lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 19 May 2021 16:31:10 +0100
From:   Matthew Wilcox <willy@...radead.org>
To:     Naresh Kamboju <naresh.kamboju@...aro.org>
Cc:     LKML <linux-kernel@...r.kernel.org>, linux-mm <linux-mm@...ck.org>,
        lkft-triage@...ts.linaro.org, Thomas Gleixner <tglx@...utronix.de>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Ira Weiny <ira.weiny@...el.com>,
        Oliver Sang <oliver.sang@...el.com>,
        Chaitanya Kulkarni <Chaitanya.Kulkarni@....com>, x86@...nel.org
Subject: Re: BUG: unable to handle page fault for address - EIP:
 __kmap_local_page_prot


I think this is an i386 specific issue.  It shouldn't even have PUDs,
right?  This is a CONFIG_HIGHMEM4G=y kernel, so it uses PGDs, PMDs and
PTEs.

On Wed, May 19, 2021 at 08:38:19PM +0530, Naresh Kamboju wrote:
> While running LTP mm test suite on i386 kernel the following warning and BUG
> reported on linux next 5.13.0-rc2-next-20210519.
> 
> The warning is not regression, We have been noticing these warnings often on
> i386 but kernel BUG: looks to be a new crash.
> 
>  ------------[ cut here ]------------
> [  696.876399] WARNING: CPU: 1 PID: 24493 at mm/mremap.c:314
> move_page_tables+0x18d/0x6e0
> [  696.884319] Modules linked in: x86_pkg_temp_thermal
> 05.c:78: TPASS: [  696.889246] CPU: 1 PID: 24493 Comm: true Not
> tainted 5.13.0-rc2-next-20210519 #1
> [  696.898018] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
> 2.2 05/23/2018
> [  696.905462] EIP: move_page_tables+0x18d/0x6e0
> still alive.
> ks[  696.909865] Code: 40 20 8b 40 24 89 c1 01 d9 0f 84 36 04 00 00 8b
> 55 08 c1 ea 16 8d 04 90 85 c0 0f 84 e5 02 00 00 80 7d bb 00 0f 85 23
> 04 00 00 <0f> 0b 80 7d bb 00 0f 84 f7 fe ff ff 8b 45 c8 e8 1f fe ff ff
> e9 ea
> [  696.929986] EAX: c28a5bf8 EBX: 00000bfc ECX: c28a5bfc EDX: 000002fe
> [  696.936323] ESI: c0000000 EDI: bfc00000 EBP: c86ffe14 ESP: c86ffda8
> m05.c:78: TPASS:[  696.942614] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS:
> 0068 EFLAGS: 00010246
> [  696.950777] CR0: 80050033 CR2: b7e13b50 CR3: 028a5000 CR4: 003506d0
> [  696.957043] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [  696.963310] DR6: fffe0ff0 DR7: 00000400
> [  696.967148] Call Trace:
> [  696.969594]  setup_arg_pages+0x28c/0x380
>  still alive.
> k[  696.973563]  ? get_random_u32+0x35/0x80
> [  696.978779]  ? trace_hardirqs_off+0x2f/0xc0
> sm05.c:78: TPASS[  696.983006]  ? trace_hardirqs_on+0x2d/0xc0
> [  696.988484]  ? _raw_spin_unlock_irqrestore+0x18/0x20
> [  696.993467]  ? get_random_u32+0x4e/0x80
> [  696.997385]  load_elf_binary+0x31e/0x11c0
> [  697.001452]  ? security_file_permission+0x97/0x170
> [  697.006277]  ? kernel_read+0x31/0x40
> [  697.009907]  bprm_execve+0x233/0x5f0
> [  697.013541]  do_execveat_common+0x129/0x150
> [  697.017725]  __ia32_sys_execve+0x28/0x30
> [  697.021650]  __do_fast_syscall_32+0x4c/0xc0
> [  697.025835]  do_fast_syscall_32+0x29/0x60
> [  697.029850]  do_SYSENTER_32+0x15/0x20
> [  697.033516]  entry_SYSENTER_32+0x98/0xe7
> [  697.037441] EIP: 0xb7f12549
> [  697.040243] Code: Unable to access opcode bytes at RIP 0xb7f1251f.
> : still alive.
> [  697.046462] EAX: ffffffda EBX: bfd72c00 ECX: 0806b460 EDX: bfd72e54
> [  697.054106] ESI: 0805af94 EDI: bfd72c09 EBP: bfd72cc8 ESP: bfd72bd8
> [  697.060425] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 007b EFLAGS: 00000296
> [  697.067210] ---[ end trace 7b789866f6f48389 ]---
> [  697.071832] ------------[ cut here ]------------
> 
> ...
> ksm05.c:78: TPASS: still alive.
> 
> [  699.637408] BUG: unable to handle page fault for address: f752b000
> [  699.644091] #PF: supervisor read access in kernel mode
> [  699.649222] #PF: error_code(0x0000) - not-present page
> [  699.654357] *pde = 01106067 *pte = 00000000
> [  699.658666] Oops: 0000 [#1] SMP
> [  699.661806] CPU: 1 PID: 24636 Comm: true Tainted: G        W
>  5.13.0-rc2-next-20210519 #1
> [  699.670583] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
> 2.2 05/23/2018
> [  699.677966] EIP: __kmap_local_page_prot+0x6/0x40
> [  699.682614] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
> 8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
> 26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
> ff ff
> [  699.701371] EAX: f752b000 EBX: 00000004 ECX: bf400000 EDX: 00000163
> [  699.707640] ESI: f752b000 EDI: c86ffecc EBP: c86ffe60 ESP: c86ffe00
> [  699.713897] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
> [  699.720676] CR0: 80050033 CR2: f752b000 CR3: 028a5000 CR4: 003506d0
> [  699.726934] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [  699.733197] DR6: fffe0ff0 DR7: 00000400
> [  699.737027] Call Trace:
> [  699.739474]  ? unmap_page_range+0x154/0x690
> [  699.743658]  unmap_single_vma+0x61/0xc0
> [  699.747489]  unmap_vmas+0x6f/0xf0
> [  699.750800]  exit_mmap+0x71/0x1c0
> [  699.754110]  mmput+0x57/0x100
> [  699.757075]  do_exit+0x2da/0x9e0
> [  699.760306]  ? syscall_trace_enter.isra.0+0x148/0x1b0
> [  699.765372]  do_group_exit+0x36/0x90
> [  699.768955]  __ia32_sys_exit_group+0x15/0x20
> [  699.773220]  __do_fast_syscall_32+0x4c/0xc0
> [  699.777405]  do_fast_syscall_32+0x29/0x60
> [  699.781409]  do_SYSENTER_32+0x15/0x20
> [  699.785066]  entry_SYSENTER_32+0x98/0xe7
> [  699.788984] EIP: 0x1ff58549
> [  699.791774] Code: Unable to access opcode bytes at RIP 0x1ff5851f.
> [  699.797945] EAX: ffffffda EBX: 00000000 ECX: 00000001 EDX: 00000000
> [  699.804202] ESI: 1ff471f0 EDI: 1ff493fc EBP: 00000000 ESP: bf1ff3cc
> [  699.810458] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 007b EFLAGS: 00000296
> [  699.817236] Modules linked in: x86_pkg_temp_thermal
> [  699.822115] CR2: 00000000f752b000
> [  699.825426] ---[ end trace 7b789866f6f4838b ]---
> [  699.830036] EIP: __kmap_local_page_prot+0x6/0x40
> [  699.834655] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
> 8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
> 26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
> ff ff
> [  699.853401] EAX: f752b000 EBX: 00000004 ECX: bf400000 EDX: 00000163
> [  699.859658] ESI: f752b000 EDI: c86ffecc EBP: c86ffe60 ESP: c86ffe00
> [  699.865915] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
> [  699.872690] CR0: 80050033 CR2: f752b000 CR3: 028a5000 CR4: 003506d0
> [  699.878948] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [  699.885207] DR6: fffe0ff0 DR7: 00000400
> [  699.889036] Fixing recursive fault but reboot is needed!
> 
> ksm05.c:78: TPASS: still alive.
> ..
> [ 1599.651922] BUG: unable to handle page fault for address: f7d64000
> [ 1599.658959] #PF: supervisor read access in kernel mode
> [ 1599.664088] #PF: error_code(0x0000) - not-present page
> [ 1599.669219] *pde = 00000000
> [ 1599.672097] Oops: 0000 [#2] SMP
> [ 1599.675236] CPU: 3 PID: 24646 Comm: thp02 Tainted: G      D W
>   5.13.0-rc2-next-20210519 #1
> [ 1599.684102] Hardware name: Supermicro SYS-5019S-ML/X11SSH-F, BIOS
> 2.2 05/23/2018
> [ 1599.691485] EIP: __kmap_local_page_prot+0x6/0x40
> [ 1599.696102] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
> 8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
> 26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
> ff ff
> [ 1599.714840] EAX: f7d64000 EBX: b5800000 ECX: b5800000 EDX: 00000163
> [ 1599.721097] ESI: f7d64000 EDI: c1a5decc EBP: c1a5de60 ESP: c1a5de00
> [ 1599.727354] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
> [ 1599.734132] CR0: 80050033 CR2: f7d64000 CR3: 19fce000 CR4: 003506d0
> [ 1599.740387] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [ 1599.746646] DR6: fffe0ff0 DR7: 00000400
> [ 1599.750477] Call Trace:
> [ 1599.752919]  ? unmap_page_range+0x154/0x690
> [ 1599.757096]  unmap_single_vma+0x61/0xc0
> [ 1599.760929]  unmap_vmas+0x6f/0xf0
> [ 1599.764246]  exit_mmap+0x71/0x1c0
> [ 1599.767558]  mmput+0x57/0x100
> [ 1599.770531]  do_exit+0x2da/0x9e0
> [ 1599.773763]  ? syscall_trace_enter.isra.0+0x148/0x1b0
> [ 1599.778815]  do_group_exit+0x36/0x90
> [ 1599.782393]  __ia32_sys_exit_group+0x15/0x20
> [ 1599.786659]  __do_fast_syscall_32+0x4c/0xc0
> [ 1599.790845]  do_fast_syscall_32+0x29/0x60
> [ 1599.794857]  do_SYSENTER_32+0x15/0x20
> [ 1599.798513]  entry_SYSENTER_32+0x98/0xe7
> [ 1599.802441] EIP: 0xb7fa6549
> [ 1599.805237] Code: Unable to access opcode bytes at RIP 0xb7fa651f.
> [ 1599.811408] EAX: ffffffda EBX: 00000002 ECX: 00000000 EDX: bfff8660
> [ 1599.817665] ESI: b7f761f0 EDI: b7f783fc EBP: 00000000 ESP: bfff866c
> [ 1599.823922] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 007b EFLAGS: 00000296
> [ 1599.830702] Modules linked in: x86_pkg_temp_thermal
> [ 1599.835579] CR2: 00000000f7d64000
> [ 1599.838890] ---[ end trace 7b789866f6f4838c ]---
> [ 1599.843499] EIP: __kmap_local_page_prot+0x6/0x40
> [ 1599.848111] Code: 00 00 00 00 c6 05 00 cc 2c d4 00 8b 5d fc c9 c3
> 8d 74 26 00 0f 0b 0f 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 3e 8d 74
> 26 00 55 <8b> 08 c1 e9 1e 89 e5 83 f9 02 74 17 83 f9 03 74 09 e8 54 fe
> ff ff
> [ 1599.866849] EAX: f752b000 EBX: 00000004 ECX: bf400000 EDX: 00000163
> [ 1599.873114] ESI: f752b000 EDI: c86ffecc EBP: c86ffe60 ESP: c86ffe00
> [ 1599.879369] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010202
> [ 1599.886148] CR0: 80050033 CR2: f7d64000 CR3: 19fce000 CR4: 003506d0
> [ 1599.892404] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [ 1599.898661] DR6: fffe0ff0 DR7: 00000400
> [ 1599.902493] Fixing recursive fault but reboot is needed!
> O: mremap (0xb6c00000-0xb7bff000) to (0xb5800000-0xb67ff000)
> thp02.c:84: TBROK: mremap bug
> 
> Reported-by: Naresh Kamboju <naresh.kamboju@...aro.org>
> 
> Links:
> https://lkft.validation.linaro.org/scheduler/job/2742412#L8838
> 
> Step to reproduce:
> ------------------
> # cd /opt/ltp
> # ./runltp -f mm
> 
> metadata:
>   git branch: master
>   git repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next
>   git commit: 9f24705effef8c3b9eca00d70594ef7e0364a6da
>   git describe: next-20210519
>   make_kernelversion: 5.13.0-rc2
>   kernel-config: https://builds.tuxbuild.com/1sk6bnicwdtrZQO2wqfaMdsZO5z/config
> 
> -- 
> Linaro LKFT
> https://lkft.linaro.org
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ