lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 28 Apr 2015 08:43:20 +0800
From:	Fengguang Wu <fengguang.wu@...el.com>
To:	Iulia Manda <iulia.manda21@...il.com>
Cc:	fengguang.wu@...el.com, LKP <lkp@...org>,
	linux-kernel@...r.kernel.org
Subject: BUG: unable to handle kernel paging request at ffffffee

Greetings,

0day kernel testing robot got the below dmesg and the first bad commit is

git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master

commit 2813893f8b197a14f1e1ddb04d99bce46817c84a
Author:     Iulia Manda <iulia.manda21@...il.com>
AuthorDate: Wed Apr 15 16:16:41 2015 -0700
Commit:     Linus Torvalds <torvalds@...ux-foundation.org>
CommitDate: Wed Apr 15 16:35:22 2015 -0700

    kernel: conditionally support non-root users, groups and capabilities
    
    There are a lot of embedded systems that run most or all of their
    functionality in init, running as root:root.  For these systems,
    supporting multiple users is not necessary.
    
    This patch adds a new symbol, CONFIG_MULTIUSER, that makes support for
    non-root users, non-root groups, and capabilities optional.  It is enabled
    under CONFIG_EXPERT menu.
    
    When this symbol is not defined, UID and GID are zero in any possible case
    and processes always have all capabilities.
    
    The following syscalls are compiled out: setuid, setregid, setgid,
    setreuid, setresuid, getresuid, setresgid, getresgid, setgroups,
    getgroups, setfsuid, setfsgid, capget, capset.
    
    Also, groups.c is compiled out completely.
    
    In kernel/capability.c, capable function was moved in order to avoid
    adding two ifdef blocks.
    
    This change saves about 25 KB on a defconfig build.  The most minimal
    kernels have total text sizes in the high hundreds of kB rather than
    low MB.  (The 25k goes down a bit with allnoconfig, but not that much.
    
    The kernel was booted in Qemu.  All the common functionalities work.
    Adding users/groups is not possible, failing with -ENOSYS.
    
    Bloat-o-meter output:
    add/remove: 7/87 grow/shrink: 19/397 up/down: 1675/-26325 (-24650)
    
    [akpm@...ux-foundation.org: coding-style fixes]
    Signed-off-by: Iulia Manda <iulia.manda21@...il.com>
    Reviewed-by: Josh Triplett <josh@...htriplett.org>
    Acked-by: Geert Uytterhoeven <geert@...ux-m68k.org>
    Tested-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
    Reviewed-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
    Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org>

+------------------------------------------------+------------+------------+------------+
|                                                | c79574abe2 | 2813893f8b | 7445ff424e |
+------------------------------------------------+------------+------------+------------+
| boot_successes                                 | 82         | 0          | 0          |
| boot_failures                                  | 2          | 24         | 12         |
| IP-Config:Auto-configuration_of_network_failed | 2          |            |            |
| BUG:unable_to_handle_kernel                    | 0          | 24         | 12         |
| Oops                                           | 0          | 24         | 12         |
| EIP_is_at_devpts_new_index                     | 0          | 24         | 12         |
| Kernel_panic-not_syncing:Fatal_exception       | 0          | 24         | 12         |
| backtrace:do_sys_open                          | 0          | 24         | 12         |
| backtrace:SyS_open                             | 0          | 24         | 12         |
+------------------------------------------------+------------+------------+------------+

[   11.113238] udevd (90) used greatest stack depth: 6660 bytes left
[   11.154235] udevadm (93) used greatest stack depth: 6452 bytes left
Starting Bootlog daemon: 
[   11.349783] BUG: unable to handle kernel paging request at ffffffee
[   11.350251] IP: [<c14a15b4>] devpts_new_index+0x54/0x2e0
[   11.350629] *pdpt = 00000000027da001 *pde = 00000000027db063 *pte = 0000000000000000 
[   11.351194] Oops: 0000 [#1] SMP 
[   11.351441] Modules linked in:
[   11.351669] CPU: 0 PID: 250 Comm: bootlogd Not tainted 4.0.0-05910-g2813893 #4
[   11.352162] task: ce6e2000 ti: ce292000 task.ti: ce292000
[   11.352530] EIP: 0060:[<c14a15b4>] EFLAGS: 00010246 CPU: 0
[   11.352909] EIP is at devpts_new_index+0x54/0x2e0
[   11.352957] EAX: ffffffea EBX: 00000000 ECX: 00000000 EDX: ce6e8008
[   11.352957] ESI: ce6aaa00 EDI: ce02b060 EBP: ce293da4 ESP: ce293d94
[   11.352957]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[   11.352957] CR0: 80050033 CR2: ffffffee CR3: 0e2383a0 CR4: 000406b0
[   11.352957] Stack:
[   11.352957]  ce293da4 00000000 ce6aaa00 ce02b060 ce293dc8 c17ad2c7 c1186ae2 c23ebcc0
[   11.352957]  00000000 ce02b060 c3001ac0 00000001 ce02b060 ce293df0 c13cc1d5 00000000
[   11.352957]  00000000 ce6aaa00 c3001a40 00000000 00000284 00000283 ce6aaa00 ce293e18
[   11.352957] Call Trace:
[   11.352957]  [<c17ad2c7>] ptmx_open+0xa7/0x3b0
[   11.352957]  [<c1186ae2>] ? do_raw_spin_unlock+0x162/0x210
[   11.352957]  [<c13cc1d5>] chrdev_open+0x455/0x4a0
[   11.352957]  [<c13bbd7d>] do_dentry_open+0x9cd/0xb70
[   11.352957]  [<c13bbf76>] vfs_open+0x56/0xa0
[   11.352957]  [<c13e6f00>] do_last+0x790/0x2a80
[   11.352957]  [<c13e92fb>] ? path_openat+0x10b/0x10e0
[   11.352957]  [<c13e967b>] path_openat+0x48b/0x10e0
[   11.352957]  [<c13ec5b2>] do_filp_open+0x42/0x150
[   11.352957]  [<c13beefc>] do_sys_open+0x58c/0x6f0
[   11.352957]  [<c13e0000>] ? vfs_rmdir+0x30/0x330
[   11.352957]  [<c13bf090>] SyS_open+0x30/0x50
[   11.352957]  [<c1e4e2c5>] syscall_call+0x7/0x7
[   11.352957] Code: 05 80 2f f2 c2 01 83 15 84 2f f2 c2 00 84 c9 89 04 9d 00 65 5c c2 75 16 a1 20 33 f2 c2 83 05 88 2f f2 c2 01 83 15 8c 2f f2 c2 00 <8b> 50 04 83 05 90 2f f2 c2 01 8b 9a 04 03 00 00 83 15 94 2f f2
[   11.352957] EIP: [<c14a15b4>] devpts_new_index+0x54/0x2e0 SS:ESP 0068:ce293d94
[   11.352957] CR2: 00000000ffffffee
[   11.352957] ---[ end trace fcc960a7acab2024 ]---
[   11.352957] Kernel panic - not syncing: Fatal exception

git bisect start 7445ff424e7ff7121865b523d1588af20a41c207 39a8804455fb23f09157341d3ba7db6d7ae6ee76 --
git bisect  bad 0ada7e339e8560d78d90ae0b58af8506a3d97c78  # 10:46      0-      5  Merge 'iwlwifi-next/master' into devel-cairo-smoke-201504200851
git bisect good 7eb17b8fca4c6ee755bc37e41705f7c15f40d73f  # 13:34     20+      2  0day base guard for 'devel-cairo-smoke-201504200851'
git bisect  bad 5092f1587a049826da2dc128d46d69b0fa74af78  # 14:13      0-      5  Merge 'pm/bleeding-edge' into devel-cairo-smoke-201504200851
git bisect good 2481bc75283ea10e75d5fb1a8b42af363fc4b45c  # 19:43     20+      2  Merge tag 'pm+acpi-4.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
git bisect good 4e78eb0dbf867ccf206706ff2af34084f71a99bf  # 00:00     20+      0  Merge tag 'mac80211-next-for-davem-2015-04-10' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
git bisect good d0a3997c0c3f9351e24029349dee65dd1d9e8d84  # 02:56     20+      2  Merge tag 'sound-4.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
git bisect  bad 497a5df7bf6ffd136ae21c49d1a01292930d7ca2  # 03:13      0-      5  Merge tag 'stable/for-linus-4.1-rc0-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip
git bisect good ff7a2adac50873aaba71759779505693806adcc1  # 07:30     20+      0  powerpc: Remove PPC32 code from pseries specific find_and_init_phbs()
git bisect  bad 9f6a240e8b08d3fa711c2b615e7ea901cf59e590  # 07:52      0-      5  power: wakeup: remove use of seq_printf return value
git bisect good 018e9a49a554d915ba945a5faf34c592d65fe575  # 13:13     20+      2  mm/compaction.c: fix "suitable_migration_target() unused" warning
git bisect good 946e87981942552e526aca9cb6204f02a6c847cb  # 11:33     20+      0  paride: fix the "verbose" module param
git bisect  bad d1c1b12137fff14363d0cf45c8b7a9ec5cd4578b  # 12:45      0-      6  lib/vsprintf.c: another small hack
git bisect  bad 7a54f46b301cfab8a0d7365aa186545f8b98f22e  # 13:14      0-      5  kernel/reboot.c: add orderly_reboot for graceful reboot
git bisect  bad 96831c0a6738f88f89e7012f4df0a747514af0a0  # 13:41      0-      5  kernel/resource.c: remove deprecated __check_region() and friends
git bisect  bad 2813893f8b197a14f1e1ddb04d99bce46817c84a  # 14:45      0-      5  kernel: conditionally support non-root users, groups and capabilities
git bisect good c79574abe2baddf569532e7e430e4977771dd25c  # 16:30     20+      2  lib/test-hexdump.c: fix initconst confusion
# first bad commit: [2813893f8b197a14f1e1ddb04d99bce46817c84a] kernel: conditionally support non-root users, groups and capabilities
git bisect good c79574abe2baddf569532e7e430e4977771dd25c  # 17:52     60+      2  lib/test-hexdump.c: fix initconst confusion
# extra tests with DEBUG_INFO
git bisect good 2813893f8b197a14f1e1ddb04d99bce46817c84a  # 23:49     60+     39  kernel: conditionally support non-root users, groups and capabilities
# extra tests on HEAD of linux-devel/devel-cairo-smoke-201504200851
git bisect  bad 7445ff424e7ff7121865b523d1588af20a41c207  # 23:49      0-     12  0day head guard for 'devel-cairo-smoke-201504200851'
# extra tests on tree/branch linus/master
git bisect  bad b787f68c36d49bb1d9236f403813641efa74a031  # 00:04      0-      5  Linux 4.1-rc1
# extra tests on tree/branch linus/master
git bisect  bad b787f68c36d49bb1d9236f403813641efa74a031  # 00:04      0-      5  Linux 4.1-rc1
# extra tests on tree/branch next/master
git bisect  bad b722a93ff1074b1c3f2273c669bd51368aeedf66  # 00:29      0-      5  Add linux-next specific files for 20150427


This script may reproduce the error.

----------------------------------------------------------------------------
#!/bin/bash

kernel=$1
initrd=yocto-minimal-i386.cgz

wget --no-clobber https://github.com/fengguang/reproduce-kernel-bug/raw/master/initrd/$initrd

kvm=(
	qemu-system-x86_64
	-enable-kvm
	-cpu Haswell,+smep,+smap
	-kernel $kernel
	-initrd $initrd
	-m 256
	-smp 1
	-device e1000,netdev=net0
	-netdev user,id=net0
	-boot order=nc
	-no-reboot
	-watchdog i6300esb
	-rtc base=localtime
	-serial stdio
	-display none
	-monitor null 
)

append=(
	hung_task_panic=1
	earlyprintk=ttyS0,115200
	rd.udev.log-priority=err
	systemd.log_target=journal
	systemd.log_level=warning
	debug
	apic=debug
	sysrq_always_enabled
	rcupdate.rcu_cpu_stall_timeout=100
	panic=-1
	softlockup_panic=1
	nmi_watchdog=panic
	oops=panic
	load_ramdisk=2
	prompt_ramdisk=0
	console=ttyS0,115200
	console=tty0
	vga=normal
	root=/dev/ram0
	rw
	drbd.minor_count=8
)

"${kvm[@]}" --append "${append[*]}"
----------------------------------------------------------------------------

Thanks,
Fengguang

View attachment "dmesg-yocto-vp-2:20150427144946:i386-randconfig-c1-04200851:4.0.0-05910-g2813893:4" of type "text/plain" (39382 bytes)

View attachment "config-4.0.0-05910-g2813893" of type "text/plain" (82333 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ