linux uml segfault

Anton Ivanov anton.ivanov at kot-begemot.co.uk
Tue Feb 23 07:24:31 EST 2021 

On 23/02/2021 12:12, Christopher Obbard wrote:
> Hi Anton,
> 
> On 23/02/2021 10:50, Anton Ivanov wrote:
>>
>>
>> On 23/02/2021 08:06, Ritesh Raj Sarraf wrote:
>>> Hi,
>>>
>>> Recently, with the Linux 5.10 release, I have run into the following
>>> segfault on UML. I was a little disappointed in myself that this
>>> slipped my regular set of tests, before being pushed to Debian. It is
>>> right now part of Debian Testing too and I'd hate to have it removed
>>> from the Bullseye release.
>>>
>>> What is worse is that (to do some quick tests) I reverted to an older
>>> UML (5.9) which I recollect to have working, and that too failed on the
>>> setups.
>>>
>>> In regard to setups, I tried and reproduced the issue on 3 different
>>> machines, but all running Intel hardware. And all running 5.10 host
>>> kernel
>>>
>>>
>>> It would really help if others on this mailing list can check and
>>> validate if they run into this problem. So far I have had 1 report of
>>> being able to reproduce this bug other than me. I have also had 1
>>> report of not being able to reproduce this bug.
>>
>> Confirmed. This is the asprintf issue. It is usually just a warning, 
>> but for your config it causes a guaranteed segfault.
>>
>> You need 97be7ceaf7fea68104824b6aa874cff235333ac1 um: Remove use of 
>> asprinf in umid.c
>>
>> In the patchset for the debian package.
> 
> The current Debian user-mode-linux package in unstable is based on the 
> 5.10.5 stable source which includes the mentioned patch, but is still 
> causing an error for some users.

OK, let me dig a bit further into this.

Brgds,

A.


> 
> thanks!
> Chris
> 
>>
>> A.
>>>
>>>
>>> Thanks,
>>> Ritesh
>>>
>>>
>>> ```
>>> rrs at priyasi:~$ linux ubd0=~/rrs-home/Libvirt-Images/uml.img
>>> vec0:transport=tap,ifname=tap0,gro=1 mem=1024M rw
>>> Core dump limits :
>>>          soft - 0
>>>          hard - NONE
>>> Checking that ptrace can change system call numbers...OK
>>> Checking syscall emulation patch for ptrace...OK
>>> Checking advanced syscall emulation patch for ptrace...OK
>>> Checking environment variables for a tempdir...none found
>>> Checking if /dev/shm is on tmpfs...OK
>>> Checking PROT_EXEC mmap in /dev/shm...OK
>>> Adding 5906432 bytes to physical memory to account for exec-shield gap
>>> kmsg_dump:
>>> <5>Linux version 5.10.5 (buildd at x86-conova-01) (gcc (Debian 10.2.1-6)
>>> 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.1) #1 Mon Jan 11
>>> 20:40:53 UTC 2021
>>> <6>Zone ranges:
>>> <6>  Normal   [mem 0x0000000000000000-0x00000000a05a1fff]
>>> <6>Movable zone start for each node
>>> <6>Early memory node ranges
>>> <6>  node   0: [mem 0x0000000000000000-0x00000000405a1fff]
>>> <6>Initmem setup node 0 [mem 0x0000000000000000-0x00000000405a1fff]
>>> <7>On node 0 totalpages: 263586
>>> <7>  Normal zone: 4119 pages used for memmap
>>> <7>  Normal zone: 0 pages reserved
>>> <7>  Normal zone: 263586 pages, LIFO batch:63
>>> <7>pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
>>> <7>pcpu-alloc: [0] 0
>>> <6>Built 1 zonelists, mobility grouping on.  Total pages: 259467
>>> <5>Kernel command line: ubd0=/home/rrs/rrs-home/Libvirt-Images/uml.img
>>> vec0:transport=tap,ifname=tap0,gro=1 mem=1024M rw root=98:0
>>> <6>Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes,
>>> linear)
>>> <6>Inode-cache hash table entries: 65536 (order: 7, 524288 bytes,
>>> linear)
>>> <6>mem auto-init: stack:off, heap alloc:off, heap free:off
>>> <6>Memory: 1016464K/1054344K available (5830K kernel code, 1535K
>>> rwdata, 1744K rodata, 191K init, 225K bss, 37880K reserved, 0K cma-
>>> reserved)
>>> <6>SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
>>> <6>NR_IRQS: 24
>>> <6>clocksource: timer: mask: 0xffffffffffffffff max_cycles:
>>> 0x1cd42e205, max_idle_ns: 881590404426 ns
>>> <6>Calibrating delay loop... 5731.94 BogoMIPS (lpj=28659712)
>>> <6>pid_max: default: 32768 minimum: 301
>>> <6>LSM: Security Framework initializing
>>> <6>Yama: disabled by default; enable with sysctl kernel.yama.*
>>> <6>SELinux:  Initializing.
>>> <6>TOMOYO Linux initialized
>>> <6>Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
>>> <6>Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes,
>>> linear)
>>> <4>
>>> <4>Modules linked in:
>>> <6>Pid: 0, comm: swapper Not tainted 5.10.5
>>> <6>RIP: 0033:[<00000000604d4201>]
>>> <6>RSP: 00007ffca56a8890  EFLAGS: 00010206
>>> <6>RAX: 0000000600000000 RBX: 0000000000000059 RCX: 00007ffca56a8000
>>> <6>RDX: 0000000000000035 RSI: 0000000060b69a71 RDI: 0000000060d8ac3b
>>> <6>RBP: 0000000000000000 R08: 0000000060b69a72 R09: 0000000060d8abe2
>>> <6>R10: 0000000080000000 R11: 3d74696e695f676e R12: 0000000000000002
>>> <6>R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000001
>>> <0>Kernel panic - not syncing: Segfault with no mm
>>> <4>CPU: 0 PID: 0 Comm: swapper Not tainted 5.10.5 #1
>>> <4>Stack:
>>> <4> 61335b50 8000000000000000 7fae69465908 7fae69465ae5
>>> <4> 7fae698ae9e8 00000000 7ffca56a88d0 00000400
>>> <4> 7fae6985bf20 7fae698ae9e8 00000000 00000000Call Trace:
>>> <4> [<604d4fa3>] ? __printk_safe_enter+0x0/0x35
>>> <4> [<604d154a>] ? arch_local_irq_save+0x0/0x22
>>> <4> [<604d46f5>] ? vprintk_emit+0x9d/0x185
>>> <4> [<604d49d3>] ? vprintk_deferred+0x1d/0x32
>>> <4> [<60a26ee2>] ? printk_deferred+0x93/0x9b
>>> <4> [<6088f79f>] ? bucket_table_alloc.isra.0+0x115/0x13d
>>> <4> [<60a26e4f>] ? printk_deferred+0x0/0x9b
>>> <4> [<6049cddb>] ? set_signals+0x0/0x38
>>> <4> [<60589588>] ? arch_local_irq_save+0x0/0x22
>>> <4> [<6055c928>] ? kvmalloc_node+0x56/0x96
>>> <4> [<6058d3c0>] ? __kmalloc+0x1e2/0x1f9
>>> <4> [<608e3d32>] ? ___ratelimit+0xd0/0xde
>>> <4> [<6088f79f>] ? bucket_table_alloc.isra.0+0x115/0x13d
>>> <4> [<60901485>] ? _warn_unseeded_randomness+0x60/0x8f
>>> <4> [<6090295b>] ? get_random_u32+0x29/0x98
>>> <4> [<6088f79f>] ? bucket_table_alloc.isra.0+0x115/0x13d
>>> <4> [<6088f68a>] ? bucket_table_alloc.isra.0+0x0/0x13d
>>> <4> [<6088ff7a>] ? rhashtable_init+0x175/0x1ca
>>> <4> [<607ef317>] ? ipc_init_ids+0x4e/0x6f
>>> <4> [<600153bd>] ? sem_init+0x17/0x45
>>> <4> [<6049d0e5>] ? start_ptraced_child+0x0/0x180
>>> <4> [<604a0ce0>] ? kernel_longjmp+0x0/0x20
>>> <4> [<6049cc3d>] ? set_handler+0x123/0x15b
>>> <4> [<6049c9ee>] ? hard_handler+0x0/0xcd
>>> <4> [<604a0ce0>] ? kernel_longjmp+0x0/0x20
>>> <4> [<6049c3a6>] ? openpty_cb+0x22/0x3b
>>> <4> [<6049fb4b>] ? start_idle_thread+0x66/0x116
>>> <4> [<60004613>] ? linux_main+0x2e7/0x2f9
>>> <4> [<6049cc86>] ? change_sig+0x0/0x6a
>>> <4> [<6000565e>] ? main+0x230/0x2dc
>>> <4> [<60a256b0>] ? __libc_csu_init+0x0/0x60
>>> <4> [<604827d0>] ? _start+0x0/0x30
>>> <4> [<6000542e>] ? main+0x0/0x2dc
>>> <4> [<604827d0>] ? _start+0x0/0x30
>>> <4> [<604827d0>] ? _start+0x0/0x30
>>> <4> [<604827fa>] ? _start+0x2a/0x30
>>> <4> [<604827d0>] ? _start+0x0/0x30
>>> Aborted (core dumped)
>>> ```
>>>
>>>
>>> _______________________________________________
>>> linux-um mailing list
>>> linux-um at lists.infradead.org
>>> http://lists.infradead.org/mailman/listinfo/linux-um
>>>
>>
> 
> _______________________________________________
> linux-um mailing list
> linux-um at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-um


-- 
Anton R. Ivanov
https://www.kot-begemot.co.uk/

More information about the linux-um mailing list