lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Mon, 16 Jun 2014 17:14:51 -0400
From:	Sasha Levin <sasha.levin@...cle.com>
To:	Naoya Horiguchi <n-horiguchi@...jp.nec.com>
CC:	linux-mm@...ck.org, Dave Hansen <dave.hansen@...el.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Hugh Dickins <hughd@...gle.com>,
	"Kirill A. Shutemov" <kirill@...temov.name>,
	linux-kernel@...r.kernel.org, Dave Jones <davej@...hat.com>
Subject: Re: [PATCH 7/7] mincore: apply page table walker on do_mincore()

On 06/16/2014 12:44 PM, Naoya Horiguchi wrote:
> Hi Sasha,
> 
> Thanks for bug reporting.
> 
> On Mon, Jun 16, 2014 at 11:24:16AM -0400, Sasha Levin wrote:
>> On 06/06/2014 06:58 PM, Naoya Horiguchi wrote:
>>> This patch makes do_mincore() use walk_page_vma(), which reduces many lines
>>> of code by using common page table walk code.
>>>
>>> Signed-off-by: Naoya Horiguchi <n-horiguchi@...jp.nec.com>
>>
>> Hi Naoya,
>>
>> This patch is causing a few issues on -next:
>>
>> [  367.679282] BUG: sleeping function called from invalid context at mm/mincore.c:37
> 
> cond_resched() in mincore_hugetlb() triggered this. This is done in common
> pagewalk code, so I should have removed it.
> 
> ...
>> And:
>>
>> [  391.118663] BUG: unable to handle kernel paging request at ffff880142aca000
>> [  391.118663] IP: mincore_hole (mm/mincore.c:99 (discriminator 2))
> 
> walk->pte_hole cannot assume walk->vma != NULL, so I should've checked it
> in mincore_hole() before using walk->vma.
> 
> Could you try the following fixes?

That solved those two, but I'm seeing new ones:

[  650.352956] BUG: unable to handle kernel paging request at ffff8802fdf03000
[  650.352956] IP: mincore_hole (mm/mincore.c:101 (discriminator 2))
[  650.352956] PGD 23bcd067 PUD 704b48067 PMD 704958067 PTE 80000002fdf03060
[  650.352956] Oops: 0002 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[  650.352956] Dumping ftrace buffer:
[  650.352956]    (ftrace buffer empty)
[  650.352956] Modules linked in:
[  650.352956] CPU: 12 PID: 15403 Comm: trinity-c363 Tainted: G        W     3.15.0-next-20140616-sasha-00025-g0fd1f7d-dirty #657
[  650.352956] task: ffff88027caf3000 ti: ffff880279d5c000 task.ti: ffff880279d5c000
[  650.352956] RIP: mincore_hole (mm/mincore.c:101 (discriminator 2))
[  650.352956] RSP: 0018:ffff880279d5fd48  EFLAGS: 00010202
[  650.352956] RAX: 0000000000000001 RBX: 00007f2445400000 RCX: 0000000000000000
[  650.352956] RDX: 0000000000000000 RSI: 00007f2445400000 RDI: 00007f2445200000
[  650.352956] RBP: ffff880279d5fd88 R08: 0000000000000001 R09: ffff880000000100
[  650.352956] R10: 0000000000000001 R11: 00007f2444126000 R12: 00007f2480000000
[  650.352956] R13: ffff8802fdf03000 R14: 0000000000000200 R15: ffff8804e32f2000
[  650.352956] FS:  00007f24899ec700(0000) GS:ffff8802ff000000(0000) knlGS:0000000000000000
[  650.352956] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  650.352956] CR2: ffff8802fdf03000 CR3: 000000027c39b000 CR4: 00000000000006a0
[  650.352956] DR0: 00000000006df000 DR1: 0000000000000000 DR2: 0000000000000000
[  650.352956] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  650.352956] Stack:
[  650.352956]  ffff880279d5fef0 0000000000000000 0000000000000000 00007f2445400000
[  650.352956]  00007f2480000000 ffff880279d5fef0 00007f2445200000 ffff8804e30fd148
[  650.352956]  ffff880279d5fe38 ffffffff9c2d1c4d ffff880200000000 ffffffff9c1a0038
[  650.352956] Call Trace:
[  650.352956] walk_pgd_range (mm/pagewalk.c:73 mm/pagewalk.c:141 mm/pagewalk.c:170)
[  650.352956] ? preempt_count_sub (kernel/sched/core.c:2602)
[  650.352956] __walk_page_range (mm/pagewalk.c:264)
[  650.352956] ? SyS_mincore (mm/mincore.c:160 mm/mincore.c:244 mm/mincore.c:212)
[  650.352956] walk_page_vma (mm/pagewalk.c:376)
[  650.352956] SyS_mincore (mm/mincore.c:177 mm/mincore.c:244 mm/mincore.c:212)
[  650.352956] ? mincore_hugetlb (mm/mincore.c:143)
[  650.352956] ? mincore_hole (mm/mincore.c:109)
[  650.352956] ? mincore_page (mm/mincore.c:87)
[  650.352956] ? copy_page_range (mm/mincore.c:24)
[  650.352956] tracesys (arch/x86/kernel/entry_64.S:542)
[ 650.352956] Code: 87 a0 00 00 00 48 83 c3 01 48 8b b8 f8 01 00 00 e8 ab fe ff ff 48 8b 55 c8 88 02 49 63 c4 49 39 c6 77 cd eb 14 0f 1f 00 83 c0 01 <41> c6 44 15 00 00 48 63 d0 49 39 d6 77 ef 48 8b 55 c0 4c 8b 6a
All code
========
   0:	87 a0 00 00 00 48    	xchg   %esp,0x48000000(%rax)
   6:	83 c3 01             	add    $0x1,%ebx
   9:	48 8b b8 f8 01 00 00 	mov    0x1f8(%rax),%rdi
  10:	e8 ab fe ff ff       	callq  0xfffffffffffffec0
  15:	48 8b 55 c8          	mov    -0x38(%rbp),%rdx
  19:	88 02                	mov    %al,(%rdx)
  1b:	49 63 c4             	movslq %r12d,%rax
  1e:	49 39 c6             	cmp    %rax,%r14
  21:	77 cd                	ja     0xfffffffffffffff0
  23:	eb 14                	jmp    0x39
  25:	0f 1f 00             	nopl   (%rax)
  28:	83 c0 01             	add    $0x1,%eax
  2b:*	41 c6 44 15 00 00    	movb   $0x0,0x0(%r13,%rdx,1)		<-- trapping instruction
  31:	48 63 d0             	movslq %eax,%rdx
  34:	49 39 d6             	cmp    %rdx,%r14
  37:	77 ef                	ja     0x28
  39:	48 8b 55 c0          	mov    -0x40(%rbp),%rdx
  3d:	4c 8b 6a 00          	mov    0x0(%rdx),%r13

Code starting with the faulting instruction
===========================================
   0:	41 c6 44 15 00 00    	movb   $0x0,0x0(%r13,%rdx,1)
   6:	48 63 d0             	movslq %eax,%rdx
   9:	49 39 d6             	cmp    %rdx,%r14
   c:	77 ef                	ja     0xfffffffffffffffd
   e:	48 8b 55 c0          	mov    -0x40(%rbp),%rdx
  12:	4c 8b 6a 00          	mov    0x0(%rdx),%r13
[  650.352956] RIP mincore_hole (mm/mincore.c:101 (discriminator 2))
[  650.352956]  RSP <ffff880279d5fd48>
[  650.352956] CR2: ffff8802fdf03000


Thanks,
Sasha
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists