lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202410231427.633734b3-lkp@intel.com>
Date: Wed, 23 Oct 2024 15:02:51 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Ignat Korchagin <ignat@...udflare.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, Jakub Kicinski
	<kuba@...nel.org>, Kuniyuki Iwashima <kuniyu@...zon.com>, Eric Dumazet
	<edumazet@...gle.com>, <netdev@...r.kernel.org>, <oliver.sang@...el.com>
Subject: [linux-next:master] [net]  18429e6e0c:
 WARNING:at_net/socket.c:#__sock_create



Hello,

kernel test robot noticed "WARNING:at_net/socket.c:#__sock_create" on:

commit: 18429e6e0c2ad26250862a786964d8c73400d9a0 ("Revert "net: do not leave a dangling sk pointer, when socket creation fails"")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

[test failed on linux-next/master f2493655d2d3d5c6958ed996b043c821c23ae8d3]

in testcase: trinity
version: 
with following parameters:

	runtime: 600s



config: x86_64-randconfig-072-20241019
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)


+------------------------------------------------+------------+------------+
|                                                | 48156296a0 | 18429e6e0c |
+------------------------------------------------+------------+------------+
| WARNING:at_net/socket.c:#__sock_create         | 0          | 23         |
| RIP:__sock_create                              | 0          | 23         |
+------------------------------------------------+------------+------------+


If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202410231427.633734b3-lkp@intel.com


[   81.874092][  T849] ------------[ cut here ]------------
[ 81.874427][ T849] WARNING: CPU: 0 PID: 849 at net/socket.c:1581 __sock_create (net/socket.c:1581 (discriminator 1)) 
[   81.874997][  T849] Modules linked in:
[   81.875214][  T849] CPU: 0 UID: 8192 PID: 849 Comm: trinity-c5 Not tainted 6.12.0-rc2-00650-g18429e6e0c2a #1
[ 81.875701][ T849] RIP: 0010:__sock_create (net/socket.c:1581 (discriminator 1)) 
[ 81.876000][ T849] Code: e9 19 fd ff ff e8 a3 16 d7 fd e9 4f f9 ff ff 41 bd 9f ff ff ff e9 b8 fa ff ff 41 bd ea ff ff ff e9 ad fa ff ff e8 83 95 9c fd <0f> 0b e9 72 ff ff ff e8 77 95 9c fd e8 62 72 12 00 31 ff 89 c3 89
All code
========
   0:	e9 19 fd ff ff       	jmp    0xfffffffffffffd1e
   5:	e8 a3 16 d7 fd       	call   0xfffffffffdd716ad
   a:	e9 4f f9 ff ff       	jmp    0xfffffffffffff95e
   f:	41 bd 9f ff ff ff    	mov    $0xffffff9f,%r13d
  15:	e9 b8 fa ff ff       	jmp    0xfffffffffffffad2
  1a:	41 bd ea ff ff ff    	mov    $0xffffffea,%r13d
  20:	e9 ad fa ff ff       	jmp    0xfffffffffffffad2
  25:	e8 83 95 9c fd       	call   0xfffffffffd9c95ad
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	e9 72 ff ff ff       	jmp    0xffffffffffffffa3
  31:	e8 77 95 9c fd       	call   0xfffffffffd9c95ad
  36:	e8 62 72 12 00       	call   0x12729d
  3b:	31 ff                	xor    %edi,%edi
  3d:	89 c3                	mov    %eax,%ebx
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	e9 72 ff ff ff       	jmp    0xffffffffffffff79
   7:	e8 77 95 9c fd       	call   0xfffffffffd9c9583
   c:	e8 62 72 12 00       	call   0x127273
  11:	31 ff                	xor    %edi,%edi
  13:	89 c3                	mov    %eax,%ebx
  15:	89                   	.byte 0x89
[   81.876952][  T849] RSP: 0018:ffffc9000258fe30 EFLAGS: 00010246
[   81.877269][  T849] RAX: 0000000000000000 RBX: ffffffffa5f74260 RCX: 0000000000000000
[   81.877658][  T849] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   81.878082][  T849] RBP: ffff88819ba2db40 R08: 0000000000000000 R09: 0000000000000000
[   81.878476][  T849] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffffa5f74270
[   81.878891][  T849] R13: 00000000ffffff9f R14: 0000000000000001 R15: ffff8881be116040
[   81.879282][  T849] FS:  000000002fd71880(0000) GS:ffff8883a4800000(0000) knlGS:0000000000000000
[   81.879717][  T849] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   81.880065][  T849] CR2: 0000000030013f60 CR3: 00000001be0e0000 CR4: 00000000000406b0
[   81.880459][  T849] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   81.880901][  T849] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   81.881295][  T849] Call Trace:
[   81.881474][  T849]  <TASK>
[ 81.881634][ T849] ? __sock_create (net/socket.c:1581 (discriminator 1)) 
[ 81.881908][ T849] ? __warn (kernel/panic.c:748) 
[ 81.882130][ T849] ? __sock_create (net/socket.c:1581 (discriminator 1)) 
[ 81.882395][ T849] ? report_bug (lib/bug.c:180 lib/bug.c:219) 
[ 81.882655][ T849] ? handle_bug (arch/x86/kernel/traps.c:285) 
[ 81.882910][ T849] ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1)) 
[ 81.883164][ T849] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621) 
[ 81.883446][ T849] ? __sock_create (net/socket.c:1581 (discriminator 1)) 
[ 81.883725][ T849] __sys_socket (net/socket.c:1670 net/socket.c:1716) 
[ 81.883995][ T849] ? update_socket_protocol+0x20/0x20 
[ 81.884432][ T849] ? ftrace_likely_update (arch/x86/include/asm/smap.h:56 kernel/trace/trace_branch.c:229) 
[ 81.885031][ T849] ? tracer_hardirqs_on (kernel/trace/trace_irqsoff.c:57 kernel/trace/trace_irqsoff.c:613) 
[ 81.885310][ T849] __ia32_sys_socket (net/socket.c:1728) 
[ 81.885863][ T849] do_int80_emulation (arch/x86/entry/common.c:165 arch/x86/entry/common.c:253) 
[ 81.886413][ T849] asm_int80_emulation (arch/x86/include/asm/idtentry.h:626) 
[   81.886672][  T849] RIP: 0033:0x407ebc
[ 81.886895][ T849] Code: 83 c0 01 41 89 80 40 30 00 00 8b 44 24 04 4c 89 d1 48 8b 54 24 08 4c 89 de 4c 89 e7 55 41 50 41 51 41 52 41 53 4c 89 cd cd 80 <41> 5b 41 5a 41 59 41 58 5d 48 3d 7a ff ff ff 49 89 c4 0f 87 5c 01
All code
========
   0:	83 c0 01             	add    $0x1,%eax
   3:	41 89 80 40 30 00 00 	mov    %eax,0x3040(%r8)
   a:	8b 44 24 04          	mov    0x4(%rsp),%eax
   e:	4c 89 d1             	mov    %r10,%rcx
  11:	48 8b 54 24 08       	mov    0x8(%rsp),%rdx
  16:	4c 89 de             	mov    %r11,%rsi
  19:	4c 89 e7             	mov    %r12,%rdi
  1c:	55                   	push   %rbp
  1d:	41 50                	push   %r8
  1f:	41 51                	push   %r9
  21:	41 52                	push   %r10
  23:	41 53                	push   %r11
  25:	4c 89 cd             	mov    %r9,%rbp
  28:	cd 80                	int    $0x80
  2a:*	41 5b                	pop    %r11		<-- trapping instruction
  2c:	41 5a                	pop    %r10
  2e:	41 59                	pop    %r9
  30:	41 58                	pop    %r8
  32:	5d                   	pop    %rbp
  33:	48 3d 7a ff ff ff    	cmp    $0xffffffffffffff7a,%rax
  39:	49 89 c4             	mov    %rax,%r12
  3c:	0f                   	.byte 0xf
  3d:	87                   	.byte 0x87
  3e:	5c                   	pop    %rsp
  3f:	01                   	.byte 0x1

Code starting with the faulting instruction
===========================================
   0:	41 5b                	pop    %r11
   2:	41 5a                	pop    %r10
   4:	41 59                	pop    %r9
   6:	41 58                	pop    %r8
   8:	5d                   	pop    %rbp
   9:	48 3d 7a ff ff ff    	cmp    $0xffffffffffffff7a,%rax
   f:	49 89 c4             	mov    %rax,%r12
  12:	0f                   	.byte 0xf
  13:	87                   	.byte 0x87
  14:	5c                   	pop    %rsp
  15:	01                   	.byte 0x1
[   81.887825][  T849] RSP: 002b:00007ffe58347588 EFLAGS: 00000202 ORIG_RAX: 0000000000000167
[   81.888240][  T849] RAX: ffffffffffffffda RBX: 000000000000002b RCX: 0000000000080801
[   81.888635][  T849] RDX: 0000000000000001 RSI: 000000000000090f RDI: ffffffffffffffff
[   81.889192][  T849] RBP: fffffffffffffffc R08: 00007f033ef64000 R09: fffffffffffffffc
[   81.890059][  T849] R10: 0000000000080801 R11: 000000000000090f R12: ffffffffffffffff
[   81.890776][  T849] R13: 00007f033ec4a058 R14: 000000002fd71850 R15: 00007f033ec4a000
[   81.891191][  T849]  </TASK>
[   81.891352][  T849] irq event stamp: 158255
[ 81.891568][ T849] hardirqs last enabled at (158263): __up_console_sem (kernel/printk/printk.c:344 (discriminator 1)) 
[ 81.892047][ T849] hardirqs last disabled at (158272): __up_console_sem (kernel/printk/printk.c:342 (discriminator 1)) 
[ 81.892515][ T849] softirqs last enabled at (157948): handle_softirqs (kernel/softirq.c:401 kernel/softirq.c:582) 
[ 81.893166][ T849] softirqs last disabled at (157939): irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637 kernel/softirq.c:649) 
[   81.894135][  T849] ---[ end trace 0000000000000000 ]---



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20241023/202410231427.633734b3-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ