| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 May 2019 18:24:42 +0800
From: kernel test robot <lkp@...el.com>
To: Gerd Hoffmann <kraxel@...hat.com>
Cc: Daniel Vetter <daniel.vetter@...ll.ch>,
LKML <linux-kernel@...r.kernel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>, lkp@...org
Subject: [drm/bochs] 7a0483ac4f: BUG:unable_to_handle_kernel
FYI, we noticed the following commit (built with gcc-6):
commit: 7a0483ac4ffca4998945c159b28afdde8353cc84 ("drm/bochs: switch to generic drm fbdev emulation")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
in testcase: trinity
with following parameters:
runtime: 300s
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 2G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-----------------------------------------------------+------------+------------+
| | 132a45340a | 7a0483ac4f |
+-----------------------------------------------------+------------+------------+
| boot_successes | 48 | 6 |
| boot_failures | 0 | 44 |
| BUG:unable_to_handle_kernel | 0 | 44 |
| Oops:#[##] | 0 | 44 |
| RIP:restore_fbdev_mode | 0 | 44 |
| WARNING:at_kernel/locking/lockdep.c:#lock_downgrade | 0 | 14 |
| RIP:lock_downgrade | 0 | 14 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 44 |
+-----------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <lkp@...el.com>
[ 9.996031] BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
[ 9.996169] ------------[ cut here ]------------
[ 9.996991] #PF error: [normal kernel read fault]
[ 9.997548] downgrading a read lock
[ 9.997571] WARNING: CPU: 0 PID: 479 at kernel/locking/lockdep.c:3553 lock_downgrade+0xd1/0x190
[ 9.998095] PGD 800000001c3f1067 P4D 800000001c3f1067 PUD 1c148067 PMD 0
[ 9.998516] Modules linked in:
[ 9.999778] Oops: 0000 [#1] PREEMPT SMP PTI
[ 10.000594] CPU: 0 PID: 479 Comm: mkdir Not tainted 5.0.0-rc1-00140-g7a0483a #1
[ 10.000967] CPU: 1 PID: 239 Comm: plymouthd Not tainted 5.0.0-rc1-00140-g7a0483a #1
[ 10.001478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 10.002351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[ 10.003269] RIP: 0010:lock_downgrade+0xd1/0x190
[ 10.004274] RIP: 0010:restore_fbdev_mode+0x1b/0x1e0
[ 10.005272] Code: 8b 54 24 0c 89 93 28 0b 00 00 48 8b 08 48 89 8b 20 0b 00 00 f6 40 32 03 74 1a 48 c7 c7 10 56 53 82 48 89 04 24 e8 8f 60 fa ff <0f> 0b 8b 54 24 0c 48 8b 04 24 0f b6 48 32 4c 89 60 08 44 89 ee 48
[ 10.005824] Code: 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 41 57 41 56 41 55 41 54 49 89 fc 55 53 48 83 ec 08 e8 2a f8 ba ff 4d 8b 6c 24 40 <49> 8b 55 20 41 8b 45 50 25 00 00 01 00 85 82 78 01 00 00 0f 85 47
[ 10.006415] RSP: 0018:ffffc9000066fe28 EFLAGS: 00010096
[ 10.008634] RSP: 0018:ffffc9000045bdb0 EFLAGS: 00010293
[ 10.010881] RAX: 0000000000000017 RBX: ffff88802cabc000 RCX: 0000000000000001
[ 10.011513] RAX: 0000000000000000 RBX: ffff88801c1e6d40 RCX: 0000000000000000
[ 10.012142] RDX: ffff88802cabc000 RSI: ffffffff81132f29 RDI: 00000000ffffffff
[ 10.012999] RDX: ffff88802f834000 RSI: ffffffff815d0886 RDI: ffff88801c1e6d40
[ 10.013855] RBP: ffff88802d830128 R08: 00000002c324869d R09: ffffc9000066fdb8
[ 10.014712] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[ 10.015571] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff811f1db8
[ 10.016430] R10: ffffc9000045bdf0 R11: 0000000000000001 R12: ffff88801c1e6d40
[ 10.017283] R13: 0000000000000003 R14: 0000000000000246 R15: 00007fa7532b9000
[ 10.018145] R13: 0000000000000000 R14: ffff88801c255278 R15: ffffffff815d2680
[ 10.019010] FS: 00007fa7532b47c0(0000) GS:ffff888029600000(0000) knlGS:0000000000000000
[ 10.019885] FS: 00007f8ba8290700(0000) GS:ffff888029a00000(0000) knlGS:0000000000000000
[ 10.020747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 10.021715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 10.022684] CR2: 00007fa7532b8000 CR3: 000000002d86a000 CR4: 00000000000406f0
[ 10.023390] CR2: 0000000000000020 CR3: 000000001c16e000 CR4: 00000000000406e0
[ 10.024078] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 10.024927] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 10.025781] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 10.026632] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 10.027485] Call Trace:
[ 10.028342] Call Trace:
[ 10.029195] downgrade_write+0x12/0x80
[ 10.029501] ? drm_fb_helper_lastclose+0x20/0x20
[ 10.029820] __do_munmap+0x3d8/0x5c0
[ 10.030273] drm_fb_helper_restore_fbdev_mode_unlocked+0x4a/0xa0
[ 10.030835] __vm_munmap+0x67/0xc0
[ 10.031268] drm_fbdev_client_restore+0x11/0x20
[ 10.031969] __x64_sys_munmap+0x1b/0x20
[ 10.032390] drm_client_dev_restore+0xa8/0xe0
[ 10.032936] do_syscall_64+0xb5/0x200
[ 10.033405] drm_release+0xc0/0x120
[ 10.033933] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 10.034381] ? drm_lastclose+0x100/0x100
[ 10.034806] RIP: 0033:0x7fa752bab897
[ 10.035422] __fput+0x15c/0x250
[ 10.035904] Code: f0 ff ff 73 01 c3 48 8b 0d a6 75 2c 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 79 75 2c 00 31 d2 48 29 c2 64
[ 10.036344] task_work_run+0x9d/0xd0
[ 10.036726] RSP: 002b:00007ffc66b50a38 EFLAGS: 00000206 ORIG_RAX: 000000000000000b
[ 10.038945] exit_to_usermode_loop+0x7a/0xc0
[ 10.039383] RAX: ffffffffffffffda RBX: 000000000060c010 RCX: 00007fa752bab897
[ 10.040280] do_syscall_64+0x1c9/0x200
[ 10.040804] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 00007fa7532b8000
[ 10.041662] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 10.042113] RBP: 0000000000000000 R08: 0000000000000010 R09: 00000000ffffffff
[ 10.042964] RIP: 0033:0x7f8ba7973040
[ 10.043574] R10: 00007ffc66b50840 R11: 0000000000000206 R12: 0000000000000000
[ 10.044426] Code: 40 75 0b 31 c0 48 83 c4 08 e9 0c ff ff ff 48 8d 3d c5 99 09 00 e8 a0 3f 02 00 83 3d 9d 71 2d 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 9e b1 01 00 48 89 04 24
[ 10.044860] R13: 00007ffc66b50bb8 R14: 00007fa753096d00 R15: 0000000000000000
[ 10.045722] RSP: 002b:00007ffe098cf568 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 10.047994] ---[ end trace 2efaa9fea56af290 ]---
To reproduce:
# build kernel
cd linux
cp config-5.0.0-rc1-00140-g7a0483a .config
make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 olddefconfig
make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 prepare
make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 modules_prepare
make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 SHELL=/bin/bash
make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
lkp
View attachment "config-5.0.0-rc1-00140-g7a0483a" of type "text/plain" (125681 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (13716 bytes)
Powered by blists - more mailing lists