| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Aug 2020 16:57:19 +0800
From: kernel test robot <rong.a.chen@...el.com>
To: Roman Gushchin <guro@...com>
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>, kernel-team@...com,
linux-kernel@...r.kernel.org, Johannes Weiner <hannes@...xchg.org>,
Shakeel Butt <shakeelb@...gle.com>, linux-mm@...ck.org,
Roman Gushchin <guro@...com>, Song Liu <songliubraving@...com>,
0day robot <lkp@...el.com>, lkp@...ts.01.org
Subject: [bpf] eda7ef0c7b: canonical_address#:#[##]
Greeting,
FYI, we noticed the following commit (built with gcc-9):
commit: eda7ef0c7b86e72b35c62c9d1e55c57cecd0abe7 ("[PATCH bpf-next v4 19/30] bpf: eliminate rlimit-based memory accounting for hashtab maps")
url: https://github.com/0day-ci/linux/commits/Roman-Gushchin/bpf-switch-to-memcg-based-memory-accounting/20200821-233104
base: https://git.kernel.org/cgit/linux/kernel/git/bpf/bpf-next.git master
in testcase: trinity
with following parameters:
runtime: 300s
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 8G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+------------------------------------------+------------+------------+
| | 4ad9edebed | eda7ef0c7b |
+------------------------------------------+------------+------------+
| boot_successes | 4 | 0 |
| boot_failures | 0 | 4 |
| canonical_address#:#[##] | 0 | 4 |
| RIP:bpf_map_free_deferred | 0 | 4 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 4 |
+------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <rong.a.chen@...el.com>
[ 37.201357] init: tty2 main process ended, respawning
[ 37.232660] init: tty3 main process (480) terminated with status 1
[ 37.234056] init: tty3 main process ended, respawning
[ 37.239246] init: tty6 main process (482) terminated with status 1
[ 37.240789] init: tty6 main process ended, respawning
[ 40.878036] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] SMP
[ 40.900083] CPU: 0 PID: 157 Comm: kworker/0:2 Not tainted 5.9.0-rc1-00149-geda7ef0c7b86e7 #1
[ 40.901680] Workqueue: events bpf_map_free_deferred
[ 40.902630] RIP: 0010:bpf_map_free_deferred+0x57/0xdf
[ 40.903694] Code: aa ff ff ff 48 89 ef e8 e2 ee 27 00 48 8b 83 70 ff ff ff 48 89 ef ff 50 18 48 89 e7 e8 66 ff ff ff 48 8b 5b c8 48 85 db 74 6c <f6> 43 7c 01 75 66 e8 ac dd ff ff e8 c0 ec ff ff e8 aa 91 74 00 85
[ 40.907343] RSP: 0018:ffff88821a353e38 EFLAGS: 00010202
[ 40.908373] RAX: 0000000000000000 RBX: 6b6b6b6b6b6b6b6b RCX: 0000000000000006
[ 40.909786] RDX: ffff88821aa98b40 RSI: 0000000000000000 RDI: 0000000000000000
[ 40.911066] RBP: ffff888236069c00 R08: 0000000000000400 R09: ffffea000867e208
[ 40.912407] R10: ffffea0008359048 R11: 0000000000000002 R12: ffff888237c2a780
[ 40.913801] R13: ffff888237c2fd00 R14: 0000000000000000 R15: ffff888236069c98
[ 40.915216] FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[ 40.916762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 40.917874] CR2: 0000000000442d70 CR3: 000000020d685000 CR4: 00000000000406b0
[ 40.919297] Call Trace:
[ 40.919816] process_one_work+0x288/0x475
[ 40.920573] ? worker_thread+0x205/0x254
[ 40.921377] worker_thread+0x1a5/0x254
[ 40.922147] ? create_worker+0x17d/0x17d
[ 40.922899] kthread+0x108/0x110
[ 40.923570] ? kthread_create_worker_on_cpu+0x65/0x65
[ 40.924598] ret_from_fork+0x1f/0x30
[ 40.925312] Modules linked in: ide_cd_mod cdrom ide_pci_generic evdev i2c_piix4 piix ide_core i2c_core virtio_blk parport_pc qemu_fw_cfg processor button
[ 40.928068] ---[ end trace 270fed0e47b93410 ]---
[ 40.928901] RIP: 0010:bpf_map_free_deferred+0x57/0xdf
[ 40.929782] Code: aa ff ff ff 48 89 ef e8 e2 ee 27 00 48 8b 83 70 ff ff ff 48 89 ef ff 50 18 48 89 e7 e8 66 ff ff ff 48 8b 5b c8 48 85 db 74 6c <f6> 43 7c 01 75 66 e8 ac dd ff ff e8 c0 ec ff ff e8 aa 91 74 00 85
[ 40.933487] RSP: 0018:ffff88821a353e38 EFLAGS: 00010202
[ 40.934549] RAX: 0000000000000000 RBX: 6b6b6b6b6b6b6b6b RCX: 0000000000000006
[ 40.970611] RDX: ffff88821aa98b40 RSI: 0000000000000000 RDI: 0000000000000000
[ 40.971949] RBP: ffff888236069c00 R08: 0000000000000400 R09: ffffea000867e208
[ 40.973305] R10: ffffea0008359048 R11: 0000000000000002 R12: ffff888237c2a780
[ 40.974789] R13: ffff888237c2fd00 R14: 0000000000000000 R15: ffff888236069c98
[ 40.980705] FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[ 40.982086] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 40.983172] CR2: 0000000000442d70 CR3: 000000020d685000 CR4: 00000000000406b0
[ 40.984665] Kernel panic - not syncing: Fatal exception
[ 40.985818] Kernel Offset: disabled
Kboot worker: lkp-worker46
Elapsed time: 60
To reproduce:
# build kernel
cd linux
cp config-5.9.0-rc1-00149-geda7ef0c7b86e7 .config
make HOSTCC=gcc-9 CC=gcc-9 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Rong Chen
View attachment "config-5.9.0-rc1-00149-geda7ef0c7b86e7" of type "text/plain" (154896 bytes)
View attachment "job-script" of type "text/plain" (4548 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (17952 bytes)
Powered by blists - more mailing lists