| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181017013600.GA16117@shao2-debian>
Date: Wed, 17 Oct 2018 09:36:00 +0800
From: kernel test robot <rong.a.chen@...el.com>
To: "Aneesh Kumar K.V" <aneesh.kumar@...ux.ibm.com>
Cc: Stephen Rothwell <sfr@...b.auug.org.au>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Andrew Morton <akpm@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>, lkp@...org
Subject: [LKP] [mm/memory.c] 6558038e45: general_protection_fault:#[##]
FYI, we noticed the following commit (built with gcc-6):
commit: 6558038e4540a22ee4f99a5def74791189102bc0 ("mm/memory.c: recheck page table entry with page table lock held")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master
in testcase: trinity
with following parameters:
runtime: 300s
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-x86_64 -enable-kvm -cpu qemu64,+ssse3 -smp 4 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+---------------------------------------------------------+------------+------------+
| | 138bfb21b5 | 6558038e45 |
+---------------------------------------------------------+------------+------------+
| boot_successes | 96 | 79 |
| boot_failures | 2 | 25 |
| invoked_oom-killer:gfp_mask=0x | 2 | 4 |
| Mem-Info | 2 | 4 |
| Out_of_memory_and_no_killable_processes | 2 | 4 |
| Kernel_panic-not_syncing:System_is_deadlocked_on_memory | 2 | 4 |
| general_protection_fault:#[##] | 0 | 20 |
| RIP:__handle_mm_fault | 0 | 20 |
| RIP:copy_user_generic_string | 0 | 13 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 20 |
| RIP:strncpy_from_user | 0 | 2 |
| RIP:__get_user_4 | 0 | 1 |
| IP-Config:Auto-configuration_of_network_failed | 0 | 1 |
+---------------------------------------------------------+------------+------------+
[ 287.220279] [main] 91747 iterations. [F:66755 S:24485 HI:5262]
[ 287.220304]
[ 297.153086] futex_wake_op: trinity-c2 tries to shift op by 48; fix this program
[ 299.963834] kasan: CONFIG_KASAN_INLINE enabled
[ 299.974712] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 299.979477] general protection fault: 0000 [#1] PREEMPT KASAN PTI
[ 299.983209] CPU: 0 PID: 2174 Comm: trinity-c2 Not tainted 4.19.0-rc6-00392-g6558038 #1
[ 299.988863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 299.995335] RIP: 0010:__handle_mm_fault+0xcba/0x25ce
[ 299.999216] Code: 48 83 c0 5c 48 89 84 24 10 01 00 00 e8 6c 87 eb ff 48 8b 9c 24 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 74 08 48 89 df e8 84 92 03 00 48 8b 03 48 83 e0 9f 48
[ 300.008531] RSP: 0018:ffff880079f079e0 EFLAGS: 00010246
[ 300.010074] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 000ffffffffff000
[ 300.012044] RDX: 0000000000000000 RSI: 00000000b9454067 RDI: ffff88007d816460
[ 300.014537] RBP: ffff88007d888008 R08: fffffbfff06960cc R09: fffffbfff06960cc
[ 300.016490] R10: fffffbfff06960cc R11: 0000000000000000 R12: ffff88007d888098
[ 300.018812] R13: ffff88007d888058 R14: ffff88007a94b4c0 R15: ffff88007d888048
[ 300.020769] FS: 00007ff4e650cb40(0000) GS:ffffffff8344b000(0000) knlGS:0000000000000000
[ 300.023159] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 300.024792] CR2: 00007ff4e63e9000 CR3: 00000000a52ec000 CR4: 00000000000006f0
[ 300.029539] Call Trace:
[ 300.030461] ? vm_insert_page+0x46c/0x46c
[ 300.031721] ? __read_once_size_nocheck+0x7/0x7
[ 300.033097] ? deref_stack_reg+0xb7/0xb7
[ 300.034142] ? entry_SYSCALL_64_after_hwframe+0x43/0xa9
[ 300.035435] ? proc_doulongvec_minmax+0x55/0x60
[ 300.036613] ? kernel_text_address+0x5b/0x6f
[ 300.037737] handle_mm_fault+0x3d2/0x512
[ 300.038778] __do_page_fault+0x4f4/0x956
[ 300.039837] ? bad_area_access_error+0x152/0x152
[ 300.041020] ? do_syscall_64+0x40b/0x5ba
[ 300.042064] ? __kernel_text_address+0x17/0x21
[ 300.043359] async_page_fault+0x1e/0x30
[ 300.044585] RIP: 0010:copy_user_generic_string+0x2c/0x40
[ 300.046147] Code: 00 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f
[ 300.051175] RSP: 0018:ffff880079f07d30 EFLAGS: 00010246
[ 300.052714] RAX: ffffed000f3e0fb2 RBX: 0000000000000010 RCX: 0000000000000002
[ 300.054666] RDX: 0000000000000000 RSI: 00007ff4e63e9000 RDI: ffff880079f07d80
[ 300.056649] RBP: 00007ff4e63e9000 R08: ffffed000f3e0fb2 R09: ffffed000f3e0fb0
[ 300.058626] R10: ffffed000f3e0fb1 R11: 0000000000000001 R12: 0000000000000010
[ 300.060582] R13: ffff880079f07d80 R14: 0000000000000007 R15: 0000000000000000
[ 300.062536] _copy_from_user+0x8a/0xae
[ 300.063751] get_timespec64+0x67/0xdf
[ 300.064926] ? timespec_trunc+0xb1/0xb1
[ 300.066156] __x64_sys_utimensat+0x10f/0x18c
[ 300.067463] ? __x64_sys_utime+0x13f/0x13f
[ 300.068696] ? mprotect_fixup+0x5e3/0x5e3
[ 300.069907] ? do_syscall_64+0x40b/0x5ba
[ 300.071144] do_syscall_64+0x40b/0x5ba
[ 300.072488] ? syscall_return_slowpath+0x10d/0x10d
[ 300.073925] ? schedule+0x179/0x194
[ 300.075071] ? exit_to_usermode_loop+0x40/0xec
[ 300.076441] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 300.077941] RIP: 0033:0x7ff4e5e2f229
[ 300.079126] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 3f 4c 2b 00 f7 d8 64 89 01 48
[ 300.084181] RSP: 002b:00007ffd78f66ea8 EFLAGS: 00000246 ORIG_RAX: 0000000000000118
[ 300.086471] RAX: ffffffffffffffda RBX: 0000000000000118 RCX: 00007ff4e5e2f229
[ 300.088455] RDX: 00007ff4e63e9000 RSI: 000055b4a1f93a00 RDI: 0000000000000007
[ 300.090433] RBP: 00007ffd78f66f50 R08: 000000000000fffe R09: 0021b4190da100ab
[ 300.092373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 300.094341] R13: 00007ff4e64f7058 R14: 00007ff4e650cad8 R15: 00007ff4e64f7000
[ 300.096316] Modules linked in: input_leds psmouse i6300esb ide_pci_generic parport_pc parport qemu_fw_cfg
[ 300.099205] ---[ end trace 395ba4f367d74c50 ]---
[ 300.100612] RIP: 0010:__handle_mm_fault+0xcba/0x25ce
[ 300.102114] Code: 48 83 c0 5c 48 89 84 24 10 01 00 00 e8 6c 87 eb ff 48 8b 9c 24 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 74 08 48 89 df e8 84 92 03 00 48 8b 03 48 83 e0 9f 48
[ 300.107178] RSP: 0018:ffff880079f079e0 EFLAGS: 00010246
[ 300.108703] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 000ffffffffff000
[ 300.110673] RDX: 0000000000000000 RSI: 00000000b9454067 RDI: ffff88007d816460
[ 300.112666] RBP: ffff88007d888008 R08: fffffbfff06960cc R09: fffffbfff06960cc
[ 300.114636] R10: fffffbfff06960cc R11: 0000000000000000 R12: ffff88007d888098
[ 300.116613] R13: ffff88007d888058 R14: ffff88007a94b4c0 R15: ffff88007d888048
[ 300.118574] FS: 00007ff4e650cb40(0000) GS:ffffffff8344b000(0000) knlGS:0000000000000000
[ 300.120971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 300.122646] CR2: 00007ff4e63e9000 CR3: 00000000a52ec000 CR4: 00000000000006f0
[ 300.124623] Kernel panic - not syncing: Fatal exception
[ 300.126174] Kernel Offset: disabled
Elapsed time: 300
#!/bin/bash
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
lkp
View attachment "config-4.19.0-rc6-00392-g6558038" of type "text/plain" (119678 bytes)
View attachment "job-script" of type "text/plain" (4160 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (18848 bytes)
Powered by blists - more mailing lists