Hi all, While fuzzing with trinity inside a KVM tools guest running the latest -next kernel, I've stumbled on the following spew: [ 2015.960381] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 2015.961912] Dumping ftrace buffer: [ 2015.962803] (ftrace buffer empty) [ 2015.963370] Modules linked in: [ 2015.963895] CPU: 1 PID: 16983 Comm: trinity-c126 Not tainted 3.18.0-next-20141219-sasha-00047-gaab33f6-dirty #1627 [ 2015.965991] task: ffff88080e478000 ti: ffff88080e474000 task.ti: ffff88080e474000 [ 2015.968196] RIP: find_entry (fs/proc/proc_sysctl.c:95) [ 2015.970534] RSP: 0018:ffff88080e4779d8 EFLAGS: 00010246 [ 2015.970534] RAX: 0000000000000000 RBX: ffff88000003a960 RCX: 0000000000000073 [ 2015.970534] RDX: 1ffff10101c8f3c4 RSI: 0000000000000000 RDI: ffff88080e479e20 [ 2015.970534] RBP: ffff88080e477a28 R08: 0000000000000066 R09: 0000000000000073 [ 2015.970534] R10: ffffda0017d55630 R11: dfffe90000000000 R12: ffff88005fc644b8 [ 2015.970534] R13: dfffe90000000000 R14: ffffffff92464884 R15: 0000000000000000 [ 2015.970534] FS: 00007f9cd6c6f700(0000) GS:ffff8800c2200000(0000) knlGS:0000000000000000 [ 2015.970534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2015.970534] CR2: 00007f9cd0b9c000 CR3: 00000008193fb000 CR4: 00000000000006a0 [ 2015.970534] DR0: ffffffffff000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2015.970534] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 2015.970534] Stack: [ 2015.970534] ffff88080e477a28 ffff88080e477a50 00000003beaab0c0 ffff8800beaab0f8 [ 2015.970534] 0000000000000001 ffff8800beaab0f8 ffff8800beaab0c0 ffff8806079af638 [ 2015.970534] 0000000000000003 ffff88045f3cc000 ffff88080e477a88 ffffffff81c4e0ef [ 2015.970534] Call Trace: [ 2015.970534] proc_sys_lookup (fs/proc/proc_sysctl.c:303 fs/proc/proc_sysctl.c:452) [ 2015.970534] ? d_alloc (fs/dcache.c:1499) [ 2015.970534] lookup_real (fs/namei.c:1371) [ 2015.970534] __lookup_hash (fs/namei.c:1390) [ 2015.970534] link_path_walk (fs/namei.c:1496 fs/namei.c:1576 fs/namei.c:1830) [ 2015.970534] ? preempt_count_sub (kernel/sched/core.c:2620) [ 2015.970534] ? get_parent_ip (kernel/sched/core.c:2564) [ 2015.970534] ? get_parent_ip (kernel/sched/core.c:2564) [ 2015.970534] ? __cmpxchg_double_slab.isra.4 (./arch/x86/include/asm/preempt.h:95 include/linux/bit_spinlock.h:81 mm/slub.c:346 mm/slub.c:386) [ 2015.970534] path_init (fs/namei.c:1947) [ 2015.970534] ? deactivate_slab (include/linux/spinlock.h:349 mm/slub.c:1945) [ 2015.970534] path_lookupat (fs/namei.c:1989) [ 2015.970534] ? alloc_debug_processing (mm/slub.c:1044) [ 2015.970534] filename_lookup (fs/namei.c:2025) [ 2015.970534] kern_path_create (fs/namei.c:3309) [ 2015.970534] ? getname_flags (fs/namei.c:159) [ 2015.970534] ? vtime_account_user (kernel/sched/cputime.c:701) [ 2015.970534] user_path_create (fs/namei.c:3381) [ 2015.970534] SyS_mknod (fs/namei.c:3443 fs/namei.c:3431 fs/namei.c:3475 fs/namei.c:3473) [ 2015.970534] tracesys_phase2 (arch/x86/kernel/entry_64.S:529) [ 2015.970534] Code: e8 03 42 80 3c 28 00 0f 85 ff 01 00 00 4c 8b 7b 18 4d 85 ff 0f 84 de 01 00 00 41 f6 c7 07 0f 85 d4 01 00 00 4c 89 f8 48 c1 e8 03 <42> 80 3c 28 00 0f 85 b5 01 00 00 4d 8b 37 4d 85 ff 0f 84 55 02 All code ======== 0: e8 03 42 80 3c callq 0x3c804208 5: 28 00 sub %al,(%rax) 7: 0f 85 ff 01 00 00 jne 0x20c d: 4c 8b 7b 18 mov 0x18(%rbx),%r15 11: 4d 85 ff test %r15,%r15 14: 0f 84 de 01 00 00 je 0x1f8 1a: 41 f6 c7 07 test $0x7,%r15b 1e: 0f 85 d4 01 00 00 jne 0x1f8 24: 4c 89 f8 mov %r15,%rax 27: 48 c1 e8 03 shr $0x3,%rax 2b:* 42 80 3c 28 00 cmpb $0x0,(%rax,%r13,1) <-- trapping instruction 30: 0f 85 b5 01 00 00 jne 0x1eb 36: 4d 8b 37 mov (%r15),%r14 39: 4d 85 ff test %r15,%r15 3c: 0f .byte 0xf 3d: 84 55 02 test %dl,0x2(%rbp) ... Code starting with the faulting instruction =========================================== 0: 42 80 3c 28 00 cmpb $0x0,(%rax,%r13,1) 5: 0f 85 b5 01 00 00 jne 0x1c0 b: 4d 8b 37 mov (%r15),%r14 e: 4d 85 ff test %r15,%r15 11: 0f .byte 0xf 12: 84 55 02 test %dl,0x2(%rbp) ... [ 2015.970534] RIP find_entry (fs/proc/proc_sysctl.c:95) [ 2015.970534] RSP <ffff88080e4779d8> [ 2016.028073] ---[ end trace 142d37d0fb80aa87 ]--- [ 2016.028925] Kernel panic - not syncing: Fatal exception [ 2016.030263] Dumping ftrace buffer: [ 2016.030847] (ftrace buffer empty) [ 2016.031399] Kernel Offset: 0x0 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 2016.032890] Rebooting in 1 seconds.. Thanks, Sasha -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html