Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp4259792rdb; Thu, 14 Sep 2023 17:42:10 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG1BDG5GikUM6Yf0uIXhZTGxzEfkAwAuL5MEcZxej2By4LQSIv80a1xXi9HWszkJ857jlnj X-Received: by 2002:a6b:3bd2:0:b0:792:8a08:1bf9 with SMTP id i201-20020a6b3bd2000000b007928a081bf9mr141284ioa.0.1694738530138; Thu, 14 Sep 2023 17:42:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694738530; cv=none; d=google.com; s=arc-20160816; b=vyfGKn/nWgYQV0SD/JtuAtdL9IisYZA1N2j/l3e7eGKmWZKBcydo5T7+hTy6sxaSeh CLWxjlykKdNBXrR8+u8JFH6x+UVxHWPxbNZDbf3MKtkH7lkDhctKogTR6XUJ0Q2bJJWY 9go/nzh8qRroCl+YfHGIzroPn+nZxGvr64urFvhEjpVHbLi6cBbnTj24BGRu/WnBgdjZ EaEbWE7xbwgVfkRGJR24AeIsU+3fqv8VAObz4T55j0GgQPHfFxmbOWUZHyxI+Iu0cZxo EQaOxdY+XBJGSn/OL+wpnnBO/vUEK+Lv5aDv7kNiWvX8+HFGKJahLHd1fD4jB7hFjRR1 ZasA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=pgA7PcwmgwXejCiJKRlHdUH5uK+0JkyppZjxMRcSh+s=; fh=kkoj5oVzm8XpDIKxkRVvH2PyLMFbdMi1naH2yqw/wIE=; b=Vg57f7lX0feO76MG3u7AdPxoVGz21jVSiu2l7Od/xHcxVRXh8jyEWQ8WjuxPtW+2Yj SmqVn/9qwnDVS5kzUdZGTye7J+qvtL//9EAtn1Mjrzs+Wo6JDYBM0dfC5zJcZjs6x6Su iPjwUTTUKGCRMd0wxLqjwBAOE9g+aUV3hdb9XqUBxGOGDivvtRYUSCb514/+sfRX/JEf FzJGxUEQaW8dBh0+UfVrHHkdEtVVDZbDpKL9Zyo+lPT9I0bNsIvunSd8Gd7TFaByD3hK kBsRq6xXLnAGhpu7scFnphykcEvDeLTHaj1wJAAHHFmbEU58PjMqxpomuWN1rt07BIay MvQQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=MORUfFws; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id q30-20020a63f95e000000b00569362d6cebsi2342945pgk.2.2023.09.14.17.42.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 17:42:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=MORUfFws; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 0F34982159DE; Thu, 14 Sep 2023 08:20:03 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240784AbjINPUE (ORCPT + 99 others); Thu, 14 Sep 2023 11:20:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35920 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239524AbjINPUD (ORCPT ); Thu, 14 Sep 2023 11:20:03 -0400 Received: from mail-ua1-x930.google.com (mail-ua1-x930.google.com [IPv6:2607:f8b0:4864:20::930]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73C591FC9; Thu, 14 Sep 2023 08:19:59 -0700 (PDT) Received: by mail-ua1-x930.google.com with SMTP id a1e0cc1a2514c-7a512434bc9so1423558241.0; Thu, 14 Sep 2023 08:19:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1694704798; x=1695309598; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pgA7PcwmgwXejCiJKRlHdUH5uK+0JkyppZjxMRcSh+s=; b=MORUfFws6H5jSyFsJZWnF/WilprBqaM7RUhcSoqrROLLodgt4c6JY+7xa4jxPA3wzg CYytMTlsgOxw34PlAVFryt52EKtTzA3L2GQG0kZSu8QywhQvN6scrzuy6+y9qYFm/3G5 p5obuJ9TS33ukoq2WeA8ESu9l0snaLSIlEESr0P9GWm/7eZLPhTkqAkJxfyOpHeNOfR5 UKJFf/RHMezDHFTt12vKtseo7aTzk71+SQ+Qq6GPj1DX3qobUEJyZyX4dKE2hUbjQ4W0 qgExNl+lMVjBsnjXX6gfzB35U+FWOElmrMtY7Y5kyi5GhK9b6g4LAIiwRX/rDbyisW2y dX6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694704798; x=1695309598; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pgA7PcwmgwXejCiJKRlHdUH5uK+0JkyppZjxMRcSh+s=; b=XvT6qNEILMJko4iEPtW3ocUGLrg8zd48kDwLLNEXEN2qUx2vkJyaOnR5oeVObDiti3 C9dBwkl42W/5SeftSXtKIynNcBsTgsMlvY7o0I67yv68z91SZrx8TezZtFfawwbAVJji xk6VoaX98ysppzlJvi/X7KFDeAcOT82ca+VcFkU/Johny7XemtmUv/Hn4knqbeggPnsz Y/UDkckp5TLbUiZmjmqy5dvtvmukniPDOHQyc442ltkuaHbEIgeb0S8Ba6RVukFkvOPc MPv18bZI0BaXxrUuDIPjEGsbhet+F3VQcaBq6FCghA6s1AtFfLfK2SbdSB28iw4yDynN V0vw== X-Gm-Message-State: AOJu0YzKRcHswQXGxuG6VNL5+KxBHM0Fetuajp956wzUtpSwosvDG2LA h8St8LXl1ODtTlIzsdlwLJxtxmU4oRUPin17 X-Received: by 2002:a67:ee50:0:b0:44e:837a:25e with SMTP id g16-20020a67ee50000000b0044e837a025emr1010521vsp.11.1694704798503; Thu, 14 Sep 2023 08:19:58 -0700 (PDT) Received: from localhost.localdomain (vps-035beda1.vps.ovh.us. [51.81.85.161]) by smtp.gmail.com with ESMTPSA id g2-20020ab016c2000000b0079b44af2af8sm193838uaf.30.2023.09.14.08.19.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 08:19:57 -0700 (PDT) From: Yong Wang X-Google-Original-From: Yong Wang To: chrubis@suse.cz, naresh.kamboju@linaro.org Cc: alex.bennee@linaro.org, anders.roxell@linaro.org, arnd@arndb.de, linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org, ltp@lists.linux.it, mdoucha@suse.cz, peterz@infradead.org, vincent.guittot@linaro.org, wegao@suse.com, wang.yong12@zte.com.cn, yang.yang29@zte.com.cn, ran.xiaokai@zte.com.cn Subject: LTP: cfs_bandwidth01: Unable to handle kernel NULL pointer dereference Date: Thu, 14 Sep 2023 23:18:39 +0800 Message-Id: <20230914151839.3635-1-wang.yong12@zte.com.cn> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Thu, 14 Sep 2023 08:20:03 -0700 (PDT) Hello! >Following kernel crash noticed on Linux stable-rc 6.5.3-rc1 on qemu-arm64 while >running LTP sched tests cases. > >This is not always reproducible. I also encountered this problem on linux 5.10 on arm64 environment. The prompt information is as follows: [ 2893.003795] ================================================================== [ 2893.003822] BUG: KASAN: null-ptr-deref in pick_next_task_fair+0x130/0x4e0 [ 2893.003880] Read of size 8 at addr 0000000000000080 by task ksoftirqd/0/12 [ 2893.003901] [ 2893.003914] CPU: 0 PID: 12 Comm: ksoftirqd/0 Tainted: P O 5.10.59-rt52#1 [ 2893.003959] Call trace: [ 2893.003968] dump_backtrace+0x0/0x2e8 [ 2893.004009] show_stack+0x18/0x28 [ 2893.004032] dump_stack+0x104/0x174 [ 2893.004067] kasan_report+0x1d0/0x258 [ 2893.004098] __asan_load8+0x94/0xd0 [ 2893.004126] pick_next_task_fair+0x130/0x4e0 [ 2893.004164] __schedule+0x220/0xbd0 [ 2893.004192] schedule+0xec/0x1a0 [ 2893.004216] smpboot_thread_fn+0x124/0x548 [ 2893.004246] kthread+0x24c/0x278 [ 2893.004277] ret_from_fork+0x10/0x34 [ 2893.004306] ================================================================== [ 2893.004325] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000080 [ 2893.152267] Mem abort info: [ 2893.152639] ESR = 0x96000004 [ 2893.153045] EC = 0x25: DABT (current EL), IL = 32 bits [ 2893.153739] SET = 0, FnV = 0 [ 2893.154143] EA = 0, S1PTW = 0 [ 2893.154560] Data abort info: [ 2893.154940] ISV = 0, ISS = 0x00000004 [ 2893.155443] CM = 0, WnR = 0 [ 2893.155838] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000188edb000 The source code where the problem occurs corresponds to: se = pick_next_entity(cfs_rq, curr); cfs_rq = group_cfs_rq(se); //se is NULL! It is found that pick_next_entity returns null, so null-ptr-dere appears when accessing the members of se later. But it is not clear under what circumstances pick_next_entity returns null. In addition, in my environment, the following operations often recur: stress-ng -c 8 --cpu-load 100 --sched fifo --sched-prio 1 --cpu-method pi -t 900 & runltp -s cfs_bandwidth01 Hope it helps to solve the problem. Thanks.