Re: [LKP] 4ce5f9c9e7 [ 1.323881] WARNING: CPU: 0 PID: 1 at mm/slab_common.c:1031 kmalloc_slab
From: Eric W. Biederman
Date: Wed Oct 10 2018 - 11:44:09 EST
So I am flummoxed. I am reading through the code and I don't see
anything that could trigger this, and when I ran the supplied reproducer
it did not reproduce for me.
Plus there is the noise from the kmalloc_slab test that is goofing up
the subject line.
Is there any chance I can get a disassembly of the
copy_siginfo_from_user or post_copy_siginfo_from_user from your build?
I don't have the same tool chain.
Right now I am strongly suspecting that there is a memory stomp
somewhere and the earlier tests just happen on something that is the
pinpointed commit to misbehave.
Either that or it is simply that I don't have the latest and greatest
smep/smap hardware and there is an off by one I am not seeing.
I don't doubt that this test is finding something I haven't figured out
how to see what it is finding, and when I exercise the same code path
with my own tests everything appears to work.
Eric
kernel test robot <rong.a.chen@xxxxxxxxx> writes:
> Greetings,
>
> 0day kernel testing robot got the below dmesg and the first bad commit is
>
> https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
>
> commit 4ce5f9c9e7546915c559ffae594e6d73f918db00
> Author: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> AuthorDate: Tue Sep 25 12:59:31 2018 +0200
> Commit: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> CommitDate: Wed Oct 3 16:50:39 2018 +0200
>
> signal: Use a smaller struct siginfo in the kernel
>
> We reserve 128 bytes for struct siginfo but only use about 48 bytes on
> 64bit and 32 bytes on 32bit. Someday we might use more but it is unlikely
> to be anytime soon.
>
> Userspace seems content with just enough bytes of siginfo to implement
> sigqueue. Or in the case of checkpoint/restart reinjecting signals
> the kernel has sent.
>
> Reducing the stack footprint and the work to copy siginfo around from
> 2 cachelines to 1 cachelines seems worth doing even if I don't have
> benchmarks to show a performance difference.
>
> Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
>
> ae7795bc61 signal: Distinguish between kernel_siginfo and siginfo
> 4ce5f9c9e7 signal: Use a smaller struct siginfo in the kernel
> 570b7bdeaf Add linux-next specific files for 20181009
> +-------------------------------------------+------------+------------+---------------+
> | | ae7795bc61 | 4ce5f9c9e7 | next-20181009 |
> +-------------------------------------------+------------+------------+---------------+
> | boot_successes | 0 | 0 | 28 |
> | boot_failures | 1144 | 280 | 8 |
> | WARNING:at_mm/slab_common.c:#kmalloc_slab | 1144 | 280 | |
> | RIP:kmalloc_slab | 1144 | 280 | |
> | Mem-Info | 1144 | 280 | 8 |
> | BUG:unable_to_handle_kernel | 0 | 5 | 7 |
> | Oops:#[##] | 0 | 7 | 8 |
> | RIP:copy_siginfo_from_user | 0 | 7 | |
> | Kernel_panic-not_syncing:Fatal_exception | 0 | 7 | 8 |
> | RIP:post_copy_siginfo_from_user | 0 | 0 | 8 |
> +-------------------------------------------+------------+------------+---------------+
>
> [ 1.320405] test_overflow: ok: (s8)(0 << 7) == 0
> [ 1.321071] test_overflow: ok: (s16)(0 << 15) == 0
> [ 1.321756] test_overflow: ok: (int)(0 << 31) == 0
> [ 1.322442] test_overflow: ok: (s32)(0 << 31) == 0
> [ 1.323121] test_overflow: ok: (s64)(0 << 63) == 0
> [ 1.323881] WARNING: CPU: 0 PID: 1 at mm/slab_common.c:1031 kmalloc_slab+0x17/0x70
> [ 1.324113] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G T 4.19.0-rc1-00077-g4ce5f9c #1
> [ 1.324113] RIP: 0010:kmalloc_slab+0x17/0x70
> [ 1.324113] Code: 00 00 00 83 3d 11 78 14 03 02 55 48 89 e5 5d 0f 97 c0 c3 55 48 81 ff 00 00 40 00 48 89 e5 76 0e 31 c0 81 e6 00 02 00 00 75 4b <0f> 0b eb 47 48 81 ff c0 00 00 00 77 19 48 85 ff b8 10 00 00 00 74
> [ 1.324113] RSP: 0000:ffff88000fc7fd50 EFLAGS: 00010246
> [ 1.324113] RAX: 0000000000000000 RBX: 00000000006000c0 RCX: ffff88001fb68d47
> [ 1.324113] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffffffffffff
> [ 1.324113] RBP: ffff88000fc7fd50 R08: 00000000b128ac78 R09: 0000000000000001
> [ 1.324113] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88001d814800
> [ 1.324113] R13: 0000000000000000 R14: ffffffff836e16f4 R15: 0000000000000001
> [ 1.324113] FS: 0000000000000000(0000) GS:ffff88001f000000(0000) knlGS:0000000000000000
> [ 1.324113] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 1.324113] CR2: 0000000000000000 CR3: 0000000003012001 CR4: 00000000001606b0
> [ 1.324113] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [ 1.324113] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> [ 1.324113] Call Trace:
> [ 1.324113] __kmalloc+0x10/0x130
> [ 1.324113] ? test_overflow_calculation+0x152b/0x152b
> [ 1.324113] test_module_init+0x1262/0x1dfa
> [ 1.324113] ? vprintk_emit+0x29e/0x2b0
> [ 1.324113] ? _kstrtoull+0x2c/0x70
> [ 1.324113] ? kstrtoll+0x4b/0x70
> [ 1.324113] ? kstrtos8+0x15/0x40
> [ 1.324113] ? test_overflow_calculation+0x152b/0x152b
> [ 1.324113] ? do_early_param+0x92/0x92
> [ 1.324113] do_one_initcall+0x65/0x130
> [ 1.324113] ? do_early_param+0x92/0x92
> [ 1.324113] kernel_init_freeable+0x1b5/0x250
> [ 1.324113] ? rest_init+0xf0/0xf0
> [ 1.324113] kernel_init+0x9/0xf0
> [ 1.324113] ret_from_fork+0x35/0x40
> [ 1.324113] _warn_unseeded_randomness: 1 callbacks suppressed
> [ 1.324113] random: get_random_bytes called from print_oops_end_marker+0x21/0x50 with crng_init=0
> [ 1.324113] ---[ end trace 8ef06e4cef93b260 ]---
> [ 1.351969] test_overflow: kmalloc detected saturation
>
> # HH:MM RESULT GOOD BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD
> git bisect start 570b7bdeaf18a5d66dc76d79d7f1e36cb10b5da0 0238df646e6224016a45505d2c111a24669ebe21 --
> git bisect good 073ceed8e5a6c9835a915549d248569067e11268 # 04:27 G 213 0 213 289 Merge remote-tracking branch 'opp/opp/linux-next'
> git bisect good fc708c9582d94983c6c908271390c9720ca3ec4c # 04:42 G 216 0 216 293 Merge remote-tracking branch 'mailbox/mailbox-for-next'
> git bisect good 8c55f3646e42de506c5832d4ac8bf116ff3cb246 # 04:59 G 211 0 211 288 Merge remote-tracking branch 'char-misc/char-misc-next'
> git bisect bad 616b28683e7f382c5dc8fa8ab7837fbd64ed261f # 04:59 B 0 7 93 72 Merge remote-tracking branch 'userns/for-next'
> git bisect good 756752870e5af5586fecb5973a50db7f6ab96f91 # 05:23 G 212 0 212 289 Merge remote-tracking branch 'cgroup/for-next'
> git bisect good 50473600212c8bbd945d24a5f1fcb60e3e70c607 # 05:54 G 213 0 213 288 Merge remote-tracking branch 'rpmsg/for-next'
> git bisect good d112058d6e522116e9ba88c6962c7ce02d2c3d8f # 06:17 G 209 0 209 286 Merge remote-tracking branch 'gpio/for-next'
> git bisect good 5ebcede43c9e797b6b3cb412f83fcbff65818ba9 # 06:33 G 215 0 215 294 Merge remote-tracking branch 'pinctrl/for-next'
> git bisect good cd60ab7abb3df301c4ff2cf7d619cf7e30cca289 # 06:46 G 210 0 210 289 signal/powerpc: Remove pkey parameter from __bad_area_nosemaphore
> git bisect good c852680959d0964198e829da80f012b3df43060c # 06:57 G 208 0 208 285 signal/arm64: Use send_sig_fault where appropriate
> git bisect good 5ee527d7cefddebd72970d290e5cc06c9ae32890 # 07:20 G 209 0 209 286 signal/unicore32: Use send_sig_fault where appropriate
> git bisect good f28380185193610c716a90ec9b9e696638a495ce # 07:39 G 208 0 208 283 signal: Remove the need for __ARCH_SI_PREABLE_SIZE and SI_PAD_SIZE
> git bisect good ae7795bc6187a15ec51cf258abae656a625f9980 # 07:54 G 216 0 216 291 signal: Distinguish between kernel_siginfo and siginfo
> git bisect bad 601d5abfeaf244b86bb68c1e05c6e0d57be2f6b0 # 07:54 B 0 5 89 70 signal: In sigqueueinfo prefer sig not si_signo
> git bisect bad 4ce5f9c9e7546915c559ffae594e6d73f918db00 # 07:54 B 0 5 294 275 signal: Use a smaller struct siginfo in the kernel
> # first bad commit: [4ce5f9c9e7546915c559ffae594e6d73f918db00] signal: Use a smaller struct siginfo in the kernel
> git bisect good ae7795bc6187a15ec51cf258abae656a625f9980 # 08:59 G 853 0 853 1144 signal: Distinguish between kernel_siginfo and siginfo
> # extra tests with debug options
> git bisect bad 4ce5f9c9e7546915c559ffae594e6d73f918db00 # 09:21 B 156 1 156 158 signal: Use a smaller struct siginfo in the kernel
> # extra tests on HEAD of linux-next/master
> git bisect bad 570b7bdeaf18a5d66dc76d79d7f1e36cb10b5da0 # 09:26 B 21 7 0 1 Add linux-next specific files for 20181009
> # extra tests on tree/branch linux-next/master
> git bisect bad 570b7bdeaf18a5d66dc76d79d7f1e36cb10b5da0 # 09:27 B 21 7 0 1 Add linux-next specific files for 20181009
>
> ---
> 0-DAY kernel test infrastructure Open Source Technology Center
> https://lists.01.org/pipermail/lkp Intel Corporation