Hi,
fsfuzzer triggers kernel Oops on powerpc machine
Machine : Power 8 bare-metal
Kernel : 4.12.0-rc1
gcc : 4.8.5
Test: fsfuzzer (https://github.com/stevegrubb/fsfuzzer)
Issue is rare to hit, only reproduced once out of 5 retries.
traces:
-------
cramfs: Error -3 while decompressing!
cramfs: d00000001225c304(3554)->c000000af36f0000(65536)
cramfs: bad compressed blocksize 4294302712
cramfs: bad compressed blocksize 4294302712
cramfs: bad compressed blocksize 4294301340
cramfs: bad compressed blocksize 4294301340
cramfs: bad compressed blocksize 4294243528
cramfs: bad compressed blocksize 4294243528
Unable to handle kernel paging request for data at address
0xd000080000000000
Faulting instruction address: 0xc0000000005ff918
Oops: Kernel access of bad area, sig: 11 [#1]
SMP NR_CPUS=2048
NUMA
PowerNV
Dumping ftrace buffer:
(ftrace buffer empty)
Modules linked in: rcutorture bridge cramfs iptable_mangle torture
ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat
nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ipt_REJECT
nf_reject_ipv4 xt_tcpudp tun stp llc kvm_hv kvm iptable_filter
vmx_crypto ipmi_powernv ipmi_devintf powernv_rng ipmi_msghandler
powernv_op_panel leds_powernv led_class rng_core binfmt_misc nfsd
ip_tables x_tables autofs4 [last unloaded: rcutorture]CPU: 59 PID: 25870
Comm: fstest Not tainted 4.12.0-rc1-autotest #1
task: c000000f1b29e100 task.stack: c000000e3fb3c000
NIP: c0000000005ff918 LR: c0000000002d3e90 CTR: c0000000005ff810
REGS: c000000e3fb3fa20 TRAP: 0300 Not tainted (4.12.0-rc1-autotest)
MSR: 9000000000009033 <SF,HV,EE,ME,IR,DR,RI,LE>
CR: 22002882 XER: 00000000
CFAR: c0000000005ff8a4 DAR: d000080000000000 DSISR: 40000000 SOFTE: 1
GPR00: c0000000002d3e90 c000000e3fb3fca0 c000000001050300 d000080000000000
GPR04: 00007fffcd50e180 0000000000000020 c000000e3fb3fe00 0000000000000000
GPR08: 0000000000000000 c0000000010eaa70 c000000000a30960 c0000000009c0f80
GPR12: 0000000000000000 c00000000fd54480 0000000010002160 00000000100020d0
GPR16: 00000000100020d8 00000000100020f8 0000000010002108 0000000010002110
GPR20: 0000000010002120 0000000010002128 c000000e3fb3fe00 00007fffcd50e180
GPR24: c0000000010e0580 0000000000000000 0000000000010000 000000000000001f
GPR28: c000000e3fb3fe00 0000000000000000 00007fffcd50e180 0000000000000000
NIP [c0000000005ff918] read_port+0x108/0x1e0
LR [c0000000002d3e90] __vfs_read+0x40/0x1b0
Call Trace:
[c000000e3fb3fca0] [00000000100020d8] 0x100020d8 (unreliable)
[c000000e3fb3fd10] [c0000000002d3e90] __vfs_read+0x40/0x1b0
[c000000e3fb3fda0] [c0000000002d57bc] vfs_read+0xac/0x190
[c000000e3fb3fde0] [c0000000002d74c0] SyS_read+0x60/0x110
[c000000e3fb3fe30] [c00000000000b7e0] system_call+0x38/0xfc
Instruction dump:
3bbd0001 419a00b4 e9380070 7fe3fb78 2fa90000 7d2c4b78 409effb0 3d22000a
3929a770 e8690000 7c7f1a14 7c0004ac <8b830000> 0c1c0000 4c00012c
7b9c0620
---[ end trace 0c40bce9f31b7670 ]---
which maps to:
c0000000005ff918 <read_port+0x108> 00 00 83 8b lbz r28,0(r3)
test logs:
----------
Fuzzing /var/tmp/avocado_fd9HwK/1-fsfuzzer.py_Fsfuzzer.test/src/fsfuzzer-master/fs/cramfs.135.img (679936 bytes can change)...
Testing /var/tmp/avocado_fd9HwK/1-fsfuzzer.py_Fsfuzzer.test/src/fsfuzzer-master/fs/cramfs.135.img...
+++ New Tests...
./run_test: line 155: 25870 Segmentation fault ./fstest $DIR
New tests failed aborting
Message from syslogd@ltc at Jul 13 11:16:09 ...
kernel:Dumping ftrace buffer:
Message from syslogd@ltc at Jul 13 11:16:09 ...
kernel: (ftrace buffer empty)
--
Regard's
Abdul Haleem
IBM Linux Technology Centre