| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <578026a5.Zfp6/fPciv/z5+PS%xiaolong.ye@intel.com>
Date: Sat, 09 Jul 2016 06:18:13 +0800
From: kernel test robot <xiaolong.ye@...el.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: lkp@...org, Andy Lutomirski <luto@...capital.net>,
LKML <linux-kernel@...r.kernel.org>
Subject: [[DEBUG] force] 629497fc8a: double fault: 0000 [#1] KASAN
FYI, we noticed the following commit:
https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git x86/vmap_stack
commit 629497fc8a8bad1842904a277fefee44d5824cd8 ("[DEBUG] force-enable CONFIG_VMAP_STACK")
in testcase: boot
on test machine: 2 threads qemu-system-x86_64 -enable-kvm -cpu Nehalem with 320M memory
caused below changes:
+------------------------------------------+------------+------------+
| | 5775332c32 | 629497fc8a |
+------------------------------------------+------------+------------+
| boot_successes | 6 | 0 |
| boot_failures | 0 | 8 |
| double_fault:#[##]KASAN | 0 | 8 |
| RIP:async_page_fault | 0 | 8 |
| BUG:KASAN:null-ptr-deref_on_address | 0 | 8 |
| BUG:unable_to_handle_kernel | 0 | 8 |
| Oops | 0 | 8 |
| RIP:vmalloc_fault | 0 | 8 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 8 |
+------------------------------------------+------------+------------+
[ 0.513564] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[ 0.514548] CPU: Intel Core i7 9xx (Nehalem Class Core i7) (family: 0x6, model: 0x1a, stepping: 0x3)
[ 0.525023] ftrace: allocating 19482 entries in 77 pages
[ 0.595527] double fault: 0000 [#1] KASAN
[ 0.596267] Modules linked in:
[ 0.596807] CPU: 0 PID: 0 Comm: swapper Not tainted 4.7.0-rc4-00259-g629497f #1
[ 0.597988] task: ffffffff8241d980 task.stack: ffffffff82400000
[ 0.599005] RIP: 0010:[<ffffffff81aedc7d>] [<ffffffff81aedc7d>] async_page_fault+0xd/0x30
[ 0.600372] RSP: 0000:ffffc90000017f98 EFLAGS: 00010083
[ 0.601241] RAX: fffff5200000300e RBX: 1ffff9200000300e RCX: 000000000000000b
[ 0.602428] RDX: fffff5200000306c RSI: 000000000000000e RDI: ffffc90000018288
[ 0.603594] RBP: ffffc900000180f8 R08: 0000000000030001 R09: fffffbfff055e96c
[ 0.604724] R10: ffffffff82af4b67 R11: fffffbfff055e96d R12: ffffc90000018288
[ 0.605904] R13: ffffffff8241d980 R14: 0000000000000000 R15: 0000000000000002
[ 0.607051] FS: 0000000000000000(0000) GS:ffffffff82473000(0000) knlGS:0000000000000000
[ 0.608342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.609306] CR2: ffffc90000017f88 CR3: 0000000002415000 CR4: 00000000000006f0
[ 0.610455] Stack:
[ 0.610821] ==================================================================
[ 0.611987] BUG: KASAN: null-ptr-deref on address 0000000000000040
[ 0.613010] Read of size 8 by task swapper/0
[ 0.613722] CPU: 0 PID: 0 Comm: swapper Not tainted 4.7.0-rc4-00259-g629497f #1
[ 0.614894] 0000000000000000 ffffffff8240ab10 ffffffff81567c78 ffffffff8240aba0
[ 0.616243] ffffffff8138933c 0000000000000002 ffffffff83c054a0 1ffffffff0481569
[ 0.617548] 0000000000000082 ffffffff81095450 0000000000000000 ffffffff82229bf8
[ 0.618855] Call Trace:
[ 0.619322] <#DF> [<ffffffff81567c78>] dump_stack+0x19/0x21
[ 0.620300] [<ffffffff8138933c>] kasan_report+0x17c/0x6b0
[ 0.621196] [<ffffffff81095450>] ? vmalloc_fault+0xd0/0x880
[ 0.622132] [<ffffffff817857b0>] ? serial8250_startup+0x70/0x70
[ 0.623157] [<ffffffff81388664>] __asan_load8+0x64/0x70
[ 0.624034] [<ffffffff81095450>] vmalloc_fault+0xd0/0x880
[ 0.624921] [<ffffffff8138899f>] ? __asan_loadN+0xf/0x20
[ 0.625854] [<ffffffff81098246>] __do_page_fault+0x116/0xf10
[ 0.626793] [<ffffffff8138899f>] ? __asan_loadN+0xf/0x20
[ 0.627692] [<ffffffff812635e9>] ? ftrace_likely_update+0x49/0x70
[ 0.628722] [<ffffffff8138899f>] ? __asan_loadN+0xf/0x20
[ 0.629639] [<ffffffff810992cb>] trace_do_page_fault+0x22b/0x370
[ 0.630637] [<ffffffff8108eebe>] do_async_page_fault+0x6e/0xb0
[ 0.631612] [<ffffffff81aedc98>] async_page_fault+0x28/0x30
[ 0.632589] [<ffffffff81587d5c>] ? copy_user_generic_string+0x2c/0x40
[ 0.633662] [<ffffffff812e2611>] ? __probe_kernel_read+0x81/0x140
[ 0.634667] [<ffffffff8103f266>] show_stack_log_lvl+0x156/0x230
[ 0.635685] [<ffffffff8103f3c7>] show_regs+0x87/0x1f0
[ 0.636536] [<ffffffff81040166>] __die+0xa6/0xf0
[ 0.637314] [<ffffffff8104020f>] die+0x5f/0x90
[ 0.638059] [<ffffffff8103c731>] do_double_fault+0xf1/0x100
[ 0.639039] [<ffffffff81aed8fd>] double_fault+0x2d/0x40
[ 0.639916] [<ffffffff81aedc7d>] ? async_page_fault+0xd/0x30
[ 0.640852] <<EOE>> <UNK>
[ 0.641330] ==================================================================
[ 0.642597] BUG: unable to handle kernel NULL pointer dereference at 0000000000000040
[ 0.643903] IP: [<ffffffff81095457>] vmalloc_fault+0xd7/0x880
[ 0.644870] PGD 0
[ 0.645238] Oops: 0000 [#2] KASAN
[ 0.645836] Modules linked in:
[ 0.646372] CPU: 0 PID: 0 Comm: swapper Tainted: G B 4.7.0-rc4-00259-g629497f #1
[ 0.647727] task: ffffffff8241d980 task.stack: ffffffff82400000
[ 0.648703] RIP: 0010:[<ffffffff81095457>] [<ffffffff81095457>] vmalloc_fault+0xd7/0x880
[ 0.650085] RSP: 0000:ffffffff8240abc0 EFLAGS: 00010086
[ 0.650958] RAX: ffffffff8241d980 RBX: 0000000000000000 RCX: ffffffff811832e6
[ 0.652107] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffffff8276d5a0
[ 0.652943] RBP: ffffffff8240ac08 R08: fffffbfff0564576 R09: fffffbfff0564575
[ 0.653593] R10: ffffffff82b22baf R11: fffffbfff0564576 R12: 0000000000000c90
[ 0.654248] R13: 0000000000000c90 R14: ffffc90000017f98 R15: 0000000000000000
[ 0.654901] FS: 0000000000000000(0000) GS:ffffffff82473000(0000) knlGS:0000000000000000
[ 0.655647] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.656196] CR2: 0000000000000040 CR3: 0000000002415000 CR4: 00000000000006f0
[ 0.656851] Stack:
[ 0.657047] ffffffff82a60588 ffffffff8240abd8 ffffffff8138899f ffffffff8240ac08
[ 0.657781] ffffc90000017f98 0000000000000000 0000000000000003 0000000000000000
[ 0.658524] 0000000000000000 ffffffff8240aca0 ffffffff81098246 ffffffff8138899f
[ 0.659297] Call Trace:
[ 0.659540] <#DF>
[ 0.659737] [<ffffffff8138899f>] ? __asan_loadN+0xf/0x20
[ 0.660263] [<ffffffff81098246>] __do_page_fault+0x116/0xf10
[ 0.660808] [<ffffffff8138899f>] ? __asan_loadN+0xf/0x20
[ 0.661303] [<ffffffff812635e9>] ? ftrace_likely_update+0x49/0x70
[ 0.661889] [<ffffffff8138899f>] ? __asan_loadN+0xf/0x20
[ 0.662436] [<ffffffff810992cb>] trace_do_page_fault+0x22b/0x370
[ 0.663011] [<ffffffff8108eebe>] do_async_page_fault+0x6e/0xb0
[ 0.663568] [<ffffffff81aedc98>] async_page_fault+0x28/0x30
[ 0.664089] [<ffffffff81587d5c>] ? copy_user_generic_string+0x2c/0x40
[ 0.664695] [<ffffffff812e2611>] ? __probe_kernel_read+0x81/0x140
[ 0.665258] [<ffffffff8103f266>] show_stack_log_lvl+0x156/0x230
[ 0.665851] [<ffffffff8103f3c7>] show_regs+0x87/0x1f0
[ 0.666323] [<ffffffff81040166>] __die+0xa6/0xf0
[ 0.666774] [<ffffffff8104020f>] die+0x5f/0x90
[ 0.667196] [<ffffffff8103c731>] do_double_fault+0xf1/0x100
[ 0.667725] [<ffffffff81aed8fd>] double_fault+0x2d/0x40
[ 0.668215] [<ffffffff81aedc7d>] ? async_page_fault+0xd/0x30
[ 0.668756] <<EOE>>
[ 0.668957] <UNK> Code: ff 49 c1 ec 24 e8 ca 31 2f 00 48 8b 9b b8 02 00 00 41 81 e4 f8 0f 00 00 4d 89 e5 48 8d 7b 40 e8 b0 31 2f 00 48 c7 c7 a0 d5 76 82 <4c> 03 6b 40 e8 a0 31 2f 00 4c 03 25 39 81 6d 01 4c 89 e7 e8 91
[ 0.671828] RIP [<ffffffff81095457>] vmalloc_fault+0xd7/0x880
[ 0.672412] RSP <ffffffff8240abc0>
[ 0.672748] CR2: 0000000000000040
[ 0.673072] ---[ end trace 0d51cba7bc86275c ]---
[ 0.673506] Kernel panic - not syncing: Fatal exception
FYI, raw QEMU command line is:
qemu-system-x86_64 -enable-kvm -cpu Nehalem -kernel /pkg/linux/x86_64-randconfig-s4-06300346/gcc-6/629497fc8a8bad1842904a277fefee44d5824cd8/vmlinuz-4.7.0-rc4-00259-g629497f -append 'root=/dev/ram0 user=lkp job=/lkp/scheduled/vm-intel12-yocto-x86_64-3/bisect_boot-1-yocto-minimal-x86_64.cgz-x86_64-randconfig-s4-06300346-629497fc8a8bad1842904a277fefee44d5824cd8-20160709-62277-1ppm030-0.yaml ARCH=x86_64 kconfig=x86_64-randconfig-s4-06300346 branch=luto/x86/vmap_stack commit=629497fc8a8bad1842904a277fefee44d5824cd8 BOOT_IMAGE=/pkg/linux/x86_64-randconfig-s4-06300346/gcc-6/629497fc8a8bad1842904a277fefee44d5824cd8/vmlinuz-4.7.0-rc4-00259-g629497f max_uptime=600 RESULT_ROOT=/result/boot/1/vm-intel12-yocto-x86_64/yocto-minimal-x86_64.cgz/x86_64-randconfig-s4-06300346/gcc-6/629497fc8a8bad1842904a277fefee44d5824cd8/0 LKP_SERVER=inn earlyprintk=ttyS0,115200 systemd.log_level=err debug apic=debug sysrq_always_enabled rcupdate.rcu_cpu_stall_timeout=100 panic=-1 softlockup_panic=1 nmi_watchdog=panic oops=panic load_ramdisk=2 prompt_ramdisk=0 console=ttyS0,115200 console=tty0 vga=normal rw ip=::::vm-intel12-yocto-x86_64-3::dhcp drbd.minor_count=8' -initrd /fs/KVM/initrd-vm-intel12-yocto-x86_64-3 -m 320 -smp 2 -device e1000,netdev=net0 -netdev user,id=net0 -boot order=nc -no-reboot -watchdog i6300esb -rtc base=localtime -drive file=/fs/KVM/disk0-vm-intel12-yocto-x86_64-3,media=disk,if=virtio -drive file=/fs/KVM/disk1-vm-intel12-yocto-x86_64-3,media=disk,if=virtio -pidfile /dev/shm/kboot/pid-vm-intel12-yocto-x86_64-3 -serial file:/dev/shm/kboot/serial-vm-intel12-yocto-x86_64-3 -daemonize -display none -monitor null
Thanks,
Kernel Test Robot
View attachment "config-4.7.0-rc4-00259-g629497f" of type "text/plain" (81840 bytes)
Download attachment "dmesg.xz" of type "application/octet-stream" (4936 bytes)
Powered by blists - more mailing lists