lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 6 Dec 2017 17:31:35 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     syzbot 
        <bot+2e39c7a45268c036c9e90433a48c9dd550276dc6@...kaller.appspotmail.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...hat.com>, syzkaller-bugs@...glegroups.com
Subject: Re: general protection fault in lockdep_invariant_state (2)

On Wed, Dec 6, 2017 at 5:30 PM, Peter Zijlstra <peterz@...radead.org> wrote:
> On Wed, Dec 06, 2017 at 04:54:17PM +0100, Dmitry Vyukov wrote:
>> On Wed, Nov 29, 2017 at 1:00 PM, Dmitry Vyukov <dvyukov@...gle.com> wrote:
>> > On Mon, Nov 20, 2017 at 2:28 PM, Dmitry Vyukov <dvyukov@...gle.com> wrote:
>> >>>> > R13: 0000000000402260 R14: 00000000004022f0 R15: 0000000000000000
>> >>>> > kasan: CONFIG_KASAN_INLINE enabled
>> >>>> > kasan: GPF could be caused by NULL-ptr deref or user memory access
>> >>>> > general protection fault: 0000 [#1] SMP KASAN
>> >>>> > Dumping ftrace buffer:
>> >>>> >    (ftrace buffer empty)
>> >>>> > Modules linked in:
>> >>>> > CPU: 3 PID: 2982 Comm: syzkaller521009 Not tainted 4.14.0-rc7-next-20171103+
>> >>>> > #10
>> >>>> > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
>> >>>> > task: ffff88003d6b25c0 task.stack: ffff88003abd0000
>> >>>> > RIP: 0010:invalidate_xhlock kernel/locking/lockdep.c:4719 [inline]
>> >>>> > RIP: 0010:lockdep_invariant_state+0xd6/0x120 kernel/locking/lockdep.c:4793
>> >>>
>> >>>
>> >>> Does this help?
>> >>>
>> >>> diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c
>> >>> index db933d063bfc..da2904418599 100644
>> >>> --- a/kernel/locking/lockdep.c
>> >>> +++ b/kernel/locking/lockdep.c
>> >>> @@ -4793,7 +4793,8 @@ void lockdep_invariant_state(bool force)
>> >>>          * Verify the former, enforce the latter.
>> >>>          */
>> >>>         WARN_ON_ONCE(!force && current->lockdep_depth);
>> >>> -       invalidate_xhlock(&xhlock(current->xhlock_idx));
>> >>> +       if (current->xhlocks)
>> >>> +               invalidate_xhlock(&xhlock(current->xhlock_idx));
>> >>>  }
>> >>>
>> >>>  static int cross_lock(struct lockdep_map *lock)
>> >>
>> >>
>> >> Hi Peter,
>> >>
>> >> We are not able to test all fixes for all bugs, but we are rolling out
>> >> a patch testing feature for syzbot:
>> >>
>> >> https://github.com/google/syzkaller/blob/master/docs/syzbot.md#communication-with-syzbot
>> >>
>> >> Please give it a try!
>> >
>> >
>> > Peter, ping.
>> > This still happens. Please either submit the fix if you already tested
>> > it, or test using syzbot and submit.
>>
>>
>> Peter, do you want me to mail your patch?
>
> Urgh, sorry, got stuck doing KAISER muck. I'll go write up a proper
> patch.

Thanks!

Powered by blists - more mailing lists