| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5b5f94c9.aY3c5w5Uv4pZ9JB7%lkp@intel.com>
Date: Tue, 31 Jul 2018 06:44:25 +0800
From: kernel test robot <lkp@...el.com>
To: Pavel Tatashin <pasha.tatashin@...cle.com>
Cc: LKP <lkp@...org>, linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: e181ae0c5d ("mm: zero unavailable pages before memmap init"):
BUG: unable to handle kernel NULL pointer dereference at 00000000
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
commit e181ae0c5db9544de9c53239eb22bc012ce75033
Author: Pavel Tatashin <pasha.tatashin@...cle.com>
AuthorDate: Sat Jul 14 09:15:07 2018 -0400
Commit: Linus Torvalds <torvalds@...ux-foundation.org>
CommitDate: Sat Jul 14 11:02:20 2018 -0700
mm: zero unavailable pages before memmap init
We must zero struct pages for memory that is not backed by physical
memory, or kernel does not have access to.
Recently, there was a change which zeroed all memmap for all holes in
e820. Unfortunately, it introduced a bug that is discussed here:
https://www.spinics.net/lists/linux-mm/msg156764.html
Linus, also saw this bug on his machine, and confirmed that reverting
commit 124049decbb1 ("x86/e820: put !E820_TYPE_RAM regions into
memblock.reserved") fixes the issue.
The problem is that we incorrectly zero some struct pages after they
were setup.
The fix is to zero unavailable struct pages prior to initializing of
struct pages.
A more detailed fix should come later that would avoid double zeroing
cases: one in __init_single_page(), the other one in
zero_resv_unavail().
Fixes: 124049decbb1 ("x86/e820: put !E820_TYPE_RAM regions into memblock.reserved")
Signed-off-by: Pavel Tatashin <pasha.tatashin@...cle.com>
Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org>
2db39a2f49 Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
e181ae0c5d mm: zero unavailable pages before memmap init
+-----------------------------------------------------------------------------------+------------+------------+
| | 2db39a2f49 | e181ae0c5d |
+-----------------------------------------------------------------------------------+------------+------------+
| boot_successes | 15 | 0 |
| boot_failures | 8 | 48 |
| Mem-Info | 7 | |
| BUG:sleeping_function_called_from_invalid_context_at_include/linux/percpu-rwsem.h | 1 | |
| BUG:unable_to_handle_kernel | 0 | 48 |
| Oops:#[##] | 0 | 48 |
| EIP:zero_resv_unavail | 0 | 48 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 48 |
| Kernel_panic-not_syncing:Fatal_exception] | 0 | 48 |
+-----------------------------------------------------------------------------------+------------+------------+
[ 0.000000] HighMem empty
[ 0.000000] Movable zone start for each node
[ 0.000000] Early memory node ranges
[ 0.000000] node 0: [mem 0x0000000000001000-0x000000000009efff]
[ 0.000000] node 0: [mem 0x0000000000100000-0x00000000127dffff]
[ 0.000000] BUG: unable to handle kernel NULL pointer dereference at 00000000
[ 0.000000] *pde = 00000000
[ 0.000000] Oops: 0002 [#1]
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.18.0-rc4-00148-ge181ae0 #2
[ 0.000000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 0.000000] EIP: zero_resv_unavail+0x8b/0xde
[ 0.000000] Code: 3b 55 e0 76 2f 8b 55 e0 81 e2 00 fc ff ff 3b 15 a8 97 a9 7a 73 19 6b 55 e0 24 03 15 a4 97 a9 7a b9 09 00 00 00 89 d7 83 c3 01 <f3> ab 83 d6 00 ff 45 e0 eb c0 8d 45 e8 6a 00 50 8d 45 e4 50 31 c9
[ 0.000000] EAX: 00000000 EBX: 00000001 ECX: 00000009 EDX: 00000000
[ 0.000000] ESI: 00000000 EDI: 00000000 EBP: 7a241ebc ESP: 7a241e9c
[ 0.000000] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS: 00210002
[ 0.000000] CR0: 80050033 CR2: 00000000 CR3: 02497000 CR4: 00000690
[ 0.000000] Call Trace:
[ 0.000000] ? free_area_init_nodes+0x423/0x457
[ 0.000000] ? pmd_page_vaddr+0xb/0x2c
[ 0.000000] ? zone_sizes_init+0x3b/0x3d
[ 0.000000] ? paging_init+0x83/0x86
[ 0.000000] ? native_pagetable_init+0x7c/0x11c
[ 0.000000] ? setup_arch+0x8d1/0x993
[ 0.000000] ? start_kernel+0x50/0x3a8
[ 0.000000] ? i386_start_kernel+0x97/0x9b
[ 0.000000] ? startup_32_smp+0x15f/0x170
[ 0.000000] CR2: 0000000000000000
[ 0.000000] random: get_random_bytes called from init_oops_id+0x28/0x3f with crng_init=0
[ 0.000000] ---[ end trace 125fd0d953e92c7b ]---
[ 0.000000] EIP: zero_resv_unavail+0x8b/0xde
# HH:MM RESULT GOOD BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation
Download attachment "dmesg-openwrt-lkp-nhm-dp2-13:20180730212429:i386-randconfig-n0-201830:4.18.0-rc4-00148-ge181ae0:2.gz" of type "application/gzip" (3024 bytes)
Download attachment "dmesg-yocto-ivb41-103:20180730215353:i386-randconfig-n0-201830:4.18.0-rc4-00147-g2db39a2:1.gz" of type "application/gzip" (49124 bytes)
View attachment "reproduce-openwrt-lkp-nhm-dp2-13:20180730212429:i386-randconfig-n0-201830:4.18.0-rc4-00148-ge181ae0:2" of type "text/plain" (753 bytes)
View attachment "config-4.18.0-rc4-00148-ge181ae0" of type "text/plain" (130775 bytes)
Powered by blists - more mailing lists