Details
-
Bug
-
Resolution: Unresolved
-
Medium
-
None
-
None
-
None
-
3
-
9223372036854775807
Description
lst list_group <grp name not yet created by add_group> crashes the kernel
----- reproducer
lst new_session --timeout 10000
lst add_group grp_name <IP>@tcp
lst list_group grp_name # This was working
lst list_group some_wrong_grp_name # This will crash kernel
-----crash report
libcfs: HW NUMA nodes: 1, HW CPU cores: 2, npartitions: 1
alg: No test for adler32 (adler32-zlib)
LNet: Added LNI 192.168.50.130@tcp [8/256/0/180]
Lustre: 6531:0:(conctl.c:1155:lst_groups_show_start()) LNet selftest group a does not exit
BUG: unable to handle kernel NULL pointer dereference at 000000000000001c
PGD 80000000157c1067 P4D 80000000157c1067 PUD 6e925067 PMD 0
Oops: 0000 1 SMP PTI
CPU: 1 PID: 6531 Comm: lst Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1
Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
RIP: 0010:strlen+0x0/0x20
Code: 48 89 f9 74 09 48 83 c1 01 80 39 00 75 f7 31 d2 44 0f b6 04 16 44 88 04 11 48 83 c2 01 45 84 c0 75 ee c3 0f 1f 80 00 00 00 00 <80> 3f 00 74 10 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 31
RSP: 0018:ffffa28a003eb920 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 000000000000001c RCX: 0000000000000000
RDX: 0000000000000001 RSI: ffffffffc083a401 RDI: 000000000000001c
RBP: ffff931583226d00 R08: 0000000000000008 R09: ffff9315ee92bf99
R10: ffffffffc0842ae0 R11: 0000000000000004 R12: ffff9315bf68a000
R13: ffff931585fbc3c8 R14: 0000000000000000 R15: ffff931583226d00
FS: 00007efd66633380(0000) GS:ffff9315ffd00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000001c CR3: 000000003f688002 CR4: 00000000000706e0
Call Trace:
lst_groups_show_dump+0x80/0x420 [lnet_selftest]
genl_lock_dumpit+0x2f/0x50
netlink_dump+0x18a/0x380
__netlink_dump_start+0x17e/0x1f0
genl_family_rcv_msg_dumpit.isra.15+0x106/0x130
? genl_family_rcv_msg_attrs_parse.isra.16+0xe0/0xe0
? genl_unlock+0x20/0x20
? genl_parallel_done+0x40/0x40
genl_family_rcv_msg+0xf9/0x160
? lst_groups_show_done+0xe0/0xe0 [lnet_selftest]
? lst_groups_show_start+0x950/0x950 [lnet_selftest]
? kzalloc.constprop.16+0x10/0x10 [lnet_selftest]
genl_rcv_msg+0x47/0x90
? genl_family_rcv_msg+0x160/0x160
netlink_rcv_skb+0x4c/0x120
genl_rcv+0x24/0x40
netlink_unicast+0x196/0x230
netlink_sendmsg+0x204/0x3d0
sock_sendmsg+0x4c/0x50
____sys_sendmsg+0x1eb/0x250
? copy_msghdr_from_user+0x5c/0x90
? ____sys_recvmsg+0xb0/0x150
___sys_sendmsg+0x7c/0xc0
? copy_msghdr_from_user+0x5c/0x90
? ___sys_recvmsg+0x89/0xc0
? __wake_up_common_lock+0x89/0xc0
__sys_sendmsg+0x57/0xa0
do_syscall_64+0x5b/0x1a0
entry_SYSCALL_64_after_hwframe+0x65/0xca
RIP: 0033:0x7efd6536c308
Code: 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 95 42 29 00 8b 00 85 c0 75 17 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 41 89 d4 55
RSP: 002b:00007ffc4fb87068 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000001b70390 RCX: 00007efd6536c308
RDX: 0000000000000000 RSI: 00007ffc4fb870a0 RDI: 0000000000000003
RBP: 0000000001b9deb0 R08: 00007efd661f1f10 R09: 0000000000000004
R10: 000000000000000c R11: 0000000000000246 R12: 0000000001b702a0
R13: 00007ffc4fb870a0 R14: 00007ffc4fb871a0 R15: 00007ffc4fb871a8
Modules linked in: ksocklnd(OE) lnet_selftest(OE) lnet(OE) libcfs(OE) sunrpc kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul vmwgfx ttm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops snd_intel8x0 drm snd_ac97_codec ac97_bus ghash_clmulni_intel snd_pcm snd_timer joydev pcspkr snd video soundcore i2c_piix4 ata_generic ext4 mbcache jbd2 sr_mod cdrom sd_mod t10_pi sg ahci libahci ata_piix crc32c_intel serio_raw e1000 libata
CR2: 000000000000001c
hrtimer: interrupt took 12102183 ns