Thread (2 messages) 2 messages, 2 authors, 2016-09-30

Re: [mm] 3f40a9185a: kernel BUG at kernel/cred.c:768!

From: Janis Danisevskis <hidden>
Date: 2016-09-30 09:10:29
Also in: oe-lkp

Jann: I guess a environ_(mem_)release is needed because private_data of mem
and environ are now different.

On Thu, Sep 29, 2016 at 11:58 PM kernel test robot [off-list ref]
wrote:
FYI, we noticed the following commit:

https://github.com/0day-ci/linux
Jann-Horn/fs-exec-don-t-force-writing-memory-access/20160929-222244
commit 3f40a9185af5f5335b8117178c706b74537b960b ("mm: add LSM hook for
writes to readonly memory")

in testcase: boot

on test machine: qemu-system-i386 -enable-kvm -cpu Haswell,+smep,+smap -m
360M

caused below changes:


+------------------------------------------+------------+------------+
|                                          | dc00268ef0 | 3f40a9185a |
+------------------------------------------+------------+------------+
| boot_successes                           | 24         | 2          |
| boot_failures                            | 0          | 18         |
| kernel_BUG_at_kernel/cred.c              | 0          | 12         |
| invalid_opcode:#[##]SMP                  | 0          | 12         |
| EIP_is_at__invalid_creds                 | 0          | 12         |
| calltrace:SyS_exit_group                 | 0          | 18         |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 18         |
| BUG:unable_to_handle_kernel              | 0          | 10         |
| Oops                                     | 0          | 10         |
| EIP_is_at_mem_release                    | 0          | 10         |
+------------------------------------------+------------+------------+



[   23.725743] trinity-c0 (12124) used greatest stack depth: 6144 bytes
left
[   23.729863] CRED: ->security {83184389, d88918c4}
[   23.730466] ------------[ cut here ]------------
[   23.731054] kernel BUG at kernel/cred.c:768!
[   23.731770] invalid opcode: 0000 [#1] SMP
[   23.732270] Modules linked in:
[   23.732674] CPU: 0 PID: 10617 Comm: trinity-main Not tainted
4.8.0-rc8-00015-g3f40a91 #78
[   23.733678] task: 8c79a6c0 task.stack: 8c48c000
[   23.734248] EIP: 0060:[<8104cad8>] EFLAGS: 00010292 CPU: 0
[   23.734962] EIP is at __invalid_creds+0x35/0x37
[   23.735523] EAX: 00000025 EBX: 8d11a458 ECX: 8106ce3c EDX: 00000001
[   23.736304] ESI: 813d667c EDI: 0000010f EBP: 8c48ded4 ESP: 8c48deb8
[   23.737080]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[   23.737750] CR0: 80050033 CR2: 7fc1ed30 CR3: 01647000 CR4: 00040690
[   23.738529] DR0: c0100220 DR1: 00000000 DR2: 00000000 DR3: 00000000
[   23.739308] DR6: ffff0ff0 DR7: 00050602
[   23.739793] Stack:
[   23.740054]  813d6660 813d667c 0000010f 813d6643 8d11a458 8d03ab80
8847b8e4 8c48dee4
[   23.741161]  811153aa 8ca8f6c0 00000010 8c48df08 810de5a9 8ca8f6c8
88460a18 8847b8e4
[   23.742265]  93c83c50 8ca8f6c0 8c79a6c0 8ca8e700 8c48df10 810de65c
8c48df28 8104a7a7
[   23.743369] Call Trace:
[   23.743700]  [<811153aa>] mem_release+0x35/0x4e
[   23.744284]  [<810de5a9>] __fput+0xd8/0x162
[   23.744815]  [<810de65c>] ____fput+0x8/0xa
[   23.745333]  [<8104a7a7>] task_work_run+0x54/0x78
[   23.745935]  [<8103a20a>] do_exit+0x33c/0x7ec
[   23.746478]  [<810dd644>] ? vfs_write+0x9a/0xa4
[   23.747051]  [<8103a711>] do_group_exit+0x30/0x86
[   23.747634]  [<8103a778>] SyS_exit_group+0x11/0x11
[   23.748236]  [<81000e0b>] do_int80_syscall_32+0x43/0x55
[   23.748909]  [<812b8911>] entry_INT80_32+0x31/0x31
[   23.749503] Code: 89 cf 68 43 66 3d 81 e8 1e 9a 05 00 57 56 68 60 66 3d
81 e8 12 9a 05 00 64 8b 0d dc 8a 4f 81 ba 72 66 3d 81 89 d8 e8 ac fe ff ff
<0f> 0b 81 78 0c 64 65 73 43 74 08 55 89 e5 e8 b8 ff ff ff c3 55
[   23.753032] EIP: [<8104cad8>] __invalid_creds+0x35/0x37 SS:ESP
0068:8c48deb8
[   23.753971] ---[ end trace e46a82be55c05913 ]---
[   23.754894] BUG: unable to handle kernel NULL pointer dereference at
 (null)





Thanks,
Kernel Test Robot
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help