| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <53705B93.4060208@intel.com>
Date: Mon, 12 May 2014 13:26:43 +0800
From: Jet Chen <jet.chen@...el.com>
To: Andy Lutomirski <luto@...capital.net>
CC: Fengguang Wu <fengguang.wu@...el.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: [x86, interrupt] BUG: sleeping function called from invalid context
at arch/x86/mm/fault.c:1167
Hi Andy,
I got the below dmesg and the first bad commit is
git://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git fast-return-to-userspace
commit e94ab903e725eaf9d98e56f3043878bde7fc1b58
Author: Andy Lutomirski <luto@...capital.net>
AuthorDate: Tue May 6 13:26:33 2014 -0700
Commit: Andy Lutomirski <luto@...capital.net>
CommitDate: Tue May 6 13:26:33 2014 -0700
Fast interrupt return to userspace
This could be even faster if it were written in assembler :)
The only reason it's Signed-off-by is that I agree to the DCO.
That should not be construed to mean that anyone should apply
this patch. It's an abomination and it will do terrible,
terrible things.
It boots, though :) I haven't tested it beyond that.
Signed-off-by: Andy Lutomirski <luto@...capital.net>
+--------------------------------------------------------------------------+-----------+------------+
| | v3.15-rc4 | e94ab903e7 |
+--------------------------------------------------------------------------+-----------+------------+
| boot_successes | 162 | 0 |
| boot_failures | 5 | 20 |
| BUG:kernel_early_hang_without_any_printk_output | 2 | |
| Out_of_memory:Kill_process | 2 | |
| backtrace:do_sys_open | 1 | |
| backtrace:SyS_open | 1 | |
| BUG:kernel_boot_hang | 1 | |
| backtrace:vm_mmap_pgoff | 1 | |
| backtrace:SyS_mmap_pgoff | 1 | |
| backtrace:SyS_mmap | 1 | |
| BUG:sleeping_function_called_from_invalid_context_at_arch/x86/mm/fault.c | 0 | 20 |
| WARNING:CPU:PID:at_kernel/locking/lockdep.c:lockdep_trace_alloc() | 0 | 20 |
| INFO:lockdep_is_turned_off | 0 | 20 |
| WARNING:CPU:PID:at_kernel/smp.c:smp_call_function_many() | 0 | 16 |
| WARNING:CPU:PID:at_kernel/smp.c:smp_call_function_single() | 0 | 16 |
+--------------------------------------------------------------------------+-----------+------------+
[ 1.664070] Key type encrypted registered
[ 1.669356] Freeing unused kernel memory: 2684K (ffffffff816f7000 - ffffffff81996000)
[ 1.671079] BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1167
[ 1.672358] in_atomic(): 0, irqs_disabled(): 1, pid: 1, name: init
[ 1.673103] 1 lock held by init/1:
[ 1.673518] #0: (&mm->mmap_sem){++++++}, at: [<ffffffff81038b39>] __do_page_fault+0xc9/0x4d0
[ 1.674401] irq event stamp: 1069840
[ 1.674401] hardirqs last enabled at (1069839): [<ffffffff813de35d>] retint_swapgs+0x13/0x25
[ 1.674401] hardirqs last disabled at (1069840): [<ffffffff813de816>] error_sti+0x5/0x6
[ 1.674401] softirqs last enabled at (1065946): [<ffffffff81073562>] __do_softirq+0x1e2/0x2b0
[ 1.674401] softirqs last disabled at (1065935): [<ffffffff81073965>] irq_exit+0xd5/0xe0
[ 1.674401] CPU: 6 PID: 1 Comm: init Not tainted 3.15.0-rc4-00001-ge94ab90 #1
[ 1.674401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[ 1.674401] 00007fff4af8dff8 ffff880000211d60 ffffffff813d5a87 0000000000000029
[ 1.674401] ffff880000211d70 ffffffff81094dcd ffff880000211e70 ffffffff81038b54
[ 1.674401] ffff880000208908 0000000000000002 ffff88000fb200a8 0000000000000002
[ 1.674401] Call Trace:
[ 1.674401] [<ffffffff813d5a87>] dump_stack+0x4d/0x66
[ 1.674401] [<ffffffff81094dcd>] __might_sleep+0xed/0x130
[ 1.674401] [<ffffffff81038b54>] __do_page_fault+0xe4/0x4d0
[ 1.674401] [<ffffffff8109cd66>] ? local_clock+0x16/0x30
[ 1.674401] [<ffffffff810b23ff>] ? lock_release_holdtime.part.30+0xf/0x190
[ 1.674401] [<ffffffff813dd582>] ? _raw_spin_unlock+0x22/0x30
[ 1.674401] [<ffffffff8109d82c>] ? vtime_account_user+0x8c/0xa0
[ 1.674401] [<ffffffff811009fb>] ? context_tracking_user_exit+0xbb/0xd0
[ 1.674401] [<ffffffff81038f91>] do_page_fault+0x31/0x70
[ 1.674401] [<ffffffff810342e4>] do_async_page_fault+0x24/0xe0
[ 1.674401] [<ffffffff813de605>] async_page_fault+0x25/0x30
[ 1.674401] [<ffffffff81001d66>] ? install_sysret_trampoline+0x36/0x70
[ 1.674401] [<ffffffff813de362>] retint_swapgs+0x18/0x25
Attached dmesg for the parent commit, too, to help confirm whether it is a noise error.
git bisect start 0dcebb805ee5cb03202711908c828a76c60dc51e 89ca3b881987f5a4be4c5dbaa7f0df12bbdde2fd --
git bisect good a2149d48144498ee00c03e7cfef13841dd459e65 # 20:33 20+ 4 Merge 'cgroup/review-unified-updates' into devel-hourly-2014050720
git bisect bad 88f3059da6b1c67e559fba548dc1442c4b7e846d # 20:37 0- 20 Merge 'cgroup/for-next' into devel-hourly-2014050720
git bisect bad cc71f24555d15787e3bc3de4c654b44db127d535 # 20:37 0- 20 Merge 'kvm/queue' into devel-hourly-2014050720
git bisect bad ba96bd4b4a7445154b9dfd9b990402efed483948 # 20:37 0- 20 Merge 'arm-perf/aarch64' into devel-hourly-2014050720
git bisect bad 0d621996b9340f6043fc61bfde2a1c0694661f75 # 20:37 0- 20 Merge 'luto/fast-return-to-userspace' into devel-hourly-2014050720
git bisect bad e94ab903e725eaf9d98e56f3043878bde7fc1b58 # 20:37 0- 20 Fast interrupt return to userspace
# first bad commit: [e94ab903e725eaf9d98e56f3043878bde7fc1b58] Fast interrupt return to userspace
git bisect good 89ca3b881987f5a4be4c5dbaa7f0df12bbdde2fd # 20:39 69+ 5 Linux 3.15-rc4
git bisect bad 0dcebb805ee5cb03202711908c828a76c60dc51e # 20:39 0- 23 0day head guard for 'devel-hourly-2014050720'
git bisect good 7e338c9991ecee9c2ac7a4cee2c2e11ecb563d02 # 21:07 69+ 0 Merge branch 'for-3.15' of git://linux-nfs.org/~bfields/linux
git bisect good 9f072b9386bc35ca2ed534c0392f5036902ce41b # 23:54 69+ 0 Add linux-next specific files for 20140509
This script may reproduce the error.
-----------------------------------------------------------------------------
#!/bin/bash
kernel=$1
initrd=quantal-core-x86_64.cgz
wget --no-clobber https://github.com/fengguang/reproduce-kernel-bug/blob/master/initrd/$initrd
kvm=(
qemu-system-x86_64 -cpu kvm64 -enable-kvm -kernel $kernel
-initrd $initrd
-smp 2
-m 256M
-net nic,vlan=0,macaddr=00:00:00:00:00:00,model=virtio
-net user,vlan=0
-net nic,vlan=1,model=e1000
-net user,vlan=1
-boot order=nc
-no-reboot
-watchdog i6300esb
-serial stdio
-display none
-monitor null
)
append=(
debug
sched_debug
apic=debug
ignore_loglevel
sysrq_always_enabled
panic=10
prompt_ramdisk=0
earlyprintk=ttyS0,115200
console=ttyS0,115200
console=tty0
vga=normal
root=/dev/ram0
rw
)
"${kvm[@]}" --append "${append[*]}"
-----------------------------------------------------------------------------
Thanks,
Jet
View attachment "dmesg-quantal-f1-118:20140508201336:x86_64-randconfig-s1-05080402:3.15.0-rc4-00001-ge94ab90:1" of type "text/plain" (143462 bytes)
View attachment "dmesg-quantal-f1-53:20140508201504:x86_64-randconfig-s1-05080402:3.15.0-rc4:1" of type "text/plain" (1884 bytes)
Download attachment "x86_64-randconfig-s1-05080402-0dcebb805ee5cb03202711908c828a76c60dc51e-BUG:-sleeping-function-called-from-invalid-context-at-101030.log" of type "application/octet-stream" (35103 bytes)
View attachment "config-3.15.0-rc4-00001-ge94ab90" of type "text/plain" (72114 bytes)
View attachment "Attached Message Part" of type "text/plain" (87 bytes)
Powered by blists - more mailing lists