lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170327043617.GC17604@yexl-desktop>
Date:   Mon, 27 Mar 2017 12:36:17 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     Jan Kara <jack@...e.cz>
Cc:     Amir Goldstein <amir73il@...il.com>,
        LKML <linux-kernel@...r.kernel.org>, Jan Kara <jack@...e.com>,
        lkp@...org
Subject: [lkp-robot] [fsnotify]  0ee0efcf7c:
 kernel_BUG_at_fs/notify/inotify/inotify_user.c


FYI, we noticed the following commit:

commit: 0ee0efcf7c7968fb045454f621b5681e94b2c288 ("fsnotify: Move queueing of mark for destruction into fsnotify_put_mark()")
https://git.kernel.org/cgit/linux/kernel/git/jack/linux-fs.git for_testing

in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -smp 2 -m 512M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+------------------------------------------------+------------+------------+
|                                                | 58c5cae6d5 | 0ee0efcf7c |
+------------------------------------------------+------------+------------+
| boot_successes                                 | 602        | 594        |
| boot_failures                                  | 0          | 12         |
| kernel_BUG_at_fs/notify/inotify/inotify_user.c | 0          | 12         |
| invalid_opcode:#[##]                           | 0          | 12         |
| EIP:inotify_remove_from_idr                    | 0          | 12         |
| Kernel_panic-not_syncing:Fatal_exception       | 0          | 12         |
+------------------------------------------------+------------+------------+



[  330.941460] kernel BUG at fs/notify/inotify/inotify_user.c:454!
[  330.942422] invalid opcode: 0000 [#1] SMP
[  330.942884] Modules linked in:
[  330.943531] CPU: 1 PID: 2301 Comm: ps Not tainted 4.11.0-rc2-00019-g0ee0efc #1
[  330.944465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[  330.945803] task: de378100 task.stack: db7ec000
[  330.946417] EIP: inotify_remove_from_idr+0xff/0x13a
[  330.947114] EFLAGS: 00010202 CPU: 1
[  330.947668] EAX: 0000004c EBX: dabfd4b0 ECX: df0f1d18 EDX: df0ecee4
[  330.948521] ESI: dabfd4b0 EDI: dccbbb00 EBP: db7ede60 ESP: db7ede38
[  330.949278]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[  330.949950] CR0: 80050033 CR2: b7713540 CR3: 1cc4f000 CR4: 000006d0
[  330.950772] DR0: b6945000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[  330.951652] DR6: ffff0ff0 DR7: 00000600
[  330.952182] Call Trace:
[  330.952474]  inotify_ignored_and_remove_idr+0x2c/0x46
[  330.953143]  inotify_freeing_mark+0x8/0xa
[  330.953740]  fsnotify_free_mark+0x42/0x47
[  330.954234]  fsnotify_destroy_mark+0x2b/0x2f
[  330.954789]  inotify_handle_event+0xc4/0xcd
[  330.955295]  fsnotify+0x24d/0x2d8
[  330.955780]  do_sys_open+0xa9/0xc7
[  330.956341]  SyS_open+0x18/0x1a
[  330.956788]  do_int80_syscall_32+0x45/0x57
[  330.957390]  entry_INT80_32+0x2a/0x2a
[  330.957809] EIP: 0xb76d0305
[  330.958162] EFLAGS: 00000282 CPU: 1
[  330.958615] EAX: ffffffda EBX: bf83d127 ECX: 00008000 EDX: 00000000
[  330.959579] ESI: 00000000 EDI: 00000000 EBP: bf83d104 ESP: bf83d0d8
[  330.960424]  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b
[  330.961246] Code: 87 c1 01 e8 75 10 f3 ff 83 c4 28 eb 37 8b 43 04 83 f8 02 7f 18 ff 73 08 ff 73 4c 53 68 60 27 4f c1 68 a8 75 78 c1 e8 38 3f fa ff <0f> 0b 8b 55 f0 8d 87 e0 00 00 00 31 c9 e8 38 8a 06 00 89 d8 e8
[  330.963728] EIP: inotify_remove_from_idr+0xff/0x13a SS:ESP: 0068:db7ede38
[  330.964755] ---[ end trace 1a8558f20d1546cf ]---


To reproduce:

        git clone https://github.com/01org/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.11.0-rc2-00019-g0ee0efc" of type "text/plain" (106462 bytes)

View attachment "job-script" of type "text/plain" (3725 bytes)

Download attachment "dmesg.xz" of type "application/octet-stream" (12232 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ