| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180823025118.GD13343@shao2-debian>
Date: Thu, 23 Aug 2018 10:51:18 +0800
From: kernel test robot <rong.a.chen@...el.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Andy Lutomirski <luto@...capital.net>, lkp@...org
Subject: [lkp-robot] [x86] 19efe000d3: PANIC:double_fault
FYI, we noticed the following commit (built with gcc-5):
commit: 19efe000d3258032d9a1dfb25313a092f9454da0 ("x86: Remap the IRQ stack so it has guard pages")
https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git x86/guard_pages
in testcase: trinity
with following parameters:
runtime: 300s
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-x86_64 -enable-kvm -cpu IvyBridge -m 420M
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+------------------------------------------------------------------+------------+------------+
| | 0d997f71d5 | 19efe000d3 |
+------------------------------------------------------------------+------------+------------+
| boot_successes | 6 | 0 |
| boot_failures | 5 | 32 |
| invoked_oom-killer:gfp_mask=0x | 5 | |
| Mem-Info | 5 | |
| Out_of_memory:Kill_process | 3 | |
| Kernel_panic-not_syncing:Out_of_memory_and_no_killable_processes | 3 | |
| RIP:__put_user_4 | 1 | |
| PANIC:double_fault | 0 | 32 |
| RIP:trace_hardirqs_off_thunk | 0 | 32 |
| Kernel_panic-not_syncing:Machine_halted | 0 | 32 |
| WARNING:kernel_stack | 0 | 32 |
+------------------------------------------------------------------+------------+------------+
[ 0.004000] memory used by lock dependency info: 7871 kB
[ 0.004000] per task-struct memory footprint: 2688 bytes
[ 0.004000] ACPI: Core revision 20180531
[ 0.004000] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
[ 0.004000] hpet clockevent registered
[ 0.004000] PANIC: double fault, error_code: 0x0
[ 0.004000] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.18.0-rc4-00074-g19efe000 #2
[ 0.004000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 0.004000] RIP: 0010:trace_hardirqs_off_thunk+0xb/0x1c
[ 0.004000] Code: 5f 5d c3 55 48 89 e5 57 56 52 51 50 41 50 41 51 41 52 41 53 48 8b 7d 08 e8 f5 4e 2b 00 eb 34 55 48 89 e5 57 56 52 51 50 41 50 <41> 51 41 52 41 53 48 8b 7d 08 e8 eb 52 2b 00 eb 18 55 48 89 e5 57
[ 0.004000] RSP: 0000:ffffc90000000000 EFLAGS: 00010087
[ 0.004000] RAX: 0000000082800a97 RBX: 0000000000000001 RCX: ffffffff82800a97
[ 0.004000] RDX: 0000000000000000 RSI: ffffffff82800f68 RDI: ffffffff83678c68
[ 0.004000] RBP: ffffc90000000030 R08: 0000000000000000 R09: 0000000000000000
[ 0.004000] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 0.004000] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 0.004000] FS: 0000000000000000(0000) GS:ffff880013400000(0000) knlGS:0000000000000000
[ 0.004000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.004000] CR2: ffffc8fffffffff8 CR3: 000000000366e000 CR4: 00000000000406b0
[ 0.004000] Call Trace:
[ 0.004000] Kernel panic - not syncing: Machine halted.
[ 0.004000] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.18.0-rc4-00074-g19efe000 #2
[ 0.004000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 0.004000] Call Trace:
[ 0.004000] <#DF>
[ 0.004000] dump_stack+0x9b/0xe7
[ 0.004000] panic+0x1ad/0x325
[ 0.004000] ? refcount_error_report+0x267/0x267
[ 0.004000] df_debug+0x32/0x32
[ 0.004000] do_double_fault+0x1b3/0x1c7
[ 0.004000] double_fault+0x23/0x30
[ 0.004000] RIP: 0010:trace_hardirqs_off_thunk+0xb/0x1c
[ 0.004000] Code: 5f 5d c3 55 48 89 e5 57 56 52 51 50 41 50 41 51 41 52 41 53 48 8b 7d 08 e8 f5 4e 2b 00 eb 34 55 48 89 e5 57 56 52 51 50 41 50 <41> 51 41 52 41 53 48 8b 7d 08 e8 eb 52 2b 00 eb 18 55 48 89 e5 57
[ 0.004000] RSP: 0000:ffffc90000000000 EFLAGS: 00010087
[ 0.004000] RAX: 0000000082800a97 RBX: 0000000000000001 RCX: ffffffff82800a97
[ 0.004000] RDX: 0000000000000000 RSI: ffffffff82800f68 RDI: ffffffff83678c68
[ 0.004000] RBP: ffffc90000000030 R08: 0000000000000000 R09: 0000000000000000
[ 0.004000] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 0.004000] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 0.004000] ? native_iret+0x7/0x7
[ 0.004000] ? async_page_fault+0x8/0x30
[ 0.004000] WARNING: kernel stack regs at (____ptrval____) in swapper/0:0 has bad 'bp' value (____ptrval____)
[ 0.004000] unwind stack type:0 next_sp:(____ptrval____) mask:0x20 graph_idx:0
[ 0.004000] (____ptrval____): fffffe0000008e00 (0xfffffe0000008e00)
[ 0.004000] (____ptrval____): ffffffff81045a52 (show_trace_log_lvl+0x1ec/0x2c8)
[ 0.004000] (____ptrval____): ffffffff82800f68 (async_page_fault+0x8/0x30)
[ 0.004000] (____ptrval____): fffffe0000008fd8 (0xfffffe0000008fd8)
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
lkp
View attachment "config-4.18.0-rc4-00074-g19efe000" of type "text/plain" (127681 bytes)
View attachment "job-script" of type "text/plain" (4052 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (5628 bytes)
Powered by blists - more mailing lists