lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <53304451.7030800@oracle.com>
Date:	Mon, 24 Mar 2014 10:42:25 -0400
From:	Sasha Levin <sasha.levin@...cle.com>
To:	Jan Kara <jack@...e.cz>
CC:	Al Viro <viro@...IV.linux.org.uk>, linux-fsdevel@...r.kernel.org,
	LKML <linux-kernel@...r.kernel.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: fs: gpf in simple_setattr

On 03/10/2014 10:13 AM, Sasha Levin wrote:
> On 03/10/2014 06:43 AM, Jan Kara wrote:
>>    By garbage, do you mean that it is a poison, completely random data or does
>> inode->i_sb look like a valid pointer but just superblock isn't where it
>> points to?
>
> It's poison.
>
>>> >Any way I could get anything useful any other way?
>>    Hum, can you dump the whole contents of 'dentry' at that place? Maybe it
>> will tell us something.
>
> I'll give it a go, will update when it happens again.

Okay, I've added this:

diff --git a/fs/libfs.c b/fs/libfs.c
index a184424..2492dc4 100644
--- a/fs/libfs.c
+++ b/fs/libfs.c
@@ -377,6 +377,7 @@ int simple_setattr(struct dentry *dentry, struct iattr *iattr)
         if (iattr->ia_valid & ATTR_SIZE)
                 truncate_setsize(inode, iattr->ia_size);
         setattr_copy(inode, iattr);
+       printk(KERN_ERR "** %u %p %s %p %s %p %p %p\n", dentry->d_flags, dentry->d_pare
         mark_inode_dirty(inode);
         return 0;
  }

And got the following:

[  339.948946] ** 4194304 ffff8805ac03ba38 [eventpoll] ffff8806ec051fe0 [eventpoll] ffffffff84666040 ffff88056c73e7b0           (null)
[  339.956028] general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[  339.958199] Dumping ftrace buffer:
[  339.959158]    (ftrace buffer empty)
[  339.960075] Modules linked in:
[  339.960712] CPU: 2 PID: 9702 Comm: trinity-c2 Tainted: G        W     3.14.0-rc7-next-20140321-sasha-00018-g0516fe6-dirty #266
[  339.962657] task: ffff88012b8b0000 ti: ffff88012b88a000 task.ti: ffff88012b88a000
[  339.964089] RIP: 0010:[<ffffffff8133af2c>]  [<ffffffff8133af2c>] __mark_inode_dirty+0x10c/0x4a0
[  339.965274] RSP: 0018:ffff88012b88bdb8  EFLAGS: 00010206
[  339.965274] RAX: 6b6b6b6b6b6b6b6b RBX: ffff8806ec051fe0 RCX: 0000000000000006
[  339.965274] RDX: 0000000000008a90 RSI: 0000000000000007 RDI: ffff8806ec051fe0
[  339.965274] RBP: ffff88012b88bdd8 R08: 0000000000000000 R09: 0000000000000000
[  339.965274] R10: 0000000000000001 R11: 3330636135303838 R12: 0000000000000007
[  339.965274] R13: ffff8806ec051fe0 R14: ffff8806ec6bb3d8 R15: ffff8806ec051fe0
[  339.965274] FS:  00007f1993d82700(0000) GS:ffff8800bec00000(0000) knlGS:0000000000000000
[  339.965274] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  339.974036] CR2: 0000000000000000 CR3: 0000000123b16000 CR4: 00000000000006a0
[  339.974036] DR0: 0000000000698000 DR1: 0000000000000000 DR2: 0000000000000000
[  339.974036] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  339.974036] Stack:
[  339.974036]  0000000000000000 ffff8805ac03ba38 ffff8806ec051fe0 ffff88012b88bec8
[  339.974036]  ffff88012b88be28 ffffffff81336f7b ffffffff84666040 ffff88056c73e7b0
[  339.974036]  0000000000000000 ffff8806ec0520c8 0000000000000041 ffff88012b88bec8
[  339.974036] Call Trace:
[  339.974036]  [<ffffffff81336f7b>] simple_setattr+0xab/0xd0
[  339.974036]  [<ffffffff8132b148>] notify_change+0x258/0x390
[  339.974036]  [<ffffffff81307db2>] ? chmod_common+0x72/0x150
[  339.974036]  [<ffffffff81307df4>] chmod_common+0xb4/0x150
[  339.974036]  [<ffffffff8132c274>] ? __fget_light+0xe4/0x130
[  339.974036]  [<ffffffff81309382>] SyS_fchmod+0x62/0xa0
[  339.974036]  [<ffffffff84506a58>] tracesys+0xe1/0xe6
[  339.974036] Code: 8b 45 00 0f 1f 40 00 49 8b 7d 08 44 89 e2 49 83 c5 10 48 89 de ff d0 49 8b 45 00 48 85 c0 75 e7 eb c5 0f 1f 44 00 00 49 8b 46 30 <48> 8b 40 10 48 85 c0 74 08 44 89 e6 48 89 df ff d0 66 66 66 66
[  339.974036] RIP  [<ffffffff8133af2c>] __mark_inode_dirty+0x10c/0x4a0
[  339.974036]  RSP <ffff88012b88bdb8>


Thanks,
Sasha
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ