lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <00000000000009f22805e2e0ebae@google.com>
Date:   Sat, 02 Jul 2022 23:42:07 -0700
From:   syzbot <syzbot+b42fe626038981fb7bfa@...kaller.appspotmail.com>
To:     hdanton@...a.com, linux-kernel@...r.kernel.org,
        syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] possible deadlock in mnt_want_write (2)

Hello,

syzbot tried to test the proposed patch but the build/boot failed:


[   10.794756][    T1]     Actions configured
[   10.798980][    T1] nf_conntrack_irc: failed to register helpers
[   10.800343][    T1] nf_conntrack_sane: failed to register helpers
[   10.916180][    T1] nf_conntrack_sip: failed to register helpers
[   10.925334][    T1] xt_time: kernel timezone is -0000
[   10.926447][    T1] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[   10.928073][    T1] IPVS: Connection hash table configured (size=4096, memory=32Kbytes)
[   10.930247][    T1] IPVS: ipvs loaded.
[   10.931222][    T1] IPVS: [rr] scheduler registered.
[   10.932047][    T1] IPVS: [wrr] scheduler registered.
[   10.933355][    T1] IPVS: [lc] scheduler registered.
[   10.934246][    T1] IPVS: [wlc] scheduler registered.
[   10.934951][    T1] IPVS: [fo] scheduler registered.
[   10.935883][    T1] IPVS: [ovf] scheduler registered.
[   10.936731][    T1] IPVS: [lblc] scheduler registered.
[   10.937688][    T1] IPVS: [lblcr] scheduler registered.
[   10.938722][    T1] IPVS: [dh] scheduler registered.
[   10.939424][    T1] IPVS: [sh] scheduler registered.
[   10.940664][    T1] IPVS: [mh] scheduler registered.
[   10.941647][    T1] IPVS: [sed] scheduler registered.
[   10.942479][    T1] IPVS: [nq] scheduler registered.
[   10.943378][    T1] IPVS: [twos] scheduler registered.
[   10.945063][    T1] IPVS: [sip] pe registered.
[   10.945914][    T1] ipip: IPv4 and MPLS over IPv4 tunneling driver
[   10.949523][    T1] gre: GRE over IPv4 demultiplexor driver
[   10.950671][    T1] ip_gre: GRE over IPv4 tunneling driver
[   10.959843][    T1] IPv4 over IPsec tunneling driver
[   10.963931][    T1] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[   10.965654][    T1] Initializing XFRM netlink socket
[   10.966501][    T1] IPsec XFRM device driver
[   10.969892][    T1] NET: Registered PF_INET6 protocol family
[   10.983255][    T1] Segment Routing with IPv6
[   10.984380][    T1] RPL Segment Routing with IPv6
[   10.985473][    T1] In-situ OAM (IOAM) with IPv6
[   10.986688][    T1] mip6: Mobile IPv6
[   10.991973][    T1] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
[   11.000450][    T1] ip6_gre: GRE over IPv6 tunneling driver
[   11.004645][    T1] NET: Registered PF_PACKET protocol family
[   11.005898][    T1] NET: Registered PF_KEY protocol family
[   11.007907][    T1] Bridge firewalling registered
[   11.009408][    T1] NET: Registered PF_X25 protocol family
[   11.010490][    T1] X25: Linux Version 0.2
[   11.056697][    T1] NET: Registered PF_NETROM protocol family
[   11.102477][    T1] NET: Registered PF_ROSE protocol family
[   11.104096][    T1] NET: Registered PF_AX25 protocol family
[   11.105175][    T1] can: controller area network core
[   11.107418][    T1] NET: Registered PF_CAN protocol family
[   11.108767][    T1] can: raw protocol
[   11.109525][    T1] can: broadcast manager protocol
[   11.110776][    T1] can: netlink gateway - max_hops=1
[   11.112235][    T1] can: SAE J1939
[   11.112864][    T1] can: isotp protocol
[   11.114031][    T1] Bluetooth: RFCOMM TTY layer initialized
[   11.115090][    T1] Bluetooth: RFCOMM socket layer initialized
[   11.116448][    T1] Bluetooth: RFCOMM ver 1.11
[   11.117194][    T1] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[   11.118258][    T1] Bluetooth: BNEP filters: protocol multicast
[   11.119119][    T1] Bluetooth: BNEP socket layer initialized
[   11.119936][    T1] Bluetooth: CMTP (CAPI Emulation) ver 1.0
[   11.120795][    T1] Bluetooth: CMTP socket layer initialized
[   11.121612][    T1] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[   11.122979][    T1] Bluetooth: HIDP socket layer initialized
[   11.128646][    T1] NET: Registered PF_RXRPC protocol family
[   11.129561][    T1] Key type rxrpc registered
[   11.130235][    T1] Key type rxrpc_s registered
[   11.132345][    T1] NET: Registered PF_KCM protocol family
[   11.134208][    T1] lec:lane_module_init: lec.c: initialized
[   11.135104][    T1] mpoa:atm_mpoa_init: mpc.c: initialized
[   11.136035][    T1] l2tp_core: L2TP core driver, V2.0
[   11.136763][    T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[   11.137521][    T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[   11.138798][    T1] l2tp_netlink: L2TP netlink interface
[   11.139676][    T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[   11.140591][    T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[   11.142091][    T1] NET: Registered PF_PHONET protocol family
[   11.144330][    T1] 8021q: 802.1Q VLAN Support v1.8
[   11.158244][    T1] DCCP: Activated CCID 2 (TCP-like)
[   11.159895][    T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[   11.164250][    T1] sctp: Hash tables configured (bind 32/56)
[   11.167526][    T1] NET: Registered PF_RDS protocol family
[   11.169491][    T1] Registered RDS/infiniband transport
[   11.171614][    T1] Registered RDS/tcp transport
[   11.172335][    T1] tipc: Activated (version 2.0.0)
[   11.173958][    T1] NET: Registered PF_TIPC protocol family
[   11.175494][    T1] tipc: Started in single node mode
[   11.177372][    T1] NET: Registered PF_SMC protocol family
[   11.178657][    T1] 9pnet: Installing 9P2000 support
[   11.179908][    T1] NET: Registered PF_CAIF protocol family
[   11.186645][    T1] NET: Registered PF_IEEE802154 protocol family
[   11.188074][    T1] Key type dns_resolver registered
[   11.188970][    T1] Key type ceph registered
[   11.190736][    T1] libceph: loaded (mon/osd proto 15/24)
[   11.194170][    T1] batman_adv: B.A.T.M.A.N. advanced 2022.2 (compatibility version 15) loaded
[   11.195538][    T1] openvswitch: Open vSwitch switching datapath
[   11.200918][    T1] NET: Registered PF_VSOCK protocol family
[   11.202106][    T1] mpls_gso: MPLS GSO support
[   11.210879][    T1] IPI shorthand broadcast: enabled
[   11.211827][    T1] AVX2 version of gcm_enc/dec engaged.
[   11.212938][    T1] AES CTR mode by8 optimization enabled
[   11.216937][    T1] sched_clock: Marking stable (11189291508, 27411798)->(11228251728, -11548422)
[   11.220049][    T1] registered taskstats version 1
[   11.226325][    T1] Loading compiled-in X.509 certificates
[   11.232410][    T1] Loaded X.509 cert 'Build time autogenerated kernel key: 327992f6769a077bd3f61b5b84c11a0b7686edca'
[   11.237367][    T1] zswap: loaded using pool lzo/zbud
[   11.239785][    T1] debug_vm_pgtable: [debug_vm_pgtable         ]: Validating architecture page table helpers
[   13.446441][    T1] Key type ._fscrypt registered
[   13.447548][    T1] Key type .fscrypt registered
[   13.448655][    T1] Key type fscrypt-provisioning registered
[   13.457608][    T1] kAFS: Red Hat AFS client v0.1 registering.
[   13.471332][    T1] Btrfs loaded, crc32c=crc32c-intel, assert=on, zoned=yes, fsverity=yes
[   13.481315][    T1] Key type big_key registered
[   13.489809][    T1] Key type encrypted registered
[   13.495191][    T1] ima: No TPM chip found, activating TPM-bypass!
[   13.501677][    T1] Loading compiled-in module X.509 certificates
[   13.510483][    T1] Loaded X.509 cert 'Build time autogenerated kernel key: 327992f6769a077bd3f61b5b84c11a0b7686edca'
[   13.521562][    T1] ima: Allocated hash algorithm: sha256
[   13.527593][    T1] ima: No architecture policies found
[   13.533919][    T1] evm: Initialising EVM extended attributes:
[   13.540125][    T1] evm: security.selinux (disabled)
[   13.545284][    T1] evm: security.SMACK64
[   13.549630][    T1] evm: security.SMACK64EXEC
[   13.554262][    T1] evm: security.SMACK64TRANSMUTE
[   13.559359][    T1] evm: security.SMACK64MMAP
[   13.564258][    T1] evm: security.apparmor (disabled)
[   13.569451][    T1] evm: security.ima
[   13.573281][    T1] evm: security.capability
[   13.577912][    T1] evm: HMAC attrs: 0x1
[   13.667958][    T1] PM:   Magic number: 14:892:568
[   13.674812][    T1] tty ptyb0: hash matches
[   13.681749][    T1] printk: console [netcon0] enabled
[   13.687578][    T1] netconsole: network logging started
[   13.693813][    T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[   13.702896][    T1] rdma_rxe: loaded
[   13.707226][    T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[   13.718938][    T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[   13.728511][   T14] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   13.735610][    T1] ALSA device list:
[   13.739036][   T14] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   13.742820][    T1]   #0: Dummy 1
[   13.754601][    T1]   #1: Loopback 1
[   13.758445][    T1]   #2: Virtual MIDI Card 1
[   13.766195][    T1] md: Waiting for all devices to be available before autodetect
[   13.773982][    T1] md: If you don't use raid, use raid=noautodetect
[   13.780525][    T1] md: Autodetecting RAID arrays.
[   13.785616][    T1] md: autorun ...
[   13.789260][    T1] md: ... autorun DONE.
[   13.851436][    T1] EXT4-fs (sda1): mounted filesystem with ordered data mode. Quota mode: none.
[   13.860907][    T1] VFS: Mounted root (ext4 filesystem) readonly on device 8:1.
[   13.871937][    T1] devtmpfs: mounted
[   13.933201][    T1] Freeing unused kernel image (initmem) memory: 2532K
[   13.940276][    T1] Write protecting the kernel read-only data: 188416k
[   13.952095][    T1] Freeing unused kernel image (text/rodata gap) memory: 2016K
[   13.961388][    T1] Freeing unused kernel image (rodata/data gap) memory: 968K
[   13.976834][    T1] Failed to set sysctl parameter 'max_rcu_stall_to_panic=1': parameter not found
[   13.986636][    T1] Run /sbin/init as init process
[   14.016105][    T1] ================================================================================
[   14.026198][    T1] UBSAN: array-index-out-of-bounds in security/integrity/iint.c:95:2
[   14.034474][    T1] index -1 is out of range for type 'struct lock_class_key [2]'
[   14.042117][    T1] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.19.0-rc4-syzkaller-00187-g089866061428-dirty #0
[   14.052389][    T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[   14.062467][    T1] Call Trace:
[   14.066465][    T1]  <TASK>
[   14.069409][    T1]  dump_stack_lvl+0x1e3/0x2cb
[   14.074120][    T1]  ? bfq_pos_tree_add_move+0x436/0x436
[   14.079687][    T1]  ? panic+0x76e/0x76e
[   14.083765][    T1]  ? rcu_read_lock_sched_held+0x89/0x130
[   14.089406][    T1]  __ubsan_handle_out_of_bounds+0x107/0x150
[   14.095337][    T1]  integrity_inode_get+0x417/0x420
[   14.100496][    T1]  process_measurement+0x444/0x1c10
[   14.105745][    T1]  ? print_irqtrace_events+0x220/0x220
[   14.111236][    T1]  ? ima_file_mmap+0x1b0/0x1b0
[   14.116014][    T1]  ? kasan_quarantine_put+0xd4/0x230
[   14.121423][    T1]  ? smack_current_getsecid_subj+0x19/0xe0
[   14.127356][    T1]  ima_bprm_check+0x11e/0x2a0
[   14.132103][    T1]  ? ima_file_mprotect+0x510/0x510
[   14.137259][    T1]  ? tomoyo_bprm_check_security+0x115/0x130
[   14.143150][    T1]  ? bpf_lsm_bprm_check_security+0x5/0x10
[   14.148873][    T1]  bprm_execve+0x817/0x1590
[   14.153386][    T1]  ? alloc_bprm+0x3b0/0x3b0
[   14.157892][    T1]  ? alloc_bprm+0x353/0x3b0
[   14.162394][    T1]  kernel_execve+0x8eb/0xa00
[   14.167065][    T1]  kernel_init+0xda/0x2b0
[   14.171391][    T1]  ? rest_init+0x270/0x270
[   14.175801][    T1]  ret_from_fork+0x1f/0x30
[   14.180231][    T1]  </TASK>
[   14.183787][    T1] ================================================================================
[   14.193269][    T1] Kernel panic - not syncing: panic_on_warn set ...
[   14.199850][    T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-rc4-syzkaller-00187-g089866061428-dirty #0
[   14.210167][    T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[   14.220252][    T1] Call Trace:
[   14.223537][    T1]  <TASK>
[   14.226571][    T1]  dump_stack_lvl+0x1e3/0x2cb
[   14.231355][    T1]  ? bfq_pos_tree_add_move+0x436/0x436
[   14.236810][    T1]  ? panic+0x76e/0x76e
[   14.240957][    T1]  ? preempt_schedule_thunk+0x16/0x18
[   14.246363][    T1]  ? vscnprintf+0x59/0x80
[   14.250705][    T1]  panic+0x312/0x76e
[   14.254604][    T1]  ? __ubsan_handle_out_of_bounds+0x12c/0x150
[   14.260665][    T1]  ? fb_is_primary_device+0xcc/0xcc
[   14.265939][    T1]  ? panic+0x76e/0x76e
[   14.270008][    T1]  ? rcu_read_lock_sched_held+0x89/0x130
[   14.275730][    T1]  __ubsan_handle_out_of_bounds+0x14d/0x150
[   14.281647][    T1]  integrity_inode_get+0x417/0x420
[   14.286807][    T1]  process_measurement+0x444/0x1c10
[   14.292135][    T1]  ? print_irqtrace_events+0x220/0x220
[   14.297831][    T1]  ? ima_file_mmap+0x1b0/0x1b0
[   14.302633][    T1]  ? kasan_quarantine_put+0xd4/0x230
[   14.307994][    T1]  ? smack_current_getsecid_subj+0x19/0xe0
[   14.313918][    T1]  ima_bprm_check+0x11e/0x2a0
[   14.318661][    T1]  ? ima_file_mprotect+0x510/0x510
[   14.323793][    T1]  ? tomoyo_bprm_check_security+0x115/0x130
[   14.329699][    T1]  ? bpf_lsm_bprm_check_security+0x5/0x10
[   14.335526][    T1]  bprm_execve+0x817/0x1590
[   14.340156][    T1]  ? alloc_bprm+0x3b0/0x3b0
[   14.344935][    T1]  ? alloc_bprm+0x353/0x3b0
[   14.349436][    T1]  kernel_execve+0x8eb/0xa00
[   14.354026][    T1]  kernel_init+0xda/0x2b0
[   14.358519][    T1]  ? rest_init+0x270/0x270
[   14.362929][    T1]  ret_from_fork+0x1f/0x30
[   14.367343][    T1]  </TASK>
[   14.370965][    T1] Kernel Offset: disabled
[   14.375385][    T1] Rebooting in 86400 seconds..


syzkaller build log:
go env (err=<nil>)
GO111MODULE="auto"
GOARCH="amd64"
GOBIN=""
GOCACHE="/syzkaller/.cache/go-build"
GOENV="/syzkaller/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/syzkaller/jobs/linux/gopath/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/syzkaller/jobs/linux/gopath"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.17"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build1808995379=/tmp/go-build -gno-record-gcc-switches"

git status (err=<nil>)
HEAD detached at 1434eec0b
nothing to commit, working tree clean


go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=1434eec0b84075b7246560cfa89f20cdb3d8077f -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220629-111539'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-fuzzer github.com/google/syzkaller/syz-fuzzer
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=1434eec0b84075b7246560cfa89f20cdb3d8077f -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220629-111539'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=1434eec0b84075b7246560cfa89f20cdb3d8077f -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220629-111539'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-stress github.com/google/syzkaller/tools/syz-stress
mkdir -p ./bin/linux_amd64
gcc -o ./bin/linux_amd64/syz-executor executor/executor.cc \
	-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -static-pie -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
	-DHOSTGOOS_linux=1 -DGIT_REVISION=\"1434eec0b84075b7246560cfa89f20cdb3d8077f\"


Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=15eb7be0080000


Tested on:

commit:         08986606 Merge tag 'libnvdimm-fixes-5.19-rc5' of git:/..
git tree:       http://kernel.source.codeaurora.cn/pub/scm/linux/kernel/git/torvalds/linux.git
kernel config:  https://syzkaller.appspot.com/x/.config?x=75c9ff14e1db87c0
dashboard link: https://syzkaller.appspot.com/bug?extid=b42fe626038981fb7bfa
compiler:       Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
patch:          https://syzkaller.appspot.com/x/patch.diff?x=13ef70ec080000

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ