Re: linux-next boot error: general protection fault in do_mount_root

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: syzbot <syzbot+31f37c1dc3fd9e900602@syzkaller.appspotmail.com>
Cc: dhowells@redhat.com, linux-kernel@vger.kernel.org,
	linux@dominikbrodowski.net, pc@cjr.nz,
	syzkaller-bugs@googlegroups.com, viro@zeniv.linux.org.uk
Subject: Re: linux-next boot error: general protection fault in do_mount_root
Date: Mon, 16 Dec 2019 09:20:44 -0800	[thread overview]
Message-ID: <20191216172043.GA139479@gmail.com> (raw)
In-Reply-To: <00000000000036658f0599d4ef43@google.com>

On Mon, Dec 16, 2019 at 08:45:08AM -0800, syzbot wrote:
> Hello,
> 
> syzbot found the following crash on:
> 
> HEAD commit:    cf2be78b Add linux-next specific files for 20191216
> git tree:       linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=13f505dee00000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=634b7ce01f79423d
> dashboard link: https://syzkaller.appspot.com/bug?extid=31f37c1dc3fd9e900602
> compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> 
> Unfortunately, I don't have any reproducer for this crash yet.
> 
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+31f37c1dc3fd9e900602@syzkaller.appspotmail.com
> 
> batman_adv: B.A.T.M.A.N. advanced 2019.5 (compatibility version 15) loaded
> openvswitch: Open vSwitch switching datapath
> NET: Registered protocol family 40
> mpls_gso: MPLS GSO support
> IPI shorthand broadcast: enabled
> AVX2 version of gcm_enc/dec engaged.
> AES CTR mode by8 optimization enabled
> sched_clock: Marking stable (12282186706, 24150593)->(12316857222,
> -10519923)
> registered taskstats version 1
> Loading compiled-in X.509 certificates
> Loaded X.509 cert 'Build time autogenerated kernel key:
> 8b22f477d966bfa6cf9a482acbda6ca1892a4acc'
> zswap: loaded using pool lzo/zbud
> Key type ._fscrypt registered
> Key type .fscrypt registered
> Btrfs loaded, crc32c=crc32c-intel
> Key type big_key registered
> Key type encrypted registered
> AppArmor: AppArmor sha1 policy hashing enabled
> ima: No TPM chip found, activating TPM-bypass!
> ima: Allocated hash algorithm: sha256
> ima: No architecture policies found
> evm: Initialising EVM extended attributes:
> evm: security.selinux
> evm: security.SMACK64
> evm: security.SMACK64EXEC
> evm: security.SMACK64TRANSMUTE
> evm: security.SMACK64MMAP
> evm: security.apparmor
> evm: security.ima
> evm: security.capability
> evm: HMAC attrs: 0x1
> PM:   Magic number: 15:311:439
> media media3: hash matches
> printk: console [netcon0] enabled
> netconsole: network logging started
> gtp: GTP module loaded (pdp ctx size 104 bytes)
> rdma_rxe: loaded
> cfg80211: Loading compiled-in X.509 certificates for regulatory database
> cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
> ALSA device list:
>   #0: Dummy 1
>   #1: Loopback 1
>   #2: Virtual MIDI Card 1
> md: Waiting for all devices to be available before autodetect
> md: If you don't use raid, use raid=noautodetect
> md: Autodetecting RAID arrays.
> md: autorun ...
> md: ... autorun DONE.
> kasan: CONFIG_KASAN_INLINE enabled
> kasan: GPF could be caused by NULL-ptr deref or user memory access
> general protection fault: 0000 [#1] PREEMPT SMP KASAN
> CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.5.0-rc2-next-20191216-syzkaller
> #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> RIP: 0010:strncpy+0x35/0xc0 lib/string.c:119
> Code: e5 41 56 41 55 4c 8d 34 17 49 bd 00 00 00 00 00 fc ff df 41 54 53 48
> 89 fb 48 83 ec 10 48 89 f2 48 89 f1 48 c1 ea 03 83 e1 07 <42> 0f b6 14 2a 38
> ca 7f 04 84 d2 75 40 48 89 da 48 89 d9 44 0f b6
> RSP: 0000:ffffc90000c7fca8 EFLAGS: 00010246
> RAX: ffff888099090000 RBX: ffff888099090000 RCX: 0000000000000000
> RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888099090000
> RBP: ffffc90000c7fcd8 R08: ffff888099090000 R09: ffffed1015d07074
> R10: ffffed1015d07073 R11: ffff8880ae83839b R12: ffffea0002642400
> R13: dffffc0000000000 R14: ffff888099090fff R15: ffff888214cc3000
> FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
> CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000000000000000 CR3: 000000000986d000 CR4: 00000000001406f0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> Call Trace:
>  strncpy include/linux/string.h:326 [inline]
>  do_mount_root+0x74/0x23b init/do_mounts.c:404
>  mount_block_root+0x342/0x51a init/do_mounts.c:438
>  mount_root+0x283/0x2cd init/do_mounts.c:628
>  prepare_namespace+0x26f/0x2a7 init/do_mounts.c:687
>  kernel_init_freeable+0x557/0x570 init/main.c:1233
>  kernel_init+0x12/0x1bf init/main.c:1112
>  ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
> Modules linked in:
> ---[ end trace c645a4d31f27fe8a ]---
> RIP: 0010:strncpy+0x35/0xc0 lib/string.c:119
> Code: e5 41 56 41 55 4c 8d 34 17 49 bd 00 00 00 00 00 fc ff df 41 54 53 48
> 89 fb 48 83 ec 10 48 89 f2 48 89 f1 48 c1 ea 03 83 e1 07 <42> 0f b6 14 2a 38
> ca 7f 04 84 d2 75 40 48 89 da 48 89 d9 44 0f b6
> RSP: 0000:ffffc90000c7fca8 EFLAGS: 00010246
> RAX: ffff888099090000 RBX: ffff888099090000 RCX: 0000000000000000
> RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888099090000
> RBP: ffffc90000c7fcd8 R08: ffff888099090000 R09: ffffed1015d07074
> R10: ffffed1015d07073 R11: ffff8880ae83839b R12: ffffea0002642400
> R13: dffffc0000000000 R14: ffff888099090fff R15: ffff888214cc3000
> FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
> CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000000000000000 CR3: 000000000986d000 CR4: 00000000001406f0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> 
> 
> ---
> This bug is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
> 
> syzbot will keep track of this bug report. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> 

Fixed in mainline by commit 7de7de7ca0ae0

#syz fix: Fix root mounting with no mount options

- Eric

     prev parent reply	other threads:[~2019-12-16 17:20 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-16 16:45 linux-next boot error: general protection fault in do_mount_root syzbot
2019-12-16 17:20 ` Eric Biggers [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191216172043.GA139479@gmail.com \
    --to=ebiggers@kernel.org \
    --cc=dhowells@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux@dominikbrodowski.net \
    --cc=pc@cjr.nz \
    --cc=syzbot+31f37c1dc3fd9e900602@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.