lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191031151510.GA16405@xsang-OptiPlex-9020>
Date:   Thu, 31 Oct 2019 23:15:10 +0800
From:   kernel test robot <lkp@...el.com>
To:     Steven Price <steven.price@....com>
Cc:     linux-mm@...ck.org, Steven Price <steven.price@....com>,
        Andy Lutomirski <luto@...nel.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Arnd Bergmann <arnd@...db.de>, Borislav Petkov <bp@...en8.de>,
        Catalin Marinas <catalin.marinas@....com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>,
        James Morse <james.morse@....com>,
        Jérôme Glisse <jglisse@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Will Deacon <will@...nel.org>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        Mark Rutland <Mark.Rutland@....com>,
        "Liang, Kan" <kan.liang@...ux.intel.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Zong Li <zong.li@...ive.com>, lkp@...ts.01.org,
        ltp@...ts.linux.it
Subject: [mm] 9343f6818b: BUG:kernel_NULL_pointer_dereference,address

FYI, we noticed the following commit (built with gcc-7):

commit: 9343f6818bb98cf0c982bfff6ed89b2c7176bcf9 ("[PATCH v14 12/22] mm: pagewalk: Allow walking without vma")
url: https://github.com/0day-ci/linux/commits/Steven-Price/Generic-page-walk-and-ptdump/20191030-085205


in testcase: ltp
with following parameters:

	disk: 1HDD
	fs: xfs
	test: syscalls_part3

test-description: The LTP testsuite contains a collection of tools for testing the Linux kernel and related features.
test-url: http://linux-test-project.github.io/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 8G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+---------------------------------------------+------------+------------+
|                                             | 6344c34cc2 | 9343f6818b |
+---------------------------------------------+------------+------------+
| boot_successes                              | 12         | 0          |
| boot_failures                               | 0          | 30         |
| BUG:kernel_NULL_pointer_dereference,address | 0          | 30         |
| Oops:#[##]                                  | 0          | 30         |
| RIP:pagemap_pmd_range                       | 0          | 30         |
| Kernel_panic-not_syncing:Fatal_exception    | 0          | 30         |
+---------------------------------------------+------------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <lkp@...el.com>


[   36.010874] BUG: kernel NULL pointer dereference, address: 0000000000000053
[   36.012644] #PF: supervisor read access in kernel mode
[   36.014074] #PF: error_code(0x0000) - not-present page
[   36.015481] PGD 0 P4D 0 
[   36.016433] Oops: 0000 [#1] SMP PTI
[   36.017561] CPU: 1 PID: 2376 Comm: mmap12 Not tainted 5.4.0-rc5-00046-g9343f6818bb98 #1
[   36.019340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[   36.021250] RIP: 0010:pagemap_pmd_range+0x5ae/0x7b0
[   36.022612] Code: 18 4c 89 54 24 08 48 89 14 24 e8 6d a3 ed ff 4c 8b 44 24 18 4c 8b 54 24 08 48 8b 14 24 48 89 d1 4c 09 ea 83 f8 01 48 0f 45 d1 <41> f6 47 53 08 74 0d 48 b8 00 00 00 00 00 00 80 00 48 09 c2 48 63
[   36.026685] RSP: 0018:ffffb814c0623cf8 EFLAGS: 00010246
[   36.028115] RAX: 0000000000000000 RBX: ffffb814c0623e78 RCX: ffffb814c0623e00
[   36.029898] RDX: 0000000000000000 RSI: 00007fc295495000 RDI: ffffe3de46520928
[   36.031611] RBP: 00007fc295495000 R08: 00007fc29549b000 R09: ffff927bc7c028c0
[   36.033367] R10: 0000000000000000 R11: 000ffffffffff000 R12: 0000000000000000
[   36.035099] R13: 0100000000000000 R14: ffff927c548244a8 R15: 0000000000000000
[   36.036836] FS:  00007fc295491700(0000) GS:ffff927cffd00000(0000) knlGS:0000000000000000
[   36.038711] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   36.040849] CR2: 0000000000000053 CR3: 0000000197b32000 CR4: 00000000000406e0
[   36.043618] Call Trace:
[   36.046040]  walk_pgd_range+0x502/0x7e0
[   36.048051]  walk_page_range+0x89/0x110
[   36.050010]  pagemap_read+0x170/0x270
[   36.051912]  vfs_read+0x9b/0x160
[   36.053711]  ksys_read+0xa1/0xe0
[   36.055560]  ? pid_ns_release_proc+0x10/0x10
[   36.058055]  do_syscall_64+0x5b/0x1d0
[   36.060144]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   36.063474] RIP: 0033:0x7fc29506c210
[   36.067023] Code: 73 01 c3 48 8b 0d 98 7d 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d b9 c1 20 00 00 75 10 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 4e fc ff ff 48 89 04 24
[   36.072591] RSP: 002b:00007fffdb725738 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   36.074562] RAX: ffffffffffffffda RBX: 0000000000000070 RCX: 00007fc29506c210
[   36.077340] RDX: 0000000000000008 RSI: 00007fffdb7257b0 RDI: 0000000000000008
[   36.080099] RBP: 00007fffdb7257b0 R08: 0000000000000008 R09: 00007fffdb7257b0
[   36.082815] R10: 000000000000006d R11: 0000000000000246 R12: 0000000000000008
[   36.085562] R13: 000055d2de86bbc4 R14: 0000000000000049 R15: 0000000000000001
[   36.088300] Modules linked in: loop xfs libcrc32c dm_mod intel_rapl_msr intel_rapl_common crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel sr_mod cdrom sg ata_generic pata_acpi ppdev snd_pcm snd_timer aesni_intel bochs_drm snd drm_vram_helper crypto_simd soundcore cryptd glue_helper pcspkr joydev ttm serio_raw drm_kms_helper syscopyarea ata_piix sysfillrect sysimgblt fb_sys_fops libata drm i2c_piix4 floppy parport_pc parport ip_tables
[   36.101784] CR2: 0000000000000053
[   36.103859] ---[ end trace 689d3bba90bb708f ]---


To reproduce:

        # build kernel
	cd linux
	cp config-5.4.0-rc5-00046-g9343f6818bb98 .config
	make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
	make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
	cd <mod-install-dir>
	find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz


        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email



Thanks,
lkp


View attachment "config-5.4.0-rc5-00046-g9343f6818bb98" of type "text/plain" (200562 bytes)

View attachment "job-script" of type "text/plain" (5172 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (18708 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ