lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <55E9D2EA.4020106@oracle.com>
Date:	Fri, 04 Sep 2015 13:20:42 -0400
From:	Sasha Levin <sasha.levin@...cle.com>
To:	Tejun Heo <tj@...nel.org>
CC:	rostedt@...dmis.org, mingo@...hat.com, axboe@...com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] writeback: verify that underlying dev exists before getting
 its name

On 09/04/2015 12:47 PM, Tejun Heo wrote:
> On Fri, Sep 04, 2015 at 12:45:18PM -0400, Sasha Levin wrote:
>> We can't assume there is always an underlying device and must verify that
>> as well. Otherwise, we'd deref a NULL ptr here.
> 
> Do you have backtrace of this happening?  There's a bug in cleanup
> path which causes oops (patch is being tested) and this may just be a
> symptom of the same problem.
> 
> Thanks.
> 

[268773.335933] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC KASAN
[268773.337986] Modules linked in:
[268773.338470] CPU: 3 PID: 12812 Comm: trinity-c10 Not tainted 4.2.0-next-20150902-sasha-00045-gd0866f3-dirty #2528
[268773.339903] task: ffff8802f56e4000 ti: ffff880322e10000 task.ti: ffff880322e10000
[268773.340943] RIP: 0010:[<ffffffffaa8b8284>]  [<ffffffffaa8b8284>] trace_event_raw_event_writeback_dirty_page+0x1b4/0x420
[268773.342558] RSP: 0018:ffff880322e17810  EFLAGS: 00010006
[268773.343316] RAX: 0000000000000000 RBX: 1ffff100645c2f04 RCX: 0000000000000027
[268773.344321] RDX: dffffc0000000000 RSI: 1ffffffff725af7f RDI: 0000000000000138
[268773.345332] RBP: ffff880322e178c8 R08: 000000000000006e R09: 0000000000000004
[268773.346339] R10: ffff8801e38c6008 R11: 1ffff1003c716a86 R12: ffff8801e38c6b3c
[268773.347504] R13: ffff8802bf107060 R14: ffffea0002cde080 R15: ffff880322e17840
[268773.348582] FS:  00007f4ebe605700(0000) GS:ffff8801e4000000(0000) knlGS:0000000000000000
[268773.349800] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[268773.350666] CR2: 0000000000000004 CR3: 00000002f5df4000 CR4: 00000000000006a0
[268773.351712] Stack:
[268773.352038]  ffff8801e38c6afc ffff8802f56e4000 0000000041b58ab3 ffffffffb6c9fdd7
[268773.353217]  ffffffffaa8b80d0 0000000000000005 ffff88006bc04800 ffff8801e38c6b38
[268773.354386]  ffff88006be0e9a0 ffff8801e38c6b3c 0000000000000082 ffffffff00000004
[268773.355659] Call Trace:
[268773.356090]  [<ffffffffaa8b80d0>] ? inode_congested+0x520/0x520
[268773.357088]  [<ffffffffaa472cd4>] ? lock_is_held+0x194/0x1f0
[268773.357996]  [<ffffffffaa6f0f43>] account_page_dirtied+0x443/0x740
[268773.358881]  [<ffffffffaa6f1330>] __set_page_dirty_nobuffers+0xf0/0x2f0
[268773.359893]  [<ffffffffaa7e299d>] migrate_page_copy+0xccd/0x1980
[268773.360900]  [<ffffffffaa474880>] ? lock_acquired+0x680/0xbe0
[268773.361793]  [<ffffffffaa92060c>] ? aio_migratepage+0x22c/0x370
[268773.362697]  [<ffffffffaa92061b>] aio_migratepage+0x23b/0x370
[268773.363589]  [<ffffffffaa7e3c7c>] move_to_new_page+0x1fc/0x490
[268773.364487]  [<ffffffffaa7e3a80>] ? fallback_migrate_page+0x3b0/0x3b0
[268773.365474]  [<ffffffffaa77fc20>] ? page_remove_rmap+0x450/0x450
[268773.366380]  [<ffffffffaa77c2f0>] ? invalid_migration_vma+0x60/0x60
[268773.367353]  [<ffffffffaa782530>] ? page_get_anon_vma+0x2c0/0x2c0
[268773.368260]  [<ffffffffaa7df4a3>] ? new_page_node+0x263/0x3b0
[268773.369124]  [<ffffffffaa3de54e>] ? ___might_sleep+0x34e/0x470
[268773.370025]  [<ffffffffaa7e5453>] migrate_pages+0x1263/0x1ee0
[268773.370916]  [<ffffffffaa46814b>] ? get_lock_stats+0x1b/0x80
[268773.371770]  [<ffffffffaa7df240>] ? alloc_misplaced_dst_page+0x80/0x80
[268773.372756]  [<ffffffffaa7e41f0>] ? buffer_migrate_page+0x2e0/0x2e0
[268773.373708]  [<ffffffffaa82def2>] ? follow_page_pte+0x95f/0xa15
[268773.374621]  [<ffffffffaa74d6a6>] ? follow_page_mask+0x4e6/0xa90
[268773.375570]  [<ffffffffaa7e6b6e>] SYSC_move_pages+0xa9e/0x1070
[268773.376446]  [<ffffffffaa7e61c3>] ? SYSC_move_pages+0xf3/0x1070
[268773.377388]  [<ffffffffaa7e60d0>] ? migrate_pages+0x1ee0/0x1ee0
[268773.378333]  [<ffffffffaa5e91a7>] ? ring_buffer_unlock_commit+0x2f7/0x450
[268773.379361]  [<ffffffffaa605be3>] ? trace_buffer_unlock_commit+0x63/0x70
[268773.380403]  [<ffffffffaa0057c0>] ? do_audit_syscall_entry+0x310/0x310
[268773.381412]  [<ffffffffaa0078eb>] ? syscall_trace_enter_phase2+0x2db/0x690
[268773.382479]  [<ffffffffaa7e714e>] SyS_move_pages+0xe/0x10
[268773.383356]  [<ffffffffb43a8df8>] tracesys_phase2+0x88/0x8d
[268773.384186] Code: e9 03 80 3c 11 00 0f 85 b5 01 00 00 48 8b 80 b0 06 00 00 48 ba 00 00 00 00 00 fc ff df 48 8d b8 38 01 00 00 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 74 01 00 00 48 8b b0 38 01 00 00 48 85 f6 0f
[268773.388757] RIP  [<ffffffffaa8b8284>] trace_event_raw_event_writeback_dirty_page+0x1b4/0x420
[268773.389999]  RSP <ffff880322e17810>


Thanks,
Sasha
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ