| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <575f91ed.43aYuCzW8Ovu+Bvw%xiaolong.ye@intel.com>
Date: Tue, 14 Jun 2016 13:11:09 +0800
From: kernel test robot <xiaolong.ye@...el.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: lkp@...org, Andy Lutomirski <luto@...capital.net>,
LKML <linux-kernel@...r.kernel.org>
Subject: 806ebc1465: BUG: tried to access memory at 0x7ff6afd3 while not
in USER_DS
FYI, we noticed the following commit:
https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git x86/uaccess
commit 806ebc146567cb0030460ebf34ebecfb7c67eb76 ("[DEBUG] force CONFIG_DEBUG_UACCESS")
on test machine: vm-lkp-wsx03-openwrt-i386: 1 threads qemu-system-i386 -enable-kvm with 192M memory
caused below changes:
+----------------------------------------------------+------------+------------+
| | 899f263944 | 806ebc1465 |
+----------------------------------------------------+------------+------------+
| boot_successes | 6 | 0 |
| boot_failures | 4 | 12 |
| IP-Config:Auto-configuration_of_network_failed | 4 | |
| BUG:tried_to_access_memory_at#while_not_in_USER_DS | 0 | 12 |
| kernel_BUG_at_arch/x86/mm/extable.c | 0 | 12 |
| invalid_opcode:#[##]SMP | 0 | 12 |
| EIP_is_at_bad_uaccess_kernel_ds | 0 | 12 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 12 |
| backtrace:do_vfs_ioctl | 0 | 6 |
| backtrace:SyS_ioctl | 0 | 6 |
| backtrace:do_execve | 0 | 2 |
| backtrace:SyS_execve | 0 | 2 |
+----------------------------------------------------+------------+------------+
[ 10.893589] Write protecting the kernel read-only data: 3932k
procd: Console is alive
procd: - watchdog -
[ 10.922394] BUG: tried to access memory at 0x7ff6afd3 while not in USER_DS
[ 10.922394] BUG: tried to access memory at 0x7ff6afd3 while not in USER_DS
[ 10.923957] ------------[ cut here ]------------
[ 10.923957] ------------[ cut here ]------------
[ 10.924977] kernel BUG at arch/x86/mm/extable.c:189!
[ 10.924977] kernel BUG at arch/x86/mm/extable.c:189!
[ 10.926382] invalid opcode: 0000 [#1] SMP
[ 10.926382] invalid opcode: 0000 [#1] SMP
[ 10.927270] CPU: 0 PID: 1 Comm: init Not tainted 4.7.0-rc2-00014-g806ebc1 #403
[ 10.927270] CPU: 0 PID: 1 Comm: init Not tainted 4.7.0-rc2-00014-g806ebc1 #403
[ 10.928893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[ 10.928893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[ 10.930915] task: 8b440000 ti: 8b426000 task.ti: 8b426000
[ 10.930915] task: 8b440000 ti: 8b426000 task.ti: 8b426000
[ 10.932179] EIP: 0060:[<8102e631>] EFLAGS: 00010246 CPU: 0
[ 10.932179] EIP: 0060:[<8102e631>] EFLAGS: 00010246 CPU: 0
[ 10.933391] EIP is at bad_uaccess_kernel_ds+0xe/0x10
[ 10.933391] EIP is at bad_uaccess_kernel_ds+0xe/0x10
[ 10.934483] EAX: 0000003e EBX: 813de9b8 ECX: 81077607 EDX: 8b440000
[ 10.934483] EAX: 0000003e EBX: 813de9b8 ECX: 81077607 EDX: 8b440000
[ 10.935909] ESI: 7ff6afd0 EDI: fffffff7 EBP: 8b427ef8 ESP: 8b427ef0
[ 10.935909] ESI: 7ff6afd0 EDI: fffffff7 EBP: 8b427ef8 ESP: 8b427ef0
[ 10.937353] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 10.937353] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 10.938552] CR0: 80050033 CR2: 7777bc60 CR3: 0087a000 CR4: 00000690
[ 10.938552] CR0: 80050033 CR2: 7777bc60 CR3: 0087a000 CR4: 00000690
[ 10.939936] Stack:
[ 10.939936] Stack:
[ 10.940386] 81a330a5
[ 10.940386] 81a330a5 7ff6afd3 7ff6afd3 8b427f08 8b427f08 813deab5 813deab5 813de9b8 813de9b8 899cb780 899cb780 8b427f14 8b427f14 810edd0a 810edd0a
[ 10.942231] 899cb780
[ 10.942231] 899cb780 8b427f68 8b427f68 810ee465 810ee465 00000002 00000002 00002180 00002180 899cb3c8 899cb3c8 88d146a8 88d146a8 810e100b 810e100b
[ 10.944062] 00000001
[ 10.944062] 00000001 00000000 00000000 00000000 00000000 899cb3c0 899cb3c0 00000014 00000014 0804a2a5 0804a2a5 8b427f60 8b427f60 810e1d7c 810e1d7c
[ 10.945951] Call Trace:
[ 10.945951] Call Trace:
[ 10.946493] [<813deab5>] wafwdt_ioctl+0xfd/0x14a
[ 10.946493] [<813deab5>] wafwdt_ioctl+0xfd/0x14a
[ 10.947528] [<813de9b8>] ? wafwdt_write+0x63/0x63
[ 10.947528] [<813de9b8>] ? wafwdt_write+0x63/0x63
[ 10.948611] [<810edd0a>] vfs_ioctl+0x17/0x21
[ 10.948611] [<810edd0a>] vfs_ioctl+0x17/0x21
[ 10.949568] [<810ee465>] do_vfs_ioctl+0x5bd/0x5ef
[ 10.949568] [<810ee465>] do_vfs_ioctl+0x5bd/0x5ef
[ 10.950620] [<810e100b>] ? fsnotify_modify+0x48/0x53
[ 10.950620] [<810e100b>] ? fsnotify_modify+0x48/0x53
[ 10.951781] [<810e1d7c>] ? vfs_write+0x9a/0xa6
[ 10.951781] [<810e1d7c>] ? vfs_write+0x9a/0xa6
[ 10.952781] [<810f61f6>] ? __fget_light+0x38/0x5a
[ 10.952781] [<810f61f6>] ? __fget_light+0x38/0x5a
[ 10.953909] [<810ee4c3>] SyS_ioctl+0x2c/0x45
[ 10.953909] [<810ee4c3>] SyS_ioctl+0x2c/0x45
[ 10.954866] [<81000d1c>] do_int80_syscall_32+0x48/0x5a
[ 10.954866] [<81000d1c>] do_int80_syscall_32+0x48/0x5a
[ 10.956055] [<8174d193>] entry_INT80_32+0x2f/0x2f
[ 10.956055] [<8174d193>] entry_INT80_32+0x2f/0x2f
[ 10.957100] Code:
[ 10.957100] Code: 55 55 89 89 e5 e5 e8 e8 a0 a0 5e 5e 02 02 00 00 85 85 c0 c0 74 74 0d 0d 03 03 40 40 08 08 3d 3d 33 33 e4 e4 02 02 81 81 0f 0f 94 94 c0 c0 eb eb 02 02 31 31 c0 c0 5d 5d c3 c3 55 55 89 89 e5 e5 50 50 68 68 a5 a5 30 30 a3 a3 81 81 e8 e8 3a 3a 3b 3b 08 08 00 00 <0f> <0f> 0b 0b 55 55 89 89 e5 e5 57 57 56 56 53 53 53 53 89 89 c3 c3 8b 8b 40 40 30 30 89 89 d7 d7 89 89 4d 4d f0 f0 e8 e8 65 65
[ 10.962411] EIP: [<8102e631>]
[ 10.962411] EIP: [<8102e631>] bad_uaccess_kernel_ds+0xe/0x10bad_uaccess_kernel_ds+0xe/0x10 SS:ESP 0068:8b427ef0
SS:ESP 0068:8b427ef0
[ 10.964179] ---[ end trace 69eab45c801d3298 ]---
[ 10.964179] ---[ end trace 69eab45c801d3298 ]---
FYI, raw QEMU command line is:
qemu-system-i386 -enable-kvm -kernel /pkg/linux/i386-randconfig-n0-201624/gcc-6/806ebc146567cb0030460ebf34ebecfb7c67eb76/vmlinuz-4.7.0-rc2-00014-g806ebc1 -append 'root=/dev/ram0 user=lkp job=/lkp/scheduled/vm-lkp-wsx03-openwrt-i386-2/bisect_boot-1-openwrt-i386.cgz-i386-randconfig-n0-201624-806ebc146567cb0030460ebf34ebecfb7c67eb76-20160614-88421-7u28ig-0.yaml~ ARCH=i386 kconfig=i386-randconfig-n0-201624 branch=linux-devel/devel-catchup-201606141100 commit=806ebc146567cb0030460ebf34ebecfb7c67eb76 BOOT_IMAGE=/pkg/linux/i386-randconfig-n0-201624/gcc-6/806ebc146567cb0030460ebf34ebecfb7c67eb76/vmlinuz-4.7.0-rc2-00014-g806ebc1 max_uptime=600 RESULT_ROOT=/result/boot/1/vm-lkp-wsx03-openwrt-i386/openwrt-i386.cgz/i386-randconfig-n0-201624/gcc-6/806ebc146567cb0030460ebf34ebecfb7c67eb76/0 LKP_SERVER=inn earlyprintk=ttyS0,115200 systemd.log_level=err debug apic=debug sysrq_always_enabled rcupdate.rcu_cpu_stall_timeout=100 panic=-1 softlockup_panic=1 nmi_watchdog=panic oops=panic load_ramdisk=2 prompt_ramdisk=0 console=ttyS0,115200 console=tty0 vga=normal rw ip=::::vm-lkp-wsx03-openwrt-i386-2::dhcp drbd.minor_count=8' -initrd /fs/sdc1/initrd-vm-lkp-wsx03-openwrt-i386-2 -m 192 -smp 1 -device e1000,netdev=net0 -netdev user,id=net0 -boot order=nc -no-reboot -watchdog i6300esb -rtc base=localtime -drive file=/fs/sdc1/disk0-vm-lkp-wsx03-openwrt-i386-2,media=disk,if=virtio -drive file=/fs/sdc1/disk1-vm-lkp-wsx03-openwrt-i386-2,media=disk,if=virtio -pidfile /dev/shm/kboot/pid-vm-lkp-wsx03-openwrt-i386-2 -serial file:/dev/shm/kboot/serial-vm-lkp-wsx03-openwrt-i386-2 -daemonize -display none -monitor null
Thanks,
Kernel Test Robot
View attachment "config-4.7.0-rc2-00014-g806ebc1" of type "text/plain" (91004 bytes)
Download attachment "dmesg.xz" of type "application/octet-stream" (14800 bytes)
Powered by blists - more mailing lists