lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sun, 18 Feb 2018 02:35:03 +0800
From:   kernel test robot <fengguang.wu@...el.com>
To:     Jon Maloy <jon.maloy@...csson.com>
Cc:     davem@...emloft.net, netdev@...r.kernel.org,
        mohan.krishna.ghanta.krishnamurthy@...csson.com,
        tung.q.nguyen@...tech.com.au, hoang.h.le@...tech.com.au,
        jon.maloy@...csson.com, canh.d.luu@...tech.com.au,
        ying.xue@...driver.com, tipc-discussion@...ts.sourceforge.net,
        lkp@...org
Subject: [tipc]  5fb6af56fa:
 BUG:sleeping_function_called_from_invalid_context_at_net/core/sock.c

FYI, we noticed the following commit (built with gcc-7):

commit: 5fb6af56faa0dd56faa13c4b33800859b56a0af1 ("tipc: separate topology server listener socket from subcsriber sockets")
url: https://github.com/0day-ci/linux/commits/Jon-Maloy/tipc-de-generealize-topology-server/20180217-160819


in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -m 512M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+----------------------------------------------------------------------+------------+------------+
|                                                                      | 7d42efdc8d | 5fb6af56fa |
+----------------------------------------------------------------------+------------+------------+
| boot_successes                                                       | 8          | 0          |
| boot_failures                                                        | 0          | 3          |
| BUG:sleeping_function_called_from_invalid_context_at_net/core/sock.c | 0          | 3          |
+----------------------------------------------------------------------+------------+------------+



[   38.424333] BUG: sleeping function called from invalid context at net/core/sock.c:2768
[   38.426677] in_atomic(): 1, irqs_disabled(): 0, pid: 285, name: kworker/u2:3
[   38.428328] 4 locks held by kworker/u2:3/285:
[   38.429415]  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<000000009f1819e7>] process_one_work+0x15a/0x4ed
[   38.432350]  #1:  (net_cleanup_work){+.+.}, at: [<000000009f1819e7>] process_one_work+0x15a/0x4ed
[   38.434425]  #2:  (net_mutex){+.+.}, at: [<00000000967c2031>] cleanup_net+0x9b/0x283
[   38.436943]  #3:  (&(&srv->idr_lock)->rlock){+...}, at: [<00000000c31dbfed>] tipc_topsrv_stop+0x2b/0xd2
[   38.439122] CPU: 0 PID: 285 Comm: kworker/u2:3 Not tainted 4.16.0-rc1-00064-g5fb6af5 #285
[   38.441050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[   38.442993] Workqueue: netns cleanup_net
[   38.443991] Call Trace:
[   38.444704]  dump_stack+0x81/0xb3
[   38.445580]  ___might_sleep+0x1bd/0x1d6
[   38.446564]  lock_sock_nested+0x29/0x8f
[   38.447548]  tipc_release+0x2d/0x37f
[   38.448479]  sock_release+0x20/0x70
[   38.449382]  tipc_topsrv_stop+0x8f/0xd2
[   38.450367]  tipc_exit_net+0xe/0x2f
[   38.451272]  ops_exit_list+0x49/0x58
[   38.452201]  cleanup_net+0x1d5/0x283
[   38.453143]  process_one_work+0x2cd/0x4ed
[   38.454159]  ? worker_thread+0x1e0/0x25b
[   38.455148]  ? rescuer_thread+0x29f/0x29f
[   38.456158]  worker_thread+0x1a3/0x25b
[   38.457120]  ? rescuer_thread+0x29f/0x29f
[   38.458126]  kthread+0xf7/0xfc
[   38.458943]  ? kthread_create_worker_on_cpu+0x66/0x66
[   38.460158]  ret_from_fork+0x3a/0x50
[   39.808701] BUG: sleeping function called from invalid context at net/core/sock.c:2768
[   39.810982] in_atomic(): 1, irqs_disabled(): 0, pid: 285, name: kworker/u2:3
[   39.812716] 4 locks held by kworker/u2:3/285:
[   39.813811]  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<000000009f1819e7>] process_one_work+0x15a/0x4ed
[   39.816120]  #1:  (net_cleanup_work){+.+.}, at: [<000000009f1819e7>] process_one_work+0x15a/0x4ed
[   39.818237]  #2:  (net_mutex){+.+.}, at: [<00000000967c2031>] cleanup_net+0x9b/0x283
[   39.820097]  #3:  (&(&srv->idr_lock)->rlock){+...}, at: [<00000000c31dbfed>] tipc_topsrv_stop+0x2b/0xd2
[   39.835449] CPU: 0 PID: 285 Comm: kworker/u2:3 Tainted: G        W        4.16.0-rc1-00064-g5fb6af5 #285
[   39.837677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[   39.839654] Workqueue: netns cleanup_net
[   39.840706] Call Trace:
[   39.841429]  dump_stack+0x81/0xb3
[   39.842313]  ___might_sleep+0x1bd/0x1d6
[   39.843306]  lock_sock_nested+0x29/0x8f
[   39.844304]  tipc_release+0x2d/0x37f
[   39.845248]  sock_release+0x20/0x70
[   39.846190]  tipc_topsrv_stop+0x8f/0xd2
[   39.855390]  tipc_exit_net+0xe/0x2f
[   39.856327]  ops_exit_list+0x49/0x58
[   39.857264]  cleanup_net+0x1d5/0x283
[   39.858233]  process_one_work+0x2cd/0x4ed
[   39.859268]  ? worker_thread+0x1e0/0x25b
[   39.860259]  ? rescuer_thread+0x29f/0x29f
[   39.861247]  worker_thread+0x1a3/0x25b
[   39.862233]  ? rescuer_thread+0x29f/0x29f
[   39.863213]  kthread+0xf7/0xfc
[   39.864054]  ? kthread_create_worker_on_cpu+0x66/0x66
[   39.865302]  ret_from_fork+0x3a/0x50

Elapsed time: 50

#!/bin/bash

# To reproduce,
# 1) save job-script and this script (both are attached in 0day report email)
# 2) run this script with your compiled kernel and optional env $INSTALL_MOD_PATH

kernel=$1

initrds=(
	/osimage/yocto/yocto-minimal-x86_64-2016-04-22.cgz
	/lkp/lkp/lkp-x86_64.cgz
	/osimage/pkg/debian-x86_64-2016-08-31.cgz/trinity-static-x86_64-x86_64-6ddabfd2_2017-11-10.cgz
)

HTTP_PREFIX=https://github.com/0day-ci/lkp-qemu/raw/master
wget --timestamping "${initrds[@]/#/$HTTP_PREFIX}"

{
	cat "${initrds[@]//*\//}"
	[[ $INSTALL_MOD_PATH ]] && (
		cd "$INSTALL_MOD_PATH"
		find lib | cpio -o -H newc --quiet | gzip
	)
	echo  job-script | cpio -o -H newc --quiet | gzip
} > initrd.img

qemu-img create -f qcow2 disk-vm-kbuild-yocto-x86_64-49-0 256G

kvm=(
	qemu-system-x86_64
	-enable-kvm
	-cpu SandyBridge
	-kernel $kernel
	-initrd initrd.img
	-m 1024
	-smp 1
	-device e1000,netdev=net0
	-netdev user,id=net0
	-boot order=nc
	-no-reboot
	-watchdog i6300esb
	-watchdog-action debug
	-rtc base=localtime
	-drive file=disk-vm-kbuild-yocto-x86_64-49-0,media=disk,if=virtio
	-serial stdio
	-display none
	-monitor null
)

append=(
	ip=::::vm-kbuild-yocto-x86_64-49::dhcp
	root=/dev/ram0
	user=lkp
	job=/job-script
	ARCH=x86_64
	kconfig=x86_64-allyesdebian
	branch=linux-devel/devel-catchup-201802171751
	commit=5fb6af56faa0dd56faa13c4b33800859b56a0af1
	BOOT_IMAGE=/pkg/linux/x86_64-allyesdebian/gcc-7/5fb6af56faa0dd56faa13c4b33800859b56a0af1/vmlinuz-4.16.0-rc1-00064-g5fb6af5
	max_uptime=1500
	RESULT_ROOT=/result/trinity/300s/vm-kbuild-yocto-x86_64/yocto-minimal-x86_64-2016-04-22.cgz/x86_64-allyesdebian/gcc-7/5fb6af56faa0dd56faa13c4b33800859b56a0af1/0
	result_service=tmpfs
	debug
	apic=debug
	sysrq_always_enabled
	rcupdate.rcu_cpu_stall_timeout=100
	net.ifnames=0
	printk.devkmsg=on
	panic=-1
	softlockup_panic=1


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
lkp

View attachment "config-4.16.0-rc1-00064-g5fb6af5" of type "text/plain" (164829 bytes)

View attachment "job-script" of type "text/plain" (3879 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (27456 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ