From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6A261C61DA4 for ; Thu, 9 Feb 2023 08:58:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CC0326B0074; Thu, 9 Feb 2023 03:58:02 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id C79AC6B0075; Thu, 9 Feb 2023 03:58:02 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AEA466B0078; Thu, 9 Feb 2023 03:58:02 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 968526B0074 for ; Thu, 9 Feb 2023 03:58:02 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 4C28F120CEF for ; Thu, 9 Feb 2023 08:58:02 +0000 (UTC) X-FDA: 80447151204.15.AB00FCF Received: from mail-vs1-f41.google.com (mail-vs1-f41.google.com [209.85.217.41]) by imf17.hostedemail.com (Postfix) with ESMTP id 9D2FB4001A for ; Thu, 9 Feb 2023 08:57:59 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b="QtfzD/yh"; spf=pass (imf17.hostedemail.com: domain of naresh.kamboju@linaro.org designates 209.85.217.41 as permitted sender) smtp.mailfrom=naresh.kamboju@linaro.org; dmarc=pass (policy=none) header.from=linaro.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1675933079; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=gHb70pOwPqvR9y42fHlIc3igeOSfVis7KR0mG9YzdIo=; b=W2rKDWr7cWN+K7sLoJSQZdLq/dYzFzIu6b6enUG9nZeKWbEAHLZcg6qO20w+75DpBQufr9 VxtDBOM0yOa0/oHkG4Y8bw581GS9vGH+wrfn0qVU4ehr/i3THyrE9uf7PrvVhSsEU4krdp KpnmgFw2hpS8xwOVWFZGzDA2lNYZ/L8= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b="QtfzD/yh"; spf=pass (imf17.hostedemail.com: domain of naresh.kamboju@linaro.org designates 209.85.217.41 as permitted sender) smtp.mailfrom=naresh.kamboju@linaro.org; dmarc=pass (policy=none) header.from=linaro.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675933079; a=rsa-sha256; cv=none; b=FyNsqWQGO+muZ8OTV1+XlaIaOFRgnT0prK47Yy22E/5Weidq2V4kjrcm5pxW3tG9iS0uOW MHeASzvB/X4igtVumIF7SzLe4pfiHA96R7cxX52HjUpfW6FhRUTKPuo9gBnQ5CzAYCvs4X fVrHIZq5VK8vwlmKbmCfoVn+9UsvEv4= Received: by mail-vs1-f41.google.com with SMTP id p24so556429vsn.12 for ; Thu, 09 Feb 2023 00:57:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=gHb70pOwPqvR9y42fHlIc3igeOSfVis7KR0mG9YzdIo=; b=QtfzD/yhLf7lanhxU8TX2UmmA6Vw58vAASYkpIIyFaO57WyFOKuUkzJFI+KmZ7zP+L r1iQeJrGZ+3KtS8bEF1DZTzKfmRhTbVpwF0LIdpPhymi0zh9wDj5Ug8vEKSVUWyAqzxH DNjaNr1XxDc3VWkd0Ii/C3vE2wR70NhpXlSKb732HNjEzEyhdn1jGYhzTrR3y49GuG8/ JDeXZOH16gni0uE97b1zjoo+Vjw8PdqOd8sFQJiTKoXlIl8rbuvzWd3QNGg/iPDGzK/U EpiYAid/edOzP8TTSX9CWPnG7BPQK9ZWrbeYm41ecUGY4muoz6skwCJgd4eO6POH0KzX LaEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=gHb70pOwPqvR9y42fHlIc3igeOSfVis7KR0mG9YzdIo=; b=B33chohBcoxFvXCxThzNQinacwDkWpTQZXmd5mIySEKLplEMenBtXt7G4HcAkb97W0 1BLp7LOh5P+GZLzUgjJyToR7nSlPX8OScolC0hP9HKocQ3iM8pmYlODrUFpdwhHj6SHh hnhfzdPlbnF2sblu5gF/VKAIFouTxIBn7MN5AnYEEE1dsbYwHEFWtSSS3+AYtrB0iteC ngyZb1jXvCU+fjmVjw0yMJOp4mxfHc4OAm/KAbfiKw17waGTdlPfCO5FJ9pEWUSNWThk whTXhPeKFPZA/jaOlRQYGVyPvgxQXe/QZl+0Nk8PbAqyFedLB5zu0xn7t9Z4/IN9lzpl Y7hg== X-Gm-Message-State: AO0yUKWYJGyZKQMCIS5h97WEW6JzFu9c9MjuTgt1VQKMM/B8VBkV2vhn NLqYnvEEswYfoPoGaJNSe56IusxeEfvMTF2Cq52PGQ== X-Google-Smtp-Source: AK7set+SWviAPqcm+lXpFK7IG6GNon/te538RQpkkScB9UL7Dz92lij+QxWdSPocjXZnBoSHeDbTvUYclsRz++TKaO4= X-Received: by 2002:a05:6102:3652:b0:3f7:4e35:cdfa with SMTP id s18-20020a056102365200b003f74e35cdfamr2068567vsu.83.1675933078490; Thu, 09 Feb 2023 00:57:58 -0800 (PST) MIME-Version: 1.0 From: Naresh Kamboju Date: Thu, 9 Feb 2023 14:27:47 +0530 Message-ID: Subject: next: arm64: boot: kernel BUG at mm/usercopy.c:102 - pc : usercopy_abort To: open list , Linux-Next Mailing List , linux-mm , Netdev , lkft-triage@lists.linaro.org Cc: Thomas Gleixner , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Vlastimil Babka , Dave Chinner , Christoph Hellwig , Christian Brauner , Eric Dumazet , Jakub Kicinski , Andrew Morton , Arnd Bergmann , Anders Roxell Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: w1rjpoi1n1st3ajbogpksyia99oiwo1g X-Rspam-User: X-Rspamd-Queue-Id: 9D2FB4001A X-Rspamd-Server: rspam06 X-HE-Tag: 1675933079-581581 X-HE-Meta: U2FsdGVkX1+OEwFtVt9nsD5eQcwVymBm8zZCNR0Z8OClNhnWz0f3FzrxLG4IXS7Tm3rnXZE/2T33GFGnelJADkapmc1wWOAw2VvoqsI7YZG9hZfhgG1CSXtr/sw27huEMH1SXEA/XgQhaaQeGS1HMaclU/l8eg93MpynU2yPWA1YdPnq1z3IUSAGv5Vx2BQ0hTD4EqDr224+MabPOPKJG9sxOmh87VFGQLfAdMs9yt1iV2cZFi0YYGxQfTWMRhbZaUE5/0wmKdTDQSO76bQwC5nHwGMoGLBnO68f4wT30dWpg/IwSWWUGDSsVifkH6CBKUjz3kwc0vbccOlA8fjlARRGFW/eNjWOszonwkIg4etjeT+9x+C+TyD6pNz/GaEmZeCFoYUFlMWwO6grY7qMPgPHTbPdj6C6ubccOI0438O+FUkuLqLjzIXIeg6OZC+u90W4Vhs3g42Ap6TmDK/Sepdb92Kxqn/LlwY1Jm+Wqorm6qfaQ2WlqDJdvVOlB0rXgf5CzM1b6/8V+45NvTe2JtUtw3xIAMWcAIw7DQEqQ8rb99lSF4JmeFDI9owEm5yJ6j8AyUYVPBCdjhW2GT/hZuE82IPV7Cuc2tLYRpoEEHaoTDwhgNT8lpWEuLfczahWoRnQa7qB3YDKrrAgvAm+2GD9v1vfN15RSq4uN4s3+M97R0rTJCtfS1s9+ylmkw8n6djlwhTCPZ8e/s0DJ+tft6dMlH7DkqTHU+4Q44Bz0jsR74y1C7WLnkOg9ehLKuuMjVwwlPc/w7MtCdbO0WXgNpukh1mB630nvn80k10+vuyuG1CVSYPmm2Z0zj4RFSpuFQNEUBv6ngxogY+D52085HfbE88UPzrxJYsf+yywGv/gGc3FNgRgLcNcvDWBmuiyhbdyDIrX6lCZpWGMQIHYtXQtcaX3PBKSZ03wT/pptH4YkEvz9a4D7xMBsHSu1a/QT4T7BgXUsXYIKtXG40y UdytcHfu YIciz1lSKMwWpcwDMnC588amf+PrGm8eW4DKtaeuFNrp1IC6TJZ0uoDt6nObUfLf/KPvsIAOK7C+wqrgU87r6JxyJ19L+Y/SVHbuNiDzp8c9vMWh8puDIqhvkrQd2Ft3WXOaVZ2/tX2xi8DmsX4TRToq8PrE5CP0t5GmrOBgLoweCbQ3uE3I09q+7e0DqCqUF7LhQI1kI/9keTsgQqlWTVzGeeyIB3Gj+gM+f1kXcs4hEG4tbHcuHXtzIq65UCPxlWN/nXzzd4vXmsP0iGnYqSeQFJPJiXA0hgWz5t3XqYZQNM250ztTnvIsN4vm5jcfDdNO2RwJ+wmrmDhA0jcxW2fE6rQuGMDNDKv80RJ+RTcA6ZveSNJ/g7ZFHySfDIGvxoCuOp9uajX6utvB6gZulYARjuAGjZhZCiLWnmM+vbSEeXAAhFhAgw+L2QxhNMwMhcxnmAn35ocW4CJmThemd05U7UB/L2mJsnGheC0JuLZXkq7lhzf5Br4tGiQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Following kernel crash noticed while booting arm64 devices and qemu-arm64 with kselftest merge configs enabled. Reported-by: Linux Kernel Functional Testing crash log: ---------- usercopy: Kernel memory exposure attempt detected from SLUB object 'skbuff_small_head' (offset 130, size 12)! .. [ 24.673364] ------------[ cut here ]------------ [ 24.673812] kernel BUG at mm/usercopy.c:102! [ 24.674631] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP [ 24.675389] Modules linked in: [ 24.676231] CPU: 3 PID: 1 Comm: systemd Not tainted 6.2.0-rc7-next-20230209 #1 [ 24.676779] Hardware name: linux,dummy-virt (DT) [ 24.677256] pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 24.677695] pc : usercopy_abort (mm/usercopy.c:102 (discriminator 24)) [ 24.678470] lr : usercopy_abort (mm/usercopy.c:102 (discriminator 24)) [ 24.678717] sp : ffff80000803bab0 [ 24.678949] x29: ffff80000803bac0 x28: ffff0000c0838040 x27: ffff80000803bc70 [ 24.679618] x26: 0000000000000000 x25: ffff0000c0fe4040 x24: ffff0000c4752000 [ 24.680050] x23: 0000000000000000 x22: 0000000000000020 x21: 0000000000000000 [ 24.680484] x20: ffffc94cf339ac70 x19: ffffc94cf31861b8 x18: 0000000000000000 [ 24.680929] x17: 63656a626f204255 x16: 4c53206f74206465 x15: 7463657465642074 [ 24.681372] x14: 706d657474612065 x13: 2129323320657a69 x12: 0000000000000001 [ 24.681810] x11: ffffc94cf372ba24 x10: 65685f6c6c616d73 x9 : ffffc94cf1184028 [ 24.682299] x8 : ffff80000803b7b8 x7 : ffffc94cf4207170 x6 : 0000000000000001 [ 24.682742] x5 : 0000000000000001 x4 : ffffc94cf4165000 x3 : 0000000000000000 [ 24.683216] x2 : 0000000000000000 x1 : ffff0000c0838040 x0 : 000000000000006a [ 24.683788] Call trace: [ 24.684019] usercopy_abort (mm/usercopy.c:102 (discriminator 24)) [ 24.684346] __check_heap_object (mm/slub.c:4739) [ 24.684621] __check_object_size (mm/usercopy.c:196 mm/usercopy.c:251 mm/usercopy.c:213) [ 24.684883] netlink_sendmsg (include/linux/uio.h:177 include/linux/uio.h:184 include/linux/skbuff.h:3977 net/netlink/af_netlink.c:1927) [ 24.685161] __sys_sendto (net/socket.c:722 net/socket.c:745 net/socket.c:2142) [ 24.685397] __arm64_sys_sendto (net/socket.c:2150) [ 24.685644] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:57) [ 24.685891] el0_svc_common.constprop.0 (arch/arm64/include/asm/daifflags.h:28 arch/arm64/kernel/syscall.c:150) [ 24.686164] do_el0_svc (arch/arm64/kernel/syscall.c:194) [ 24.686401] el0_svc (arch/arm64/include/asm/daifflags.h:28 arch/arm64/kernel/entry-common.c:133 arch/arm64/kernel/entry-common.c:142 arch/arm64/kernel/entry-common.c:638) [ 24.686602] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:656) [ 24.686862] el0t_64_sync (arch/arm64/kernel/entry.S:591) [ 24.687307] Code: aa1303e3 9000ea60 91300000 97f49682 (d4210000) All code ======== 0:* e3 03 jrcxz 0x5 <-- trapping instruction 2: 13 aa 60 ea 00 90 adc -0x6fff15a0(%rdx),%ebp 8: 00 00 add %al,(%rax) a: 30 91 82 96 f4 97 xor %dl,-0x680b697e(%rcx) 10: 00 00 add %al,(%rax) 12: 21 d4 and %edx,%esp Code starting with the faulting instruction =========================================== 0: 00 00 add %al,(%rax) 2: 21 d4 and %edx,%esp [ 24.688236] ---[ end trace 0000000000000000 ]--- [ 24.688722] note: systemd[1] exited with irqs disabled [ 24.689588] note: systemd[1] exited with preempt_count 1 [ 24.690331] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 24.690875] SMP: stopping secondary CPUs [ 24.691749] Kernel Offset: 0x494ce9000000 from 0xffff800008000000 [ 24.692103] PHYS_OFFSET: 0x40000000 [ 24.692349] CPU features: 0x000000,0068c25f,3326773f [ 24.692924] Memory Limit: none [ 24.693422] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b ]--- detailed boot logs: https://lkft.validation.linaro.org/scheduler/job/6145112#L778 https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20230209/testrun/14667540/suite/log-parser-test/tests/ https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20230209/testrun/14667540/suite/log-parser-test/test/check-kernel-bug/log metadata: git_ref: master git_repo: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next git_sha: 20f513df926fac0594a3b65f79d856bd64251861 git_describe: next-20230209 kernel_version: 6.2.0-rc7 kernel-config: https://storage.tuxsuite.com/public/linaro/lkft/builds/2LUB6A6xC34mySgwQ3vPa6kHKJS/config artifact-location: https://storage.tuxsuite.com/public/linaro/lkft/builds/2LUB6A6xC34mySgwQ3vPa6kHKJS/ toolchain: gcc-11 build_name: gcc-11-lkftconfig-kselftest -- Linaro LKFT https://lkft.linaro.org