lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 20 Jun 2018 16:05:53 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     David Howells <dhowells@...hat.com>
Cc:     Al Viro <viro@...iv.linux.org.uk>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-fsdevel@...r.kernel.org, lkp@...org
Subject: [lkp-robot] [VFS]  56d9b2efe5: general_protection_fault:#[##]


FYI, we noticed the following commit (built with gcc-7):

commit: 56d9b2efe552bceedd25e8efe0a0083ef9d541e6 ("VFS: Implement fsopen() to prepare for a mount")
https://git.kernel.org/cgit/linux/kernel/git/viro/vfs.git mount-reordered

in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -m 512M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+------------------------------------------+------------+------------+
|                                          | e357de7398 | 56d9b2efe5 |
+------------------------------------------+------------+------------+
| boot_successes                           | 2          | 2          |
| boot_failures                            | 117        | 66         |
| BUG:unable_to_handle_kernel              | 108        | 44         |
| Oops:#[##]                               | 110        | 51         |
| Kernel_panic-not_syncing:Fatal_exception | 117        | 66         |
| kernel_BUG_at_lib/list_debug.c           | 7          | 2          |
| invalid_opcode:#[##]                     | 7          | 3          |
| RIP:__list_add_valid                     | 7          |            |
| RIP:__list_del_entry_valid               | 2          | 35         |
| general_protection_fault:#[##]           | 0          | 12         |
| RIP:__x86_indirect_thunk_rax             | 0          | 5          |
| RIP:__lock_acquire                       | 0          | 12         |
| kernel_BUG_at_mm/slob.c                  | 0          | 1          |
| RIP:slob_alloc                           | 0          | 1          |
+------------------------------------------+------------+------------+



[  181.808767] random: get_random_u64 called from arch_pick_mmap_layout+0x60/0x130 with crng_init=0
[  186.714232] _warn_unseeded_randomness: 11 callbacks suppressed
[  186.714288] random: get_random_u64 called from copy_process+0x195/0x1ae0 with crng_init=0
[  186.773591] random: get_random_u64 called from arch_pick_mmap_layout+0x60/0x130 with crng_init=0
[  186.796449] random: get_random_u64 called from load_elf_binary+0x32e/0x16c6 with crng_init=0
[  188.431860] general protection fault: 0000 [#1] PREEMPT
[  188.448873] CPU: 0 PID: 557 Comm: trinity-main Not tainted 4.17.0-rc5-00193-g56d9b2e #1
[  188.456923] RIP: 0010:__list_del_entry_valid+0x60/0x110
[  188.462220] RSP: 0018:ffff88001908fd98 EFLAGS: 00010202
[  188.467563] RAX: 0000000000000000 RBX: ffff880018c946d0 RCX: 0000000000000000
[  188.474688] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff82eb6298
[  188.481752] RBP: dead000000000200 R08: 0000000000000000 R09: 0000000000000001
[  188.488885] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  188.496014] R13: dead4ead00000001 R14: ffffffff82253360 R15: 0000000000000000
[  188.503046] FS:  000000000104a880(0000) GS:ffffffff82a43000(0000) knlGS:0000000000000000
[  188.511083] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.516885] CR2: 00007f91821ed000 CR3: 000000001b19f000 CR4: 00000000000006b0
[  188.523950] Call Trace:
[  188.526609]  list_lru_del+0x25/0x70
[  188.530284]  iput+0x1dc/0x310
[  188.533328]  __dentry_kill+0x114/0x210
[  188.537144]  ? dput+0x29/0x350
[  188.540362]  dentry_kill+0x8c/0x360
[  188.543952]  ? dput+0x29/0x350
[  188.547163]  dput+0x318/0x350
[  188.550304]  __fput+0x1e5/0x2e0
[  188.553583]  task_work_run+0x91/0xc0
[  188.557209]  ? native_irq_disable+0x10/0x10
[  188.561489]  exit_to_usermode_loop+0x101/0x110
[  188.565956]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  188.571144] RIP: 0033:0x4573da
[  188.574255] RSP: 002b:00007ffe9767ab18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  188.581807] RAX: ffffffffffffffea RBX: 0000000000000001 RCX: 00000000004573da
[  188.588843] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  188.596052] RBP: 000000000000001e R08: 000000000000001e R09: 0000000000000000
[  188.603154] R10: 0000000000042831 R11: 0000000000000246 R12: 0000000000000000
[  188.610247] R13: 0000000000000000 R14: 0000000000042831 R15: 0000000000000000
[  188.617366] Code: ec 74 79 48 bd 00 02 00 00 00 00 ad de 31 f6 48 c7 c7 98 62 eb 82 49 39 ed 40 0f 94 c6 31 c9 31 d2 e8 d5 5f d7 ff 49 39 ed 74 65 <49> 8b 6d 00 31 f6 48 c7 c7 68 62 eb 82 48 39 dd 40 0f 95 c6 31 
[  188.636703] RIP: __list_del_entry_valid+0x60/0x110 RSP: ffff88001908fd98
[  188.644757] ---[ end trace b5beff89e3c68ca1 ]---
[  188.649780] Kernel panic - not syncing: Fatal exception
[  188.657072] Kernel Offset: disabled

Elapsed time: 210

#!/bin/bash


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.17.0-rc5-00193-g56d9b2e" of type "text/plain" (114188 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (16156 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ