lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 25 Jul 2019 14:47:12 +1000
From:   Stephen Rothwell <sfr@...b.auug.org.au>
To:     Al Viro <viro@...IV.linux.org.uk>
Cc:     Linux Next Mailing List <linux-next@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Nikolay Borisov <nborisov@...e.com>
Subject: linux-next: run time BUG after merge of the vfs-fixes tree?

Hi all,

During my qemu boot tests (powerpc64 pseries_le_defconfig) today, I got
the following BUG:

# halt
# Stopping network...Saving random seed... [    6.515368] random: dd: uninitialized urandom read (512 bytes read)
done.
Stopping logging: OK
[    6.796972] BUG: Unable to handle kernel data access at 0x5deadbeef0000122
[    6.797133] Faulting instruction address: 0xc00000000041cba4
[    6.797616] Oops: Kernel access of bad area, sig: 11 [#1]
[    6.797725] LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[    6.797987] Modules linked in:
[    6.798405] CPU: 0 PID: 111 Comm: umount Not tainted 5.3.0-rc1 #2
[    6.798554] NIP:  c00000000041cba4 LR: c00000000041cb90 CTR: 00000000000001fc
[    6.798664] REGS: c00000007e1eba70 TRAP: 0380   Not tainted  (5.3.0-rc1)
[    6.798716] MSR:  8000000000009033 <SF,EE,ME,IR,DR,RI,LE>  CR: 82242884  XER: 20000000
[    6.798957] CFAR: c00000000041c434 IRQMASK: 0 
[    6.798957] GPR00: c00000000041cb90 c00000007e1ebd00 c00000000110e100 0000000000000001 
[    6.798957] GPR04: 0000000000000800 0000000000000800 0000000000020000 c00000000113dbf8 
[    6.798957] GPR08: 0000000000000048 c00000007a2e2100 5deadbeef0000122 c000000079417380 
[    6.798957] GPR12: 0000000022242884 c0000000012f0000 0000000000000000 0000000000000000 
[    6.798957] GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 
[    6.798957] GPR20: 0000000000000000 0000000000000000 0000000000000000 00000000100bce20 
[    6.798957] GPR24: 0000000000000000 c00000007a2e2100 0000000000000000 c00000007a2e2188 
[    6.798957] GPR28: 0000000000000000 5deadbeef0000100 5deadbeef0000122 5deadbeef0000100 
[    6.800143] NIP [c00000000041cba4] namespace_unlock+0x194/0x240
[    6.800208] LR [c00000000041cb90] namespace_unlock+0x180/0x240
[    6.800366] Call Trace:
[    6.800456] [c00000007e1ebd00] [c00000000041cb90] namespace_unlock+0x180/0x240 (unreliable)
[    6.800603] [c00000007e1ebd60] [c00000000041e634] ksys_umount+0x324/0x6f0
[    6.800760] [c00000007e1ebe00] [c00000000041ea24] sys_umount+0x24/0x40
[    6.800824] [c00000007e1ebe20] [c00000000000ba64] system_call+0x5c/0x70
[    6.800940] Instruction dump:
[    6.801234] 81490124 fba900f0 fbc900f8 2f8a0000 409e00b0 7d234b78 4bfff80d 353fff10 
[    6.801374] 4182007c ebe900f0 e94900f8 2fbf0000 <fbea0000> 409effc8 3ce05dea 60e7dbee 
[    6.801992] ---[ end trace 34315779952607e2 ]---
[    6.905920] 
The system is going down NOW!

5deadbeef is the ppc64 ILLEGAL_POINTER_VALUE.  I am guessing that the
problem may have been introduced by commit

  2085eeffbc6d ("fix the struct mount leak in umount_tree()")

in the vfs-fixes tree today.

And actually reverting that commit makes the BUG go away.

After doing the revert (and also before today), I get the following log
messages instead of the BUG trace:

umount: devtmpfs busy - remounted read-only
umount: can't unmount /: Invalid argument

So, I have left that commit reverted for today.
-- 
Cheers,
Stephen Rothwell

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ