lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190607074052.GA30233@swift.blarg.de>
Date:   Fri, 7 Jun 2019 09:40:52 +0200
From:   Max Kellermann <max@...rg.de>
To:     Justin Piszcz <jpiszcz@...idpixels.com>,
        "Kirill A. Shutemov" <kirill@...temov.name>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: 5.1 kernel: khugepaged stuck at 100%

On 2019/06/06 19:24, Max Kellermann <max@...rg.de> wrote:
> I have the same problem (kernel 5.1.7), but over here, it's a PHP
> process, not khugepaged, which is looping inside compaction_alloc.

This is what happened an hour later:

 kernel tried to execute NX-protected page - exploit attempt? (uid: 33333)
 BUG: unable to handle kernel paging request at ffffffffc036f00f
 #PF error: [PROT] [INSTR]
 PGD 35fa10067 P4D 35fa10067 PUD 35fa12067 PMD 105ba71067 PTE 800000022d28e061
 Oops: 0011 [#1] SMP PTI
 CPU: 12 PID: 263514 Comm: php-cgi7.0 Not tainted 5.1.7-cmag1-th+ #5
 Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 10/17/2018
 RIP: 0010:0xffffffffc036f00f
 Code: Bad RIP value.
 RSP: 0018:ffffb63c4d547928 EFLAGS: 00010216
 RAX: 0000000000000000 RBX: ffffb63c4d547b10 RCX: 0000ffc004d021bd
 RDX: ffff9ac83fffc500 RSI: 7fe0026810dee7ff RDI: 7fe0026810dee400
 RBP: 7fe0026810dee400 R08: 0000000000000002 R09: 0000000000020300
 R10: 00010642641a0d3a R11: 0000000000000001 R12: 7fe0026810dee800
 R13: 0000000000000001 R14: 0000000000000000 R15: ffff9ac83fffc500
 FS:  00007fa5c1000740(0000) GS:ffff9ad01f600000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: ffffffffc036efe5 CR3: 00000008eb8a0005 CR4: 00000000001606e0
 Call Trace:
  ? move_freelist_tail+0xd0/0xd0
  ? migrate_pages+0xaa/0x780
  ? isolate_freepages_block+0x380/0x380
  ? compact_zone+0x6ec/0xca0
  ? compact_zone_order+0xd8/0x120
  ? try_to_compact_pages+0xb1/0x260
  ? __alloc_pages_direct_compact+0x87/0x160
  ? __alloc_pages_slowpath+0x427/0xd50
  ? __alloc_pages_nodemask+0x2d6/0x310
  ? do_huge_pmd_anonymous_page+0x131/0x680
  ? vma_merge+0x24f/0x3a0
  ? __handle_mm_fault+0xbca/0x1260
  ? handle_mm_fault+0x135/0x1b0
  ? __do_page_fault+0x242/0x4b0
  ? page_fault+0x8/0x30
  ? page_fault+0x1e/0x30
 Modules linked in:
 CR2: ffffffffc036f00f
 ---[ end trace 0f31edf3041f5d9e ]---
 RIP: 0010:0xffffffffc036f00f
 Code: Bad RIP value.
 RSP: 0018:ffffb63c4d547928 EFLAGS: 00010216
 RAX: 0000000000000000 RBX: ffffb63c4d547b10 RCX: 0000ffc004d021bd
 RDX: ffff9ac83fffc500 RSI: 7fe0026810dee7ff RDI: 7fe0026810dee400
 RBP: 7fe0026810dee400 R08: 0000000000000002 R09: 0000000000020300
 R10: 00010642641a0d3a R11: 0000000000000001 R12: 7fe0026810dee800
 R13: 0000000000000001 R14: 0000000000000000 R15: ffff9ac83fffc500
 FS:  00007fa5c1000740(0000) GS:ffff9ad01f600000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: ffffffffc036efe5 CR3: 00000008eb8a0005 CR4: 00000000001606e0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ