lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240509154520.GH13977@twin.jikos.cz>
Date: Thu, 9 May 2024 17:45:20 +0200
From: David Sterba <dsterba@...e.cz>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: Sam Sun <samsun1006219@...il.com>, linux-kernel@...r.kernel.org,
	akpm@...ux-foundation.org, syzkaller-bugs@...glegroups.com,
	xrivendell7@...il.com, reiserfs-devel@...r.kernel.org
Subject: Re: [Linux kernel bug] general protection fault in alloc_object

On Wed, May 08, 2024 at 04:20:53PM +0200, Thomas Gleixner wrote:
> On Tue, May 07 2024 at 14:32, Sam Sun wrote:
> > ```
> > general protection fault, probably for non-canonical address
> > 0xdffffc0040000001: 0000 [#1] PREEMPT SMP KASAN NOPTI
> > KASAN: probably user-memory-access in range
> > [0x0000000200000008-0x000000020000000f]
> 
> This is a reiserfs issue. It crashes at random places:
> 
> [  348.634665][ T5992] REISERFS (device loop0): Using tea hash to sort names
> [  348.780602][ T5993] (udev-worker)[5993]: segfault at 200000001 ip 0000000200000001 sp 00007fffca0e6190 error 14 in udevadm[5613a8f19000+1a000] likely on CPU 3 (core 0, socket 3)
> [  348.796165][ T5993] Code: Unable to access opcode bytes at 0x1ffffffd7.
> [  348.831600][ T5016] systemd-journald[5016]: /var/log/journal/a042c4e41bfd4c9697a628486ba7707d/system.journal: Journal file corrupted, rotating.
> [  348.840565][ T6004] systemd-udevd[6004]: segfault at 100040048 ip 00007fde601b58a3 sp 00007fffca0e6250 error 4 in libc.so.6[7fde60108000+155000] likely on CPU 5 (core 0, socket 5)
> [  348.844214][ T6004] Code: 89 10 49 8b b4 24 a8 10 00 00 eb 34 0f 1f 00 4c 8b 2d 69 f5 0f 00 64 45 8b 75 00 e8 27 42 fc ff e8 52 fe fa ff e9 01 fe ff ff <48> 8b 0a 48 8b 42 08 48 89 41 08 48 89 08 49 8b b4 24 a8 10 00 00
> [  356.765557][ T5992] ==================================================================
> [  356.767188][ T5992] BUG: unable to handle page fault for address: 0000000100040058
> [  356.767204][ T5992] #PF: supervisor read access in kernel mode
> [  356.767219][ T5992] #PF: error_code(0x0000) - not-present page
> [  356.767233][ T5992] PGD 80000004ca01f067 P4D 80000004ca01f067 PUD 0 
> [  356.767266][ T5992] Oops: 0000 [#1] PREEMPT SMP KASAN PTI
> [  356.767294][ T5992] CPU: 4 PID: 5992 Comm: a Not tainted 6.9.0-rc7-00012-gdccb07f2914c-dirty #43
> [  356.767325][ T5992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
> [  356.767342][ T5992] RIP: 0010:stack_depot_save_flags+0x14b/0x8e0
> 
> Can we just get rid of this mess?

It's been on the deprecation and removal path, scheduled for 2025.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb103a51640ee32ab01c51e13bf8fca211f25f61
I wouldn't be surpised if somebody sends a patch on 1.1. to do that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ