From: Lino Sanfilippo <LinoSanfilippo@gmx.de>
To: Tommi Rantala <tt.rantala@gmail.com>
Cc: Eric Paris <eparis@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Al Viro <viro@zeniv.linux.org.uk>,
LKML <linux-kernel@vger.kernel.org>,
Dave Jones <davej@redhat.com>
Subject: Re: GPF at fsnotify_clear_marks_by_group_flags()
Date: Fri, 07 Jun 2013 19:37:35 +0200 [thread overview]
Message-ID: <51B21A5F.5050201@gmx.de> (raw)
In-Reply-To: <CA+ydwtqfJmD4aVcuDS6u96SiYT3Wg5Zj_5oXOkzHptG-TiG-_Q@mail.gmail.com>
On 03.06.2013 10:03, Tommi Rantala wrote:
> Hello,
>
> Hit this while fuzzing v3.10-rc4-0-gd683b96 with trinity.
>
> Looks similar to what I reported back in March:
> https://lkml.org/lkml/2013/3/13/222
>
> Tommi
>
> [42279.088045] general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC
> [42279.091904] CPU: 1 PID: 10937 Comm: trinity-child7 Tainted: G
> I 3.10.0-rc4 #1
> [42279.091904] Hardware name: Hewlett-Packard HP Compaq dc7800 Small
> Form Factor/0AA8h, BIOS 786F1 v01.24 03/18/2008
> [42279.091904] task: ffff8801125e23e0 ti: ffff8800bdf40000 task.ti:
> ffff8800bdf40000
> [42279.091904] RIP: 0010:[<ffffffff81275b63>] [<ffffffff81275b63>]
> fsnotify_clear_marks_by_group_flags+0x93/0xb0
> [42279.091904] RSP: 0018:ffff8800bdf41be8 EFLAGS: 00010246
> [42279.091904] RAX: ffff8800bdf41f00 RBX: ffff880102381400 RCX: 0000000000006c6b
> [42279.091904] RDX: 0000000000000000 RSI: ffffffff82a42863 RDI: ffff880102381400
> [42279.091904] RBP: ffff8800bdf41c18 R08: 0000000000000002 R09: 0000000000000000
> [42279.091904] R10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b5b
> [42279.091904] R13: ffff8800d4630a90 R14: 00000000ffffffff R15: ffff8800d4630c70
> [42279.091904] FS: 00007f9d0c425700(0000) GS:ffff880116a00000(0000)
> knlGS:0000000000000000
> [42279.091904] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> [42279.091904] CR2: 0000000000000000 CR3: 0000000110ea3000 CR4: 00000000000007e0
> [42279.091904] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [42279.091904] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> [42279.091904] Stack:
> [42279.091904] ffff8800d4630bc0 ffff8800d4630a90 0000000000000010
> ffff8800c51d0b90
> [42279.091904] ffff880114fbe9a0 ffff880115f78ca0 ffff8800bdf41c28
> ffffffff81275b8e
> [42279.091904] ffff8800bdf41c40 ffffffff81274c3d ffff8800c96ca940
> ffff8800bdf41c50
> [42279.091904] Call Trace:
> [42279.091904] [<ffffffff81275b8e>] fsnotify_clear_marks_by_group+0xe/0x10
> [42279.091904] [<ffffffff81274c3d>] fsnotify_destroy_group+0xd/0x30
> [42279.091904] [<ffffffff81277060>] inotify_release+0x10/0x20
> [42279.091904] [<ffffffff8123237a>] __fput+0x12a/0x230
> [42279.091904] [<ffffffff81232489>] ____fput+0x9/0x10
> [42279.091904] [<ffffffff8113a79e>] task_work_run+0xae/0xf0
> [42279.091904] [<ffffffff811172bc>] do_exit+0x44c/0xb40
> [42279.091904] [<ffffffff81129f39>] ? get_signal_to_deliver+0xf9/0x920
> [42279.091904] [<ffffffff81117a74>] do_group_exit+0x84/0xd0
> [42279.091904] [<ffffffff8112a661>] get_signal_to_deliver+0x821/0x920
> [42279.091904] [<ffffffff810673e2>] do_signal+0x52/0x590
> [42279.091904] [<ffffffff81231849>] ? do_readv_writev+0x249/0x270
> [42279.091904] [<ffffffff81142191>] ? __hrtimer_start_range_ns+0x451/0x500
> [42279.091904] [<ffffffff8117302d>] ? trace_hardirqs_on+0xd/0x10
> [42279.091904] [<ffffffff822a1787>] ? _raw_spin_unlock_irq+0x27/0x50
> [42279.091904] [<ffffffff8111870c>] ? do_setitimer+0x27c/0x330
> [42279.091904] [<ffffffff81067947>] do_notify_resume+0x27/0x70
> [42279.091904] [<ffffffff822a3162>] int_signal+0x12/0x17
> [42279.091904] Code: 0f 1f 84 00 00 00 00 00 49 89 d4 44 85 b3 94 00
> 00 00 74 17 f0 ff 43 04 48 89 df 4c 89 ee e8 75 fa ff ff 48 89 df e8
> ad f8 ff ff <49> 8b 54 24 10 49 8d 44 24 10 4c 89 e3 48 83 ea 10 49 39
> c7 75
> [42279.091904] RIP [<ffffffff81275b63>]
> fsnotify_clear_marks_by_group_flags+0x93/0xb0
> [42279.091904] RSP <ffff8800bdf41be8>
> [42279.417403] ---[ end trace 1dec2388e3dff256 ]---
> [42279.423057] Fixing recursive fault but reboot is needed!
>
Hi Tommi,
thank you for reporting. Do you know a way how to reproduce this?
Regards,
Lino
next prev parent reply other threads:[~2013-06-07 17:37 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-03 8:03 GPF at fsnotify_clear_marks_by_group_flags() Tommi Rantala
2013-06-07 17:37 ` Lino Sanfilippo [this message]
2013-06-07 19:20 ` Tommi Rantala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51B21A5F.5050201@gmx.de \
--to=linosanfilippo@gmx.de \
--cc=akpm@linux-foundation.org \
--cc=davej@redhat.com \
--cc=eparis@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=tt.rantala@gmail.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.