| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202211131641.f1fe0711-yujie.liu@intel.com>
Date: Sun, 13 Nov 2022 17:51:45 +0800
From: kernel test robot <yujie.liu@...el.com>
To: Pasha Tatashin <pasha.tatashin@...een.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Arnd Bergmann <arnd@...db.de>,
Bagas Sanjaya <bagasdotme@...il.com>,
Colin Cross <ccross@...gle.com>,
David Hildenbrand <david@...hat.com>,
Hugh Dickins <hughd@...gle.com>,
Johannes Weiner <hannes@...xchg.org>,
Jonathan Corbet <corbet@....net>,
"Kirill A . Shutemov" <kirill@...temov.name>,
Liam Howlett <liam.howlett@...cle.com>,
"Matthew Wilcox" <willy@...radead.org>,
Mike Rapoport <rppt@...nel.org>,
"Paul Gortmaker" <paul.gortmaker@...driver.com>,
Peter Xu <peterx@...hat.com>,
"Sean Christopherson" <seanjc@...gle.com>,
Vincent Whitchurch <vincent.whitchurch@...s.com>,
Vlastimil Babka <vbabka@...e.cz>, xu xin <cgel.zte@...il.com>,
Yang Shi <shy828301@...il.com>, Yu Zhao <yuzhao@...gle.com>,
Linux Memory Management List <linux-mm@...ck.org>,
<linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>
Subject: [linux-next:master] [mm] 2220e3a895:
WARNING:at_include/linux/mmap_lock.h:#anon_vma_name
Greeting,
FYI, we noticed WARNING:at_include/linux/mmap_lock.h:#anon_vma_name due to commit (built with gcc-11):
commit: 2220e3a8953e86b87adfc753fc57c2a5e0b0a032 ("mm: anonymous shared memory naming")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master
[test failed on linux-next/master f8f60f322f0640c8edda2942ca5f84b7a27c417a]
in testcase: trinity
version: trinity-static-x86_64-x86_64-1c734c75-1_2020-01-06
with following parameters:
runtime: 300s
group: group-04
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
[ 128.700641][ T4161] ------------[ cut here ]------------
[ 128.701055][ T4161] WARNING: CPU: 0 PID: 4161 at include/linux/mmap_lock.h:155 anon_vma_name (??:?)
[ 128.701608][ T4161] Modules linked in:
[ 128.701839][ T4161] CPU: 0 PID: 4161 Comm: trinity-c4 Tainted: G T 6.1.0-rc4-00216-g2220e3a8953e #1 11f9472e0edad800f55c5824aae0f9f692ada352
[ 128.702701][ T4161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 128.703294][ T4161] RIP: 0010:anon_vma_name (??:?)
[ 128.703602][ T4161] Code: c1 ea 03 80 3c 02 00 75 54 48 8b 83 88 00 00 00 5b 5d 41 5c c3 48 8d bd 70 06 00 00 be ff ff ff ff e8 27 35 12 02 85 c0 75 8a <0f> 0b eb 86 48 89 ef e8 57 49 f7 ff 0f 0b 48 c7 c7 2c 05 27 86 e8
All code
========
0: c1 ea 03 shr $0x3,%edx
3: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1)
7: 75 54 jne 0x5d
9: 48 8b 83 88 00 00 00 mov 0x88(%rbx),%rax
10: 5b pop %rbx
11: 5d pop %rbp
12: 41 5c pop %r12
14: c3 retq
15: 48 8d bd 70 06 00 00 lea 0x670(%rbp),%rdi
1c: be ff ff ff ff mov $0xffffffff,%esi
21: e8 27 35 12 02 callq 0x212354d
26: 85 c0 test %eax,%eax
28: 75 8a jne 0xffffffffffffffb4
2a:* 0f 0b ud2 <-- trapping instruction
2c: eb 86 jmp 0xffffffffffffffb4
2e: 48 89 ef mov %rbp,%rdi
31: e8 57 49 f7 ff callq 0xfffffffffff7498d
36: 0f 0b ud2
38: 48 c7 c7 2c 05 27 86 mov $0xffffffff8627052c,%rdi
3f: e8 .byte 0xe8
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: eb 86 jmp 0xffffffffffffff8a
4: 48 89 ef mov %rbp,%rdi
7: e8 57 49 f7 ff callq 0xfffffffffff74963
c: 0f 0b ud2
e: 48 c7 c7 2c 05 27 86 mov $0xffffffff8627052c,%rdi
15: e8 .byte 0xe8
[ 128.704711][ T4161] RSP: 0018:ffff8881330efa38 EFLAGS: 00010246
[ 128.705067][ T4161] RAX: 0000000000000000 RBX: ffffffff84c82000 RCX: 0000000000000001
[ 128.705525][ T4161] RDX: 0000000000000000 RSI: 0000000000000670 RDI: ffff88816cb7c9d0
[ 128.705981][ T4161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 128.706480][ T4161] R10: ffffffffff600000 R11: 0000000000000000 R12: ffffffff84c82040
[ 128.706938][ T4161] R13: ffffffff84c82080 R14: ffffffff84c82010 R15: ffffffff84c82000
[ 128.707392][ T4161] FS: 000000000109a880(0000) GS:ffff88839d400000(0000) knlGS:0000000000000000
[ 128.707905][ T4161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 128.708284][ T4161] CR2: 00007f52e686184c CR3: 000000017e9bc000 CR4: 00000000000406b0
[ 128.708741][ T4161] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 128.709196][ T4161] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 128.709652][ T4161] Call Trace:
[ 128.709846][ T4161] <TASK>
[ 128.710031][ T4161] show_map_vma (task_mmu.c:?)
[ 128.710323][ T4161] show_map (task_mmu.c:?)
[ 128.710725][ T4161] seq_read_iter (??:?)
[ 128.711291][ T4161] ? lock_acquire (??:?)
[ 128.711820][ T4161] seq_read (??:?)
[ 128.712351][ T4161] ? seq_read_iter (??:?)
[ 128.712941][ T4161] ? __might_fault (??:?)
[ 128.713464][ T4161] do_loop_readv_writev+0xca/0x300
[ 128.714126][ T4161] ? fsnotify_perm+0x134/0x4c0
[ 128.714773][ T4161] do_iter_read (read_write.c:?)
[ 128.715375][ T4161] vfs_readv (read_write.c:?)
[ 128.715873][ T4161] ? vfs_iter_read (read_write.c:?)
[ 128.716396][ T4161] ? find_held_lock (lockdep.c:?)
[ 128.716981][ T4161] ? __ct_user_exit (??:?)
[ 128.717558][ T4161] ? __lock_release (lockdep.c:?)
[ 128.718136][ T4161] ? lock_downgrade (lockdep.c:?)
[ 128.718745][ T4161] __x64_sys_preadv (??:?)
[ 128.719033][ T4161] ? __x64_sys_preadv2 (??:?)
[ 128.719338][ T4161] do_syscall_64 (??:?)
[ 128.719599][ T4161] entry_SYSCALL_64_after_hwframe (??:?)
[ 128.719940][ T4161] RIP: 0033:0x463519
[ 128.720168][ T4161] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 59 00 00 c3 66 2e 0f 1f 84 00 00 00 00
All code
========
0: 00 f3 add %dh,%bl
2: c3 retq
3: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
a: 00 00 00
d: 0f 1f 40 00 nopl 0x0(%rax)
11: 48 89 f8 mov %rdi,%rax
14: 48 89 f7 mov %rsi,%rdi
17: 48 89 d6 mov %rdx,%rsi
1a: 48 89 ca mov %rcx,%rdx
1d: 4d 89 c2 mov %r8,%r10
20: 4d 89 c8 mov %r9,%r8
23: 4c 8b 4c 24 08 mov 0x8(%rsp),%r9
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 0f 83 db 59 00 00 jae 0x5a11
36: c3 retq
37: 66 data16
38: 2e cs
39: 0f .byte 0xf
3a: 1f (bad)
3b: 84 00 test %al,(%rax)
3d: 00 00 add %al,(%rax)
...
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 0f 83 db 59 00 00 jae 0x59e7
c: c3 retq
d: 66 data16
e: 2e cs
f: 0f .byte 0xf
10: 1f (bad)
11: 84 00 test %al,(%rax)
13: 00 00 add %al,(%rax)
...
[ 128.721265][ T4161] RSP: 002b:00007ffc45dc65f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 128.721745][ T4161] RAX: ffffffffffffffda RBX: 0000000000000127 RCX: 0000000000463519
[ 128.722214][ T4161] RDX: 00000000000000ca RSI: 0000000001327030 RDI: 000000000000003e
[ 128.722671][ T4161] RBP: 00007f52e5593000 R08: 0000001027180f8c R09: 0000000000000045
[ 128.723126][ T4161] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 128.723580][ T4161] R13: 00007f52e5593058 R14: 000000000109a850 R15: 00007f52e5593000
[ 128.724048][ T4161] </TASK>
[ 128.724228][ T4161] irq event stamp: 39467
[ 128.724474][ T4161] hardirqs last enabled at (39475): __up_console_sem (printk.c:?)
[ 128.725014][ T4161] hardirqs last disabled at (39482): __up_console_sem (printk.c:?)
[ 128.725553][ T4161] softirqs last enabled at (39294): __do_softirq (??:?)
[ 128.726090][ T4161] softirqs last disabled at (39281): __irq_exit_rcu (softirq.c:?)
[ 128.727013][ T4161] ---[ end trace 0000000000000000 ]---
[ 128.727667][ T4161] ==================================================================
If you fix the issue, kindly add following tag
| Reported-by: kernel test robot <yujie.liu@...el.com>
| Link: https://lore.kernel.org/oe-lkp/202211131641.f1fe0711-yujie.liu@intel.com
To reproduce:
# build kernel
cd linux
cp config-6.1.0-rc4-00216-g2220e3a8953e .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
View attachment "config-6.1.0-rc4-00216-g2220e3a8953e" of type "text/plain" (123740 bytes)
View attachment "job-script" of type "text/plain" (4486 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (47684 bytes)
Powered by blists - more mailing lists