lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <1a260c2c486c2c4bf60c7f953a17c820d4e8b4bc.camel@redhat.com> Date: Fri, 09 Sep 2022 09:19:40 +0200 From: Paolo Abeni <pabeni@...hat.com> To: Menglong Dong <menglong8.dong@...il.com> Cc: netdev <netdev@...r.kernel.org>, mptcp@...ts.linux.dev, Mengen Sun <mengensun@...cent.com>, Biao Jiang <benbjiang@...cent.com> Subject: Re: net: mptcp: mptcp selftest cause page_counter underflow On Fri, 2022-09-09 at 13:05 +0800, Menglong Dong wrote: > Hello, > > I find a kernel warning when I run mptcp selftest with > following print: > > [ 138.448383] ------------[ cut here ]------------ > [ 138.448386] page_counter underflow: -4294952882 nr_pages=4294967289 > [ 138.448396] WARNING: CPU: 36 PID: 13372 at mm/page_counter.c:56 > page_counter_uncharge+0x68/0x80 > [ 138.448403] Modules linked in: nft_tproxy nf_tproxy_ipv6 > nf_tproxy_ipv4 nft_socket nf_socket_ipv4 nf_socket_ipv6 ipt_REJECT > nf_reject_ipv4 sch_netem xt_mark veth tcp_diag udp_diag inet_diag tun > nf_conntrack_netlink xt_addrtype nft_compat overlay binfmt_misc > squashfs edac_core crc32_pclmul ghash_clmulni_intel aesni_intel > crypto_simd cryptd virtio_balloon drm i2c_core backlight fuse autofs4 > btrfs blake2b_generic zstd_compress multipath crc32c_intel sr_mod > cdrom floppy > [ 138.448429] CPU: 36 PID: 13372 Comm: mptcp_connect Kdump: loaded > Not tainted 6.0.0-rc2-0008+ #60 > [ 138.448431] Hardware name: Tencent Cloud CVM, BIOS > seabios-1.9.1-qemu-project.org 04/01/2014 > [ 138.448432] RIP: 0010:page_counter_uncharge+0x68/0x80 > [ 138.448435] Code: 5b 41 5c 41 5d 5d e9 47 bf ee 00 80 3d 08 e4 0b > 02 00 75 18 48 89 da 48 c7 c7 78 ea 7f 82 c6 05 f5 e3 0b 02 01 e8 6d > 66 bd 00 <0f> 0b 49 c7 45 00 00 00 00 00 31 f6 eb b7 66 2e 0f 1f 84 00 > 00 00 > [ 138.448437] RSP: 0018:ffffc9000a143b18 EFLAGS: 00010086 > [ 138.448439] RAX: 0000000000000000 RBX: 00000000fffffff9 RCX: 0000000000000000 > [ 138.448440] RDX: 0000000000000202 RSI: ffffffff827e53f1 RDI: 00000000ffffffff > [ 138.448441] RBP: ffffc9000a143b30 R08: 0000000000013ffb R09: 00000000ffffbfff > [ 138.448442] R10: ffffffff830760a0 R11: ffffffff830760a0 R12: ffffffff00000007 > [ 138.448443] R13: ffff8881229780d0 R14: ffff8882072a0f80 R15: 00000000084072b6 > [ 138.448447] FS: 00007f886f30d740(0000) GS:ffff889fbf700000(0000) > knlGS:0000000000000000 > [ 138.448449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 138.448450] CR2: 00007ffd8d488478 CR3: 0000000132088000 CR4: 00000000003506e0 > [ 138.448451] Call Trace: > [ 138.448453] <TASK> > [ 138.448456] drain_stock+0x43/0xc0 > [ 138.448459] __refill_stock+0x62/0x90 > [ 138.448461] mem_cgroup_uncharge_skmem+0x4e/0x90 > [ 138.448463] __sk_mem_reduce_allocated+0x12e/0x1b0 > [ 138.448467] __mptcp_update_rmem+0x8e/0xb0 > [ 138.448470] mptcp_release_cb+0x23a/0x320 > [ 138.448473] release_sock+0x48/0xa0 > [ 138.448475] mptcp_recvmsg+0x448/0xb70 > [ 138.448478] ? balance_dirty_pages_ratelimited+0x10/0x20 > [ 138.448481] ? generic_perform_write+0x13c/0x1f0 > [ 138.448484] inet_recvmsg+0x120/0x130 > [ 138.448488] sock_recvmsg+0x6e/0x80 > [ 138.448490] sock_read_iter+0x8f/0xf0 > [ 138.448492] vfs_read+0x29f/0x2d0 > [ 138.448495] ksys_read+0xb9/0xf0 > [ 138.448497] __x64_sys_read+0x19/0x20 > [ 138.448499] do_syscall_64+0x42/0x90 > [ 138.448501] entry_SYSCALL_64_after_hwframe+0x63/0xcd > [ 138.448504] RIP: 0033:0x7f886f0f9a7e > [ 138.448506] Code: c0 e9 b6 fe ff ff 50 48 8d 3d be ec 0b 00 e8 d9 > f1 01 00 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 > 14 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 48 83 > ec 28 > [ 138.448507] RSP: 002b:00007ffd8d488478 EFLAGS: 00000246 ORIG_RAX: > 0000000000000000 > [ 138.448509] RAX: ffffffffffffffda RBX: 0000000000000feb RCX: 00007f886f0f9a7e > [ 138.448510] RDX: 0000000000000feb RSI: 00007ffd8d48e550 RDI: 0000000000000003 > [ 138.448511] RBP: 0000000000000003 R08: 00007f886f1f2210 R09: 00007f886f1f2260 > [ 138.448512] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd8d48e550 > [ 138.448513] R13: 0000000000002000 R14: 0000000000000000 R15: 00007ffd8d48e550 > [ 138.448516] </TASK> > [ 138.448516] ---[ end trace 0000000000000000 ]--- > > It is easy to reproduce, just run mptcp_connect.sh, mptcp_sockopt.sh and > mptcp_join.sh together. > > Hmm...I'm not good at kernel memory, so someone who > is good at this part may have a look at this problem. > > You can add > Reported-by: Menglong Dong <imagedong@...cent.com> > when you fix this warning. Thank you for the report. We already got a similar one from the intel bot, but we did not find an easy way to reproduce it. The issue should be addressed by this patch: https://patchwork.kernel.org/project/netdevbpf/patch/20220906180404.1255873-1-matthieu.baerts@tessares.net/ Thanks, Paolo
Powered by blists - more mailing lists