lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Sun, 20 Mar 2022 23:50:39 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Amir Goldstein <amir73il@...il.com>
Cc:     lkp@...ts.01.org, lkp@...el.com,
        LKML <linux-kernel@...r.kernel.org>
Subject: [fsnotify]  502198c77a:
 WARNING:at_fs/notify/mark.c:#fsnotify_put_mark



Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: 502198c77a26d012f65bd9378eed81e536dd7375 ("fsnotify: allow adding an inode mark without pinning inode")
linux-devel devel-catchup-20220318-223108

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -cpu Icelake-Server -smp 4 -m 16G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):



If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>


[ 8.734816][ T1] WARNING: CPU: 0 PID: 1 at fs/notify/mark.c:245 fsnotify_put_mark (fs/notify/mark.c:245 fs/notify/mark.c:282) 
[    8.735878][    T1] Modules linked in: autofs4(E)
[    8.736594][    T1] CPU: 0 PID: 1 Comm: systemd Tainted: G            E     5.17.0-rc3-00007-g502198c77a26 #1
[    8.738032][    T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 8.739514][ T1] EIP: fsnotify_put_mark (fs/notify/mark.c:245 fs/notify/mark.c:282) 
[ 8.740367][ T1] Code: 0d d4 36 1f c9 e8 81 11 d5 ff e9 b3 fe ff ff 8d 74 26 00 89 d8 e8 f1 f4 ff ff e9 05 ff ff ff 8d 74 26 00 0f 0b e9 90 fe ff ff <0f> 0b 31 c9 31 ff e9 52 fe ff ff e8 51 71 63 00 8d b4 26 00 00 00
All code
========
   0:	0d d4 36 1f c9       	or     $0xc91f36d4,%eax
   5:	e8 81 11 d5 ff       	callq  0xffffffffffd5118b
   a:	e9 b3 fe ff ff       	jmpq   0xfffffffffffffec2
   f:	8d 74 26 00          	lea    0x0(%rsi,%riz,1),%esi
  13:	89 d8                	mov    %ebx,%eax
  15:	e8 f1 f4 ff ff       	callq  0xfffffffffffff50b
  1a:	e9 05 ff ff ff       	jmpq   0xffffffffffffff24
  1f:	8d 74 26 00          	lea    0x0(%rsi,%riz,1),%esi
  23:	0f 0b                	ud2    
  25:	e9 90 fe ff ff       	jmpq   0xfffffffffffffeba
  2a:*	0f 0b                	ud2    		<-- trapping instruction
  2c:	31 c9                	xor    %ecx,%ecx
  2e:	31 ff                	xor    %edi,%edi
  30:	e9 52 fe ff ff       	jmpq   0xfffffffffffffe87
  35:	e8 51 71 63 00       	callq  0x63718b
  3a:	8d                   	.byte 0x8d
  3b:	b4 26                	mov    $0x26,%ah
  3d:	00 00                	add    %al,(%rax)
	...

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2    
   2:	31 c9                	xor    %ecx,%ecx
   4:	31 ff                	xor    %edi,%edi
   6:	e9 52 fe ff ff       	jmpq   0xfffffffffffffe5d
   b:	e8 51 71 63 00       	callq  0x637161
  10:	8d                   	.byte 0x8d
  11:	b4 26                	mov    $0x26,%ah
  13:	00 00                	add    %al,(%rax)
	...
[    8.743352][    T1] EAX: c4a14d0c EBX: f5ccaf60 ECX: 00000003 EDX: 08002800
[    8.744241][    T1] ESI: c3a74ce0 EDI: f5cedd80 EBP: c1127f68 ESP: c1127f50
[    8.745077][    T1] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00010206
[    8.746248][    T1] CR0: 80050033 CR2: b7b57050 CR3: 04a3a000 CR4: 00350ef0
[    8.747330][    T1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[    8.748480][    T1] DR6: fffe0ff0 DR7: 00000400
[    8.749321][    T1] Call Trace:
[ 8.749962][ T1] __ia32_sys_inotify_rm_watch (include/linux/file.h:45 fs/notify/inotify/inotify_user.c:822 fs/notify/inotify/inotify_user.c:793 fs/notify/inotify/inotify_user.c:793) 
[ 8.750925][ T1] __do_fast_syscall_32 (arch/x86/entry/common.c:112 arch/x86/entry/common.c:178) 
[ 8.751705][ T1] do_fast_syscall_32 (arch/x86/entry/common.c:203) 
[ 8.752676][ T1] do_SYSENTER_32 (arch/x86/entry/common.c:247) 
[ 8.753478][ T1] entry_SYSENTER_32 (arch/x86/entry/entry_32.S:869) 
[    8.754456][    T1] EIP: 0xb7e2d589
[ 8.755234][ T1] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76
All code
========
	...
  20:	00 51 52             	add    %dl,0x52(%rcx)
  23:	55                   	push   %rbp
  24:	89 e5                	mov    %esp,%ebp
  26:	0f 34                	sysenter 
  28:	cd 80                	int    $0x80
  2a:*	5d                   	pop    %rbp		<-- trapping instruction
  2b:	5a                   	pop    %rdx
  2c:	59                   	pop    %rcx
  2d:	c3                   	retq   
  2e:	90                   	nop
  2f:	90                   	nop
  30:	90                   	nop
  31:	90                   	nop
  32:	8d 76 00             	lea    0x0(%rsi),%esi
  35:	58                   	pop    %rax
  36:	b8 77 00 00 00       	mov    $0x77,%eax
  3b:	cd 80                	int    $0x80
  3d:	90                   	nop
  3e:	8d                   	.byte 0x8d
  3f:	76                   	.byte 0x76

Code starting with the faulting instruction
===========================================
   0:	5d                   	pop    %rbp
   1:	5a                   	pop    %rdx
   2:	59                   	pop    %rcx
   3:	c3                   	retq   
   4:	90                   	nop
   5:	90                   	nop
   6:	90                   	nop
   7:	90                   	nop
   8:	8d 76 00             	lea    0x0(%rsi),%esi
   b:	58                   	pop    %rax
   c:	b8 77 00 00 00       	mov    $0x77,%eax
  11:	cd 80                	int    $0x80
  13:	90                   	nop
  14:	8d                   	.byte 0x8d
  15:	76                   	.byte 0x76
[    8.758046][    T1] EAX: ffffffda EBX: 0000000c ECX: 00000001 EDX: b7b57000
[    8.758927][    T1] ESI: bfe8347c EDI: bfe8351c EBP: b7b57744 ESP: bfe8342c
[    8.759796][    T1] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000296
[    8.760875][    T1] ---[ end trace 0000000000000000 ]---
[  OK  ] Mounted RPC Pipe File System.
[  OK  ] Mounted Debug File System.
[  OK  ] Mounted POSIX Message Queue File System.
[  OK  ] Mounted Huge Pages File System.
[  OK  ] Started Journal Service.
[  OK  ] Started Load Kernel Modules.
[  OK  ] Started Remount Root and Kernel File Systems.
Starting udev Coldplug all Devices...
Starting Load/Save Random Seed...
Starting Create Static Device Nodes in /dev...
Starting Apply Kernel Variables...
Starting Flush Journal to Persistent Storage...
[  OK  ] Started Create Static Device Nodes in /dev.
[  OK  ] Started Load/Save Random Seed.
[  OK  ] Started Apply Kernel Variables.
[  OK  ] Reached target Local File Systems (Pre).
[  OK  ] Reached target Local File Systems.
Starting Raise network interfaces...
Starting Preprocess NFS configuration...
Starting udev Kernel Device Manager...
[  OK  ] Started udev Kernel Device Manager.
[  OK  ] Started Preprocess NFS configuration.
[  OK  ] Reached target NFS client services.
[  OK  ] Started Flush Journal to Persistent Storage.
Starting Create Volatile Files and Directories...
[  OK  ] Started Create Volatile Files and Directories.
Starting RPC bind portmap service...
Starting Network Time Synchronization...
Starting Update UTMP about System Boot/Shutdown...
[  OK  ] Started udev Coldplug all Devices.
[  OK  ] Started RPC bind portmap service.
[  OK  ] Started Update UTMP about Sy[    8.844398][  T189] ACPI: bus type drm_connector registered
stem Boot/Shutdown.
[  OK  ] Started Network Time Synchronization.
[    8.847422][  T191] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
[  OK  ] Reached target System Time Synchronized.
[  OK  ] Reached target System Initialization.
[  OK  ] Started Daily apt download activities.
[  OK  ] Listening on D-Bus System Message Bus Socket.
[  OK  ] Reached target Sockets.
[  OK  ] Reached target Basic System.
[  OK  ] Started Regular background program processing daemon.
[  OK  ] Started D-Bus System Message Bus.
[    8.861894][  T152] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[    8.864009][  T193] libata version 3.00 loaded.
Starting System Logging Service...
[    8.865729][  T211] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
Starting Login Service...
[    8.869350][  T211] Console: switching to colour dummy device 80x25
Starting LSB: Execute t[    8.870048][  T211] [drm] Found bochs VGA, ID 0xb0c0.
he kexec -e comm[    8.870520][  T211] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebf0000.
and to reboot system...
[    8.871394][  T191] ACPI: button: Power Button [PWRF]
[    8.871806][    T7] ata_piix 0000:00:01.1: version 2.13


To reproduce:

        # build kernel
	cd linux
	cp config-5.17.0-rc3-00007-g502198c77a26 .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
	cd <mod-install-dir>
	find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz


        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.



-- 
0-DAY CI Kernel Test Service
https://01.org/lkp



View attachment "config-5.17.0-rc3-00007-g502198c77a26" of type "text/plain" (140846 bytes)

View attachment "job-script" of type "text/plain" (4575 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (13880 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ