lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 13 Jun 2020 22:20:28 +0800
From:   kernel test robot <rong.a.chen@...el.com>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     LKML <linux-kernel@...r.kernel.org>, x86@...nel.org,
        lkp@...ts.01.org
Subject: [mm/vmalloc] 0acd9a0ded: kernel_BUG_at_mm/vmalloc.c

Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: 0acd9a0ded80c986ccc9588ba2703436769ead74 ("Revert "mm/vmalloc: modify struct vmap_area to reduce its size"")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git WIP.fixes

in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+----------------------------------------------------------------------------+------+------------+
|                                                                            | v5.7 | 0acd9a0ded |
+----------------------------------------------------------------------------+------+------------+
| boot_successes                                                             | 214  | 142        |
| boot_failures                                                              | 3    | 16         |
| WARNING:at_kernel/rcu/tree_stall.h:#rcu_check_gp_start_stall               | 1    |            |
| EIP:rcu_check_gp_start_stall                                               | 1    |            |
| WARNING:at_net/sched/sch_generic.c:#dev_watchdog                           | 1    | 2          |
| EIP:dev_watchdog                                                           | 1    | 2          |
| Kernel_panic-not_syncing:VFS:Unable_to_mount_root_fs_on_unknown-block(#,#) | 1    |            |
| kernel_BUG_at_mm/vmalloc.c                                                 | 0    | 11         |
| invalid_opcode:#[##]                                                       | 0    | 11         |
| EIP:free_vm_area                                                           | 0    | 11         |
| Kernel_panic-not_syncing:Fatal_exception                                   | 0    | 11         |
| INFO:rcu_sched_detected_stalls_on_CPUs/tasks                               | 0    | 2          |
| EIP:smp_call_function_single                                               | 0    | 2          |
| INFO:rcu_sched_self-detected_stall_on_CPU                                  | 0    | 1          |
| EIP:bvec_iter_advance                                                      | 0    | 1          |
| EIP:iov_iter_copy_from_user_atomic                                         | 0    | 1          |
+----------------------------------------------------------------------------+------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <rong.a.chen@...el.com>


[  330.604224] kernel BUG at mm/vmalloc.c:3211!
[  330.605254] invalid opcode: 0000 [#1] SMP
[  330.606027] CPU: 1 PID: 18 Comm: kworker/1:0 Not tainted 5.7.0-00001-g0acd9a0ded80c #1
[  330.607482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  330.623780] Workqueue: events pcpu_balance_workfn
[  330.624815] EIP: free_vm_area+0x33/0x77
[  330.625601] Code: 49 56 b5 01 83 15 64 49 56 b5 00 89 e5 53 89 c3 8b 40 04 e8 de fe ff ff 39 c3 74 2c 83 05 68 49 56 b5 01 83 15 6c 49 56 b5 00 <0f> 0b 83 05 78 49 56 b5 01 83 15 7c 49 56 b5 00 83 05 80 49 56 b5
[  330.629386] EAX: 00000000 EBX: ef7a8380 ECX: 00000003 EDX: f46fa0c0
[  330.630660] ESI: 00000000 EDI: 00000001 EBP: f473bedc ESP: f473bed8
[  330.631954] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010246
[  330.633317] CR0: 80050033 CR2: a763a9e4 CR3: 3bc55000 CR4: 000006d0
[  330.634576] Call Trace:
[  330.635134]  pcpu_free_vm_areas+0x2b/0x64
[  330.635973]  pcpu_balance_workfn+0x673/0x9ac
[  330.636846]  process_one_work+0x4e0/0x8b0
[  330.637662]  worker_thread+0x370/0x589
[  330.638448]  kthread+0x1f9/0x20c
[  330.639153]  ? create_worker+0x24d/0x24d
[  330.639958]  ? kthread_create_worker+0x38/0x38
[  330.640863]  ret_from_fork+0x19/0x30
[  330.641597] Modules linked in:
[  330.643261] ---[ end trace acbe7a17ad39ff71 ]---


To reproduce:

        # build kernel
	cd linux
	cp config-5.7.0-00001-g0acd9a0ded80c .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email



Thanks,
Rong Chen


View attachment "config-5.7.0-00001-g0acd9a0ded80c" of type "text/plain" (161192 bytes)

View attachment "job-script" of type "text/plain" (4332 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (20308 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ