lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 2 Jul 2020 17:15:33 +0800
From:   kernel test robot <rong.a.chen@...el.com>
To:     Ben Widawsky <ben.widawsky@...el.com>
Cc:     linux-mm <linux-mm@...ck.org>, linux-kernel@...r.kernel.org,
        Michal Hocko <mhocko@...nel.org>,
        Dave Hansen <dave.hansen@...el.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Randy Dunlap <rdunlap@...radead.org>,
        Ben Widawsky <ben.widawsky@...el.com>, lkp@...ts.01.org
Subject: [mm/mempolicy] 9586f666c8:
 Kernel_panic-not_syncing:stack-protector:Kernel_stack_is_corrupted_in:mpol_new_preferred

Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: 9586f666c84d6b357371aff0237269852f64e3b6 ("[PATCH 04/12] mm/mempolicy: allow preferred code to take a nodemask")
url: https://github.com/0day-ci/linux/commits/Ben-Widawsky/Introduced-multi-preference-mempolicy/20200701-052810


in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+------------------------------------------------------------------------------------------+------------+------------+
|                                                                                          | 65c23f0f71 | 9586f666c8 |
+------------------------------------------------------------------------------------------+------------+------------+
| boot_successes                                                                           | 6          | 7          |
| boot_failures                                                                            | 1          | 10         |
| INFO:rcu_sched_self-detected_stall_on_CPU                                                | 1          |            |
| RIP:iov_iter_copy_from_user_atomic                                                       | 1          |            |
| BUG:soft_lockup-CPU##stuck_for#s![trinity-c5:#]                                          | 1          |            |
| Kernel_panic-not_syncing:softlockup:hung_tasks                                           | 1          |            |
| Kernel_panic-not_syncing:stack-protector:Kernel_stack_is_corrupted_in:mpol_new_preferred | 0          | 10         |
+------------------------------------------------------------------------------------------+------------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <rong.a.chen@...el.com>


[  236.443959] [main] 284488 iterations. [F:217538 S:65817 HI:4015]
[  236.443963] 
[  238.480132] futex_wake_op: trinity-c3 tries to shift op by -16; fix this program
[  246.551236] [main] 294727 iterations. [F:225347 S:68192 HI:4015]
[  246.551240] 
[  247.209348] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: mpol_new_preferred+0x12f/0x130
[  247.211379] CPU: 1 PID: 4445 Comm: trinity-c4 Not tainted 5.8.0-rc3-00004-g9586f666c84d6 #1
[  247.213010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  247.214503] Call Trace:
[  247.215111]  dump_stack+0x6d/0x90
[  247.215814]  panic+0x108/0x2de
[  247.216476]  ? mpol_new_preferred+0x12f/0x130
[  247.217446]  __stack_chk_fail+0x10/0x10
[  247.218252]  mpol_new_preferred+0x12f/0x130
[  247.219145]  do_set_mempolicy+0x7e/0x130
[  247.219910]  kernel_set_mempolicy+0x7c/0x90
[  247.220705]  do_syscall_64+0x4d/0x90
[  247.221415]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  247.222305] RIP: 0033:0x453b29
[  247.222987] Code: Bad RIP value.
[  247.223665] RSP: 002b:00007ffc9b1c52c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee
[  247.225066] RAX: ffffffffffffffda RBX: 00000000000000ee RCX: 0000000000453b29
[  247.226265] RDX: 0000000000000200 RSI: 00007f0f2a7c0000 RDI: 0000000000000001
[  247.227477] RBP: 00007ffc9b1c5370 R08: 3bbfcbe05d2a35be R09: 00000a6226195b86
[  247.228728] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000002
[  247.230005] R13: 00007f0f2aed9058 R14: 0000000003007830 R15: 00007f0f2aed9000
[  247.231283] Kernel Offset: disabled

Elapsed time: 300


To reproduce:

        # build kernel
	cd linux
	cp config-5.8.0-rc3-00004-g9586f666c84d6 .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email



Thanks,
Rong Chen


View attachment "config-5.8.0-rc3-00004-g9586f666c84d6" of type "text/plain" (188628 bytes)

View attachment "job-script" of type "text/plain" (4367 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (16580 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ