| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220516140114.GB26219@xsang-OptiPlex-9020>
Date: Mon, 16 May 2022 22:01:14 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Eric Dumazet <edumazet@...gle.com>
Cc: lkp@...ts.01.org, lkp@...el.com,
LKML <linux-kernel@...r.kernel.org>
Subject: [llc] a70a667736: dmesg.kernel_BUG_at_net/core/skbuff.c
Greeting,
FYI, we noticed the following commit (built with gcc-11):
commit: a70a667736ede10bbb28121a4ea20eeadbb2af13 ("llc: make sure applications use ARPHRD_ETHER")
https://git.kernel.org/cgit/linux/kernel/git/sj/linux.git damon/for-v5.4.158
in testcase: trinity
version: trinity-static-i386-x86_64-1c734c75-1_2020-01-06
with following parameters:
runtime: 300s
group: group-00
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-------------------------------------------------------+------------+------------+
| | 73e42f4d2d | a70a667736 |
+-------------------------------------------------------+------------+------------+
| boot_successes | 200 | 120 |
| boot_failures | 0 | 65 |
| kernel_BUG_at_net/core/skbuff.c | 0 | 65 |
| invalid_opcode:#[##] | 0 | 65 |
| EIP:pskb_expand_head | 0 | 65 |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 65 |
+-------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 125.275326][ T3969] ------------[ cut here ]------------
[ 125.281867][ T3969] kernel BUG at net/core/skbuff.c:1622!
[ 125.297360][ T3969] invalid opcode: 0000 [#1] SMP PTI
[ 125.303514][ T3969] CPU: 1 PID: 3969 Comm: trinity-c1 Tainted: G E 5.4.52-00011-ga70a667736ede #1
[ 125.311197][ T3969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 125.318417][ T3969] EIP: pskb_expand_head+0x288/0x300
[ 125.324417][ T3969] Code: 1e fc b3 ff 59 89 45 f0 85 c0 0f 85 11 fe ff ff eb cc e8 4b dd b3 ff e9 8c fe ff ff 8d b6 00 00 00 00 0f 0b 8d b6 00 00 00 00 <
0f> 0b 8d b6 00 00 00 00 a8 01 75 0c 81 38 80 8b 73 d0 0f 84 00 ff
[ 125.337732][ T3969] EAX: 00000002 EBX: f629ba80 ECX: ffffff3c EDX: 00000000
[ 125.344673][ T3969] ESI: ffffff7b EDI: 00000001 EBP: f622fcc0 ESP: f622fc9c
[ 125.351158][ T3969] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010202
[ 125.357838][ T3969] CR0: 80050033 CR2: b6d21000 CR3: 35aa0000 CR4: 000406f0
[ 125.364405][ T3969] Call Trace:
[ 125.370219][ T3969] ? __sock_queue_rcv_skb+0x114/0x200
[ 125.376144][ T3969] __skb_pad+0x5b/0x100
[ 125.382169][ T3969] e1000_xmit_frame+0x4d5/0x840
[ 125.388227][ T3969] ? dev_queue_xmit_nit+0x205/0x240
[ 125.394078][ T3969] dev_hard_start_xmit+0x7a/0x200
[ 125.400428][ T3969] sch_direct_xmit+0x100/0x300
[ 125.406239][ T3969] __qdisc_run+0x5f/0xc0
[ 125.411978][ T3969] ? pfifo_fast_change_tx_queue_len+0x80/0x80
[ 125.419050][ T3969] __dev_xmit_skb+0x14f/0x340
[ 125.425163][ T3969] __dev_queue_xmit+0x2c6/0x4c0
[ 125.430854][ T3969] ? llc_mac_hdr_init+0x47/0x80 [llc]
[ 125.436616][ T3969] dev_queue_xmit+0xf/0x40
[ 125.441940][ T3969] llc_sap_action_send_test_c+0x7b/0x80 [llc2]
[ 125.447043][ T3969] llc_sap_state_process+0x8a/0x100 [llc2]
[ 125.451768][ T3969] llc_build_and_send_test_pkt+0x4c/0x80 [llc2]
[ 125.454603][ T3969] llc_ui_sendmsg+0x2a9/0x300 [llc2]
[ 125.457390][ T3969] ? llc_ui_connect+0x2c0/0x2c0 [llc2]
[ 125.460618][ T3969] sock_sendmsg+0x5c/0x80
[ 125.464027][ T3969] __sys_sendto+0xe6/0x140
[ 125.467419][ T3969] ? syscall_trace_enter+0x218/0x240
[ 125.471231][ T3969] ? sys_alarm+0x47/0x80
[ 125.475617][ T3969] sys_sendto+0x1f/0x40
[ 125.478677][ T3969] do_fast_syscall_32+0x8a/0x1ca
[ 125.481733][ T3969] entry_SYSENTER_32+0xa2/0xf5
[ 125.484613][ T3969] EIP: 0xb7fb6b5d
[ 125.486916][ T3969] Code: 26 00 00 00 00 b8 00 09 3d 00 eb b5 8b 04 24 c3 8b 14 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 90 51 52 55 89 e5 0f 34 cd 80 <
5d> 5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76
[ 125.494780][ T3969] EAX: ffffffda EBX: 00000199 ECX: 0a958c68 EDX: 00000001
[ 125.498580][ T3969] ESI: 04012284 EDI: 0a9e8ef8 EBP: 00000058 ESP: bfb8f5ec
[ 125.501907][ T3969] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000292
[ 125.505460][ T3969] Modules linked in: af_alg(E) fcrypt(E) pcbc(E) rxrpc(E) crypto_user(E) scsi_transport_iscsi(E) xfrm_user(E) llc2(E) llc(E) sctp(E) libcrc32c(E) crc32c_generic(E) uvesafb(E) intel_rapl_msr(E) intel_rapl_common(E) crc32_pclmul(E) crc32c_intel(E) aesni_intel(E) crypto_simd(E) cryptd(E) rapl(E) ppdev(E) bochs_drm(E) drm_vram_helper(E) ttm(E) evdev(E) drm_kms_helper(E) syscopyarea(E) sysfillrect(E) sysimgblt(E) fb_sys_fops(E) psmouse(E) ata_generic(E) serio_raw(E) drm(E) qemu_fw_cfg(E) ata_piix(E) parport_pc(E) floppy(E) parport(E) i2c_piix4(E) libata(E) button(E)
[ 125.522548][ T3969] ---[ end trace b20f6a7c9adb62cd ]---
[ 125.526153][ T3969] EIP: pskb_expand_head+0x288/0x300
[ 125.526157][ T3969] Code: 1e fc b3 ff 59 89 45 f0 85 c0 0f 85 11 fe ff ff eb cc e8 4b dd b3 ff e9 8c fe ff ff 8d b6 00 00 00 00 0f 0b 8d b6 00 00 00 00 <0f> 0b 8d b6 00 00 00 00 a8 01 75 0c 81 38 80 8b 73 d0 0f 84 00 ff
[ 125.526159][ T3969] EAX: 00000002 EBX: f629ba80 ECX: ffffff3c EDX: 00000000
[ 125.526160][ T3969] ESI: ffffff7b EDI: 00000001 EBP: f622fcc0 ESP: f622fc9c
[ 125.526163][ T3969] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010202
[ 125.526169][ T3969] CR0: 80050033 CR2: b6d21000 CR3: 35aa0000 CR4: 000406f0
[ 125.557025][ T3969] Kernel panic - not syncing: Fatal exception in interrupt
[ 125.560710][ T3969] Kernel Offset: 0xf000000 from 0xc1000000 (relocation range: 0xc0000000-0xf6ffdfff)
To reproduce:
# build kernel
cd linux
cp config-5.4.52-00011-ga70a667736ede .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
View attachment "config-5.4.52-00011-ga70a667736ede" of type "text/plain" (127789 bytes)
View attachment "job-script" of type "text/plain" (4344 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (15468 bytes)
Powered by blists - more mailing lists