lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACT4Y+Z3MtUaP-ZNEeM4eA84xYHEjOJ0c0+OAZK5vRP=xsVabw@mail.gmail.com> Date: Thu, 7 Dec 2017 09:07:49 +0100 From: Dmitry Vyukov <dvyukov@...gle.com> To: Peter Zijlstra <peterz@...radead.org> Cc: syzbot <bot+2e39c7a45268c036c9e90433a48c9dd550276dc6@...kaller.appspotmail.com>, LKML <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...hat.com>, syzkaller-bugs@...glegroups.com Subject: Re: general protection fault in lockdep_invariant_state (2) On Wed, Dec 6, 2017 at 5:31 PM, Dmitry Vyukov <dvyukov@...gle.com> wrote: >>> >>>> > R13: 0000000000402260 R14: 00000000004022f0 R15: 0000000000000000 >>> >>>> > kasan: CONFIG_KASAN_INLINE enabled >>> >>>> > kasan: GPF could be caused by NULL-ptr deref or user memory access >>> >>>> > general protection fault: 0000 [#1] SMP KASAN >>> >>>> > Dumping ftrace buffer: >>> >>>> > (ftrace buffer empty) >>> >>>> > Modules linked in: >>> >>>> > CPU: 3 PID: 2982 Comm: syzkaller521009 Not tainted 4.14.0-rc7-next-20171103+ >>> >>>> > #10 >>> >>>> > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 >>> >>>> > task: ffff88003d6b25c0 task.stack: ffff88003abd0000 >>> >>>> > RIP: 0010:invalidate_xhlock kernel/locking/lockdep.c:4719 [inline] >>> >>>> > RIP: 0010:lockdep_invariant_state+0xd6/0x120 kernel/locking/lockdep.c:4793 >>> >>> >>> >>> >>> >>> Does this help? >>> >>> >>> >>> diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c >>> >>> index db933d063bfc..da2904418599 100644 >>> >>> --- a/kernel/locking/lockdep.c >>> >>> +++ b/kernel/locking/lockdep.c >>> >>> @@ -4793,7 +4793,8 @@ void lockdep_invariant_state(bool force) >>> >>> * Verify the former, enforce the latter. >>> >>> */ >>> >>> WARN_ON_ONCE(!force && current->lockdep_depth); >>> >>> - invalidate_xhlock(&xhlock(current->xhlock_idx)); >>> >>> + if (current->xhlocks) >>> >>> + invalidate_xhlock(&xhlock(current->xhlock_idx)); >>> >>> } >>> >>> >>> >>> static int cross_lock(struct lockdep_map *lock) >>> >> >>> >> >>> >> Hi Peter, >>> >> >>> >> We are not able to test all fixes for all bugs, but we are rolling out >>> >> a patch testing feature for syzbot: >>> >> >>> >> https://github.com/google/syzkaller/blob/master/docs/syzbot.md#communication-with-syzbot >>> >> >>> >> Please give it a try! >>> > >>> > >>> > Peter, ping. >>> > This still happens. Please either submit the fix if you already tested >>> > it, or test using syzbot and submit. >>> >>> >>> Peter, do you want me to mail your patch? >> >> Urgh, sorry, got stuck doing KAISER muck. I'll go write up a proper >> patch. > > Thanks! I see the patch is landed in tip. Please also follow this part: > syzbot will keep track of this bug report. > Once a fix for this bug is committed, please reply to this email with: > #syz fix: exact-commit-title > Note: all commands must start from beginning of the line. This will greatly help to keep the process running.
Powered by blists - more mailing lists