lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1503996623.8323.20.camel@gmx.de>
Date:   Tue, 29 Aug 2017 10:50:23 +0200
From:   Mike Galbraith <efault@....de>
To:     Kees Cook <keescook@...omium.org>
Cc:     LKML <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>
Subject: tip -ENOBOOT - bisected to locking/refcounts, x86/asm: Implement
 fast refcount overflow protection

Greetings,

Take 2 of KVM bisect as you work fingered $subject.  Take 1 was stymied
by build dependencies (aa5d1b81, df340524) which I foolishly tried to
skip, leading git bisect to end up handing me a list of commits that
might be busted.  During take 2, I added those two as required.

Symptom is a few splats as below, with box finally hanging.  Network
comes up, but neither ssh nor console login is possible.

[    4.105048] ------------[ cut here ]------------
[    4.106072] WARNING: CPU: 4 PID: 0 at net/netlink/af_netlink.c:374 netlink_sock_destruct+0x82/0xa0
[    4.107969] Modules linked in: autofs4(E)
[    4.109328] CPU: 4 PID: 0 Comm: swapper/4 Tainted: G            E   4.13.0.g44e89e4-tip-default #27
[    4.111075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014
[    4.114119] task: ffff88018ee743c0 task.stack: ffffc90000cc0000
[    4.115481] RIP: 0010:netlink_sock_destruct+0x82/0xa0
[    4.116698] RSP: 0018:ffff880246103eb0 EFLAGS: 00010206
[    4.117997] RAX: 0000000000000300 RBX: ffff880236f1f000 RCX: 000077ff80000000
[    4.120657] RDX: 0000000000000001 RSI: 0000000000000246 RDI: 0000000000000246
[    4.123145] RBP: ffff880236f1f000 R08: 000400010000b630 R09: 0000b6290000b621
[    4.125139] R10: 000400010000b630 R11: 0000b6290000b621 R12: 0000000000000202
[    4.126866] R13: ffffffff81cf1440 R14: ffff88018ee743c0 R15: ffffffff815e0fd0
[    4.128731] FS:  0000000000000000(0000) GS:ffff880246100000(0000) knlGS:0000000000000000
[    4.130206] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    4.131581] CR2: 000055c7ab255df0 CR3: 0000000236fd9001 CR4: 00000000001606e0
[    4.133066] Call Trace:
[    4.133919]  <IRQ>
[    4.134836]  __sk_destruct+0x21/0x190
[    4.136016]  rcu_process_callbacks+0x23e/0x880
[    4.137050]  ? rebalance_domains+0x182/0x2b0
[    4.138050]  __do_softirq+0xc8/0x287
[    4.139174]  irq_exit+0xd5/0xe0
[    4.140252]  smp_apic_timer_interrupt+0x64/0x140
[    4.141880]  apic_timer_interrupt+0x96/0xa0
[    4.143290]  </IRQ>
[    4.144214] RIP: 0010:native_safe_halt+0x2/0x10
[    4.145990] RSP: 0018:ffffc90000cc3ed8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
[    4.147449] RAX: ffffffff816d4820 RBX: ffff88018ee743c0 RCX: 0000000000000000
[    4.148626] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[    4.151061] RBP: 0000000000000004 R08: 000000008e8d302a R09: 0000000000000000
[    4.153687] R10: 0000000000000006 R11: 0000000000000005 R12: ffff88018ee743c0
[    4.155587] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[    4.157462]  ? __sched_text_end+0x5/0x5
[    4.158869]  default_idle+0x18/0x110
[    4.160348]  do_idle+0x15e/0x1f0
[    4.161734]  cpu_startup_entry+0x5f/0x70
[    4.163211]  start_secondary+0x14c/0x180
[    4.164716]  secondary_startup_64+0xa5/0xa5
[    4.165730] Code: 00 00 85 c0 75 25 8b 83 44 01 00 00 85 c0 75 10 48 83 bb e0 02 00 00 00 75 02 5b c3 0f ff 5b c3 0f ff 0f 1f 80 00 00 00 00 eb e5 <0f> ff eb d7 48 89 de 48 c7 c7 e0 e6 ab 81 31 c0 5b e9 25 ca af 
[    4.168787] ---[ end trace 79aa32f0718d3fc7 ]---

git bisect start
# good: [9c3a815f471a84811cf8021cf64aae3b8081dfde] page waitqueue: always add new entries at the end
git bisect good 9c3a815f471a84811cf8021cf64aae3b8081dfde
# bad: [44e89e4e15d60159fc09e8f1cbbcd952729edef7] Merge branch 'WIP.x86/fpu'
git bisect bad 44e89e4e15d60159fc09e8f1cbbcd952729edef7
# good: [702e97621ec7e7a36034ebd7a446af04f59d6dee] Merge tag 'for-linus' of git://linux-c6x.org/git/projects/linux-c6x-upstreaming
git bisect good 702e97621ec7e7a36034ebd7a446af04f59d6dee
# bad: [4318414db869639c928a4ffc100585efbb5552a9] Merge branch 'locking/core'
git bisect bad 4318414db869639c928a4ffc100585efbb5552a9
# good: [438a13906508d7453ee93ff3afe25ef72b99140d] Merge branch 'efi/core'
git bisect good 438a13906508d7453ee93ff3afe25ef72b99140d
# bad: [e26f34a407aec9c65bce2bc0c838fabe4f051fc6] locking/lockdep: Make CONFIG_LOCKDEP_CROSSRELEASE and CONFIG_LOCKDEP_COMPLETIONS truly non-interactive
git bisect bad e26f34a407aec9c65bce2bc0c838fabe4f051fc6
# good: [d89e588ca4081615216cc25f2489b0281ac0bfe9] locking: Introduce smp_mb__after_spinlock()
git bisect good d89e588ca4081615216cc25f2489b0281ac0bfe9
# good: [383a4bc88849b804385162e81bf704f8f9690a87] locking/lockdep: Make print_circular_bug() aware of crossrelease
git bisect good 383a4bc88849b804385162e81bf704f8f9690a87
# good: [907dc16d7e23ec81a126c9585435494fa1b3a4b7] locking/lockdep: Fix the rollback and overwrite detection logic in crossrelease
git bisect good 907dc16d7e23ec81a126c9585435494fa1b3a4b7
# bad: [0f0a22260d613b4ee3f483ee1ea6fa27f92a9e40] locking/lockdep: Reword title of LOCKDEP_CROSSRELEASE config
git bisect bad 0f0a22260d613b4ee3f483ee1ea6fa27f92a9e40
# bad: [d0541b0fa64b36665d6261079974a26943c75009] locking/lockdep: Make CONFIG_LOCKDEP_CROSSRELEASE part of CONFIG_PROVE_LOCKING
git bisect bad d0541b0fa64b36665d6261079974a26943c75009
# bad: [7a46ec0e2f4850407de5e1d19a44edee6efa58ec] locking/refcounts, x86/asm: Implement fast refcount overflow protection
git bisect bad 7a46ec0e2f4850407de5e1d19a44edee6efa58ec
# first bad commit: [7a46ec0e2f4850407de5e1d19a44edee6efa58ec] locking/refcounts, x86/asm: Implement fast refcount overflow protection

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ