd_soc_ti_edma
snd_soc_ti_sdma snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm
snd_timer snd soundcore display_connector fuse [last unloaded:
test_user_copy]
[ 677.599761] CPU: 1 PID: 2249 Comm: mkfs.ext4 Not tainted 6.0.7-rc1 #1
[ 677.606231] Hardware name: Generic DRA74X (Flattened Device Tree)
[ 677.612365] PC is at strcmp+0x4/0x34
[ 677.615966] LR is at register_lock_class+0x420/0x990
[ 677.620971] pc : [<c09ae910>] lr : [<c03d288c>] psr: a0070093
[ 677.627258] sp : f120da60 ip : 00000001 fp : c2240768
[ 677.632507] r10: 00000000 r9 : eeb10334 r8 : c33cedc0
[ 677.637756] r7 : eeb22334 r6 : c2b242e8 r5 : 00000144 r4 : c2976cd8
[ 677.644317] r3 : 00000028 r2 : c2240c1c r1 : 00000144 r0 : c1cfa56d
[ 677.650878] Flags: NzCv IRQs off FIQs on Mode SVC_32 ISA ARM
Segment none
[ 677.658142] Control: 10c5387d Table: 89b9c06a DAC: 00000051
[ 677.663909] Register r0 information: non-slab/vmalloc memory
[ 677.669586] Register r1 information: non-paged memory
[ 677.674682] Register r2 information: non-slab/vmalloc memory
[ 677.680358] Register r3 information: non-paged memory
[ 677.685455] Register r4 information: non-slab/vmalloc memory
[ 677.691131] Register r5 information: non-paged memory
[ 677.696197] Register r6 information: non-slab/vmalloc memory
[ 677.701904] Register r7 information: non-slab/vmalloc memory
[ 677.707580] Register r8 information: slab task_struct start
c33ced80 data offset 64 pointer offset 0 allocated at
copy_process+0x1a4/0x1950
[ 677.720184] kmem_cache_alloc+0x328/0x43c
[ 677.724487] copy_process+0x1a4/0x1950
[ 677.728515] kernel_clone+0x5c/0x418
[ 677.732360] sys_clone+0x74/0x90
[ 677.735870] ret_fast_syscall+0x0/0x1c
[ 677.739898] Free path:
[ 677.742370] rcu_core+0x3c8/0x1140
[ 677.746063] __do_softirq+0x130/0x538
[ 677.749999] Register r9 information: non-slab/vmalloc memory
[ 677.755676] Register r10 information: NULL pointer
[ 677.760498] Register r11 information: non-slab/vmalloc memory
[ 677.766265] Register r12 information: non-paged memory
[ 677.771453] Process mkfs.ext4 (pid: 2249, stack limit = 0xf120c000)
[ 677.777740] Stack: (0xf120da60 to 0xf120e000)
...
[ 678.151947] strcmp from register_lock_class+0x420/0x990
[ 678.157287] register_lock_class from __lock_acquire+0x68/0x2a98
[ 678.163330] __lock_acquire from lock_acquire+0x110/0x364
[ 678.168762] lock_acquire from zs_map_object+0x114/0x338 [zsmalloc]
[ 678.175079] zs_map_object [zsmalloc] from zram_bvec_rw+0x284/0xb1c [zram]
[ 678.182006] zram_bvec_rw [zram] from zram_submit_bio+0x1a0/0x3fc [zram]
[ 678.188751] zram_submit_bio [zram] from __submit_bio+0x50/0x80
[ 678.194702] __submit_bio from submit_bio_noacct_nocheck+0xb8/0x218
[ 678.201019] submit_bio_noacct_nocheck from submit_bh_wbc+0x150/0x180
[ 678.207489] submit_bh_wbc from __block_write_full_page+0x504/0x6ac
[ 678.213806] __block_write_full_page from block_write_full_page+0x148/0x18c
[ 678.220794] block_write_full_page from __writepage+0x1c/0x74
[ 678.226562] __writepage from write_cache_pages+0x1b4/0x4f4
[ 678.232177] write_cache_pages from generic_writepages+0x58/0x84
[ 678.238220] generic_writepages from do_writepages+0x7c/0x1b8
[ 678.243988] do_writepages from filemap_fdatawrite_wbc+0x6c/0x8c
[ 678.250030] filemap_fdatawrite_wbc from file_write_and_wait_range+0x90/0xec
[ 678.257141] file_write_and_wait_range from blkdev_fsync+0x20/0x44
[ 678.263336] blkdev_fsync from do_fsync+0x44/0x78
[ 678.268066] do_fsync from ret_fast_syscall+0x0/0x1c
[ 678.273071] Exception stack(0xf120dfa8 to 0xf120dff0)
[ 678.278137] dfa0: 00038960 b6f615a0 00000005
00042a00 00001000 00000000
[ 678.286376] dfc0: 00038960 b6f615a0 00000000 00000076 bebd8818
00000000 bebd8800 bebd8808
[ 678.294586] dfe0: 00000076 bebd87b8 b6db8def b6d31ae6
[ 678.299652] Code: e3520000 1afffffb e12fff1e e4d03001 (e4d12001)
[ 678.305786] ---[ end trace 0000000000000000 ]---
[ 678.310424] note: mkfs.ext4[2249] exited with preempt_count 3
[ 678.316192] ------------[ cut here ]------------
[ 678.320831] WARNING: CPU: 1 PID: 2249 at kernel/exit.c:741
do_exit+0x8a8/0xae0
[ 678.328094] Modules linked in: zram zsmalloc cfg80211 bluetooth
snd_soc_simple_card snd_soc_simple_card_utils etnaviv gpu_sched
onboard_usb_hub snd_soc_davinci_mcasp snd_soc_ti_udma snd_soc_ti_edma
snd_soc_ti_sdma snd_soc_core ac97_bus snd_pcm_dmaengine snd_pcm
snd_timer snd soundcore display_connector fuse [last unloaded:
test_user_copy]
[ 678.358306] CPU: 1 PID: 2249 Comm: mkfs.ext4 Tainted: G D
6.0.7-rc1 #1
[ 678.366271] Hardware name: Generic DRA74X (Flattened Device Tree)
[ 678.372406] unwind_backtrace from show_stack+0x18/0x1c
[ 678.377655] show_stack from dump_stack_lvl+0x58/0x70
[ 678.382720] dump_stack_lvl from __warn+0xd0/0x1f0
[ 678.387542] __warn from warn_slowpath_fmt+0x64/0xbc
[ 678.392547] warn_slowpath_fmt from do_exit+0x8a8/0xae0
[ 678.397796] do_exit from make_task_dead+0x64/0x104
[ 678.402709] make_task_dead from die+0x4c4/0x4e4
[ 678.407348] die from die_kernel_fault+0x6c/0x7c
[ 678.412017] die_kernel_fault from do_translation_fault+0x0/0xbc
[ 678.418060] irq event stamp: 10325
[ 678.421478] hardirqs last enabled at (10325): [<c0572914>]
inc_zone_page_state+0x5c/0x64
[ 678.429687] hardirqs last disabled at (10324): [<c0572904>]
inc_zone_page_state+0x4c/0x64
[ 678.437927] softirqs last enabled at (8038): [<c0301fe0>]
__do_softirq+0x300/0x538
[ 678.445617] softirqs last disabled at (8029): [<c0359ca4>]
__irq_exit_rcu+0x14c/0x170
[ 678.453491] ---[ end trace 0000000000000000 ]---

Broadcast message from systemd-journald@am57xx-evm (Thu 2022-04-28
17:53:32 UTC):
kernel[302]: [ 677.564819] Internal error: Oops: 17 [#1] SMP ARM

metadata:
git_ref: linux-6.0.y
git_repo: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc
git_sha: 436175d0f780af8302164b3102ecf0ff99f7a376
git_describe: v6.0.6-241-g436175d0f780
kernel_version: 6.0.7-rc1
kernel-config: https://builds.tuxbuild.com/2GyMeKKxOr8QQQbN95Ngll7cpZ8/config
build-url: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc/-/pipelines/683032123
artifact-location: https://builds.tuxbuild.com/2GyMeKKxOr8QQQbN95Ngll7cpZ8
toolchain: gcc-10


[1] https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.0.y/build/v6.0.6-241-g436175d0f780/testrun/12809079/suite/log-parser-test/test/check-kernel-exception/details/
[2] https://lkft.validation.linaro.org/scheduler/job/5799922#L4146
[3] https://lkft.validation.linaro.org/scheduler/job/5780009#L1853

--
Linaro LKFT
https://lkft.linaro.org