System crash with kernel BUG at mm/usercopy.c:102!
Issue
- Can be seen with Veritas vx* modules:
[216026.490924] usercopy: Kernel memory exposure attempt detected from SLUB object 'Acpi-Namespace' (offset 32, size 18)!
[216026.492242] ------------[ cut here ]------------
[216026.492244] kernel BUG at mm/usercopy.c:102!
[216026.493369] invalid opcode: 0000 [#1] SMP PTI
[216026.494462] CPU: 2 PID: 32219 Comm: vxscsiinq Kdump: loaded Tainted: P W OE --------- - - 4.18.0-147.el8.x86_64 #1
[216026.495624] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 07/30/2013
[216026.496901] RIP: 0010:usercopy_abort+0x74/0x76
[216026.497999] Code: 0f 45 c6 51 48 89 f9 48 c7 c2 45 80 ea a4 41 52 48 c7 c6 ad 63 e9 a4 48 c7 c7 10 81 ea a4 48 0f 45 f2 48 89 c2 e8 a9 56 e6 ff <0f> 0b 49 89 e8 31 c9 44 89 e2 31 f6 48 c
7 c7 79 80 ea a4 e8 74 ff
[216026.500383] RSP: 0018:ffffbd0fd8723a00 EFLAGS: 00010246
[216026.501500] RAX: 0000000000000069 RBX: ffff97440b898700 RCX: 0000000000000000
[216026.502627] RDX: 0000000000000000 RSI: ffff974575b16a08 RDI: ffff974575b16a08
[216026.503731] RBP: 0000000000000012 R08: 00000000000007bb R09: 0000000000aaaaaa
[216026.504833] R10: 0000000000000000 R11: ffffbd0fc2a49600 R12: 0000000000000001
[216026.505907] R13: ffff97440b898712 R14: 0000000000000012 R15: ffff974449bb4180
[216026.507015] FS: 00007f9be595a740(0000) GS:ffff974575b00000(0000) knlGS:0000000000000000
[216026.508182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[216026.509333] CR2: 000055634d34d9d8 CR3: 000000016baf8000 CR4: 00000000000406e0
[216026.510522] Call Trace:
[216026.511610] __check_heap_object+0xda/0x110
[216026.512677] __check_object_size+0xfa/0x181
[216026.513732] sg_io+0x397/0x450
[216026.514764] ? __switch_to_asm+0x41/0x70
[216026.515811] ? __switch_to_asm+0x35/0x70
[216026.516848] ? __switch_to_asm+0x41/0x70
[216026.517862] ? __switch_to_asm+0x35/0x70
[216026.518853] ? __switch_to_asm+0x41/0x70
[216026.519850] ? __switch_to_asm+0x35/0x70
[216026.520837] scsi_cmd_ioctl+0x1b0/0x3d0
[216026.521789] ? _cond_resched+0x15/0x30
[216026.522736] ? scsi_block_when_processing_errors+0x22/0xc0
[216026.523716] sd_ioctl+0x7c/0x100 [sd_mod]
[216026.524659] blkdev_ioctl+0x32b/0x9f0
[216026.525607] ? dmp_alloc+0xf2/0x1f0 [vxdmp]
[216026.526579] block_ioctl+0x39/0x40
[216026.527479] dmp_user_scsi_ioctl+0xb1/0x140 [vxdmp]
[216026.528395] dmp_dev_ioctl+0x21/0x30 [vxdmp]
[216026.529290] do_passthru_ioctl+0x33d/0xb50 [vxdmp]
[216026.530184] dmp_passthru_ioctl+0x93/0xc0 [vxdmp]
[216026.531102] gendmpioctl+0x6f1/0xa10 [vxdmp]
[216026.531986] dmpioctl+0x35/0x60 [vxdmp]
[216026.532865] dmp_ioctl+0x39/0x70 [vxdmp]
[216026.533752] blkdev_ioctl+0x32b/0x9f0
[216026.534607] ? selinux_file_ioctl+0x161/0x200
[216026.535461] block_ioctl+0x39/0x40
[216026.536308] do_vfs_ioctl+0xa4/0x630
....
- Or emcpower modules:
[214217.179288] usercopy: Kernel memory exposure attempt detected from SLUB object 'anon_vma(642:sshd.service)' (offset 80, size 22)!
[214217.179295] ------------[ cut here ]------------
[214217.179296] kernel BUG at mm/usercopy.c:102!
[214217.179299] invalid opcode: 0000 [#1] SMP PTI
[214217.179301] CPU: 14 PID: 2631100 Comm: pool Kdump: loaded Tainted: P W OE --------- - - 4.18.0-193.el8.x86_64 #1
[214217.179302] Hardware name: Dell Inc. PowerEdge R630/02C2CP, BIOS 2.8.0 005/17/2018
[214217.179306] RIP: 0010:usercopy_abort+0x74/0x76
[214217.179308] Code: 0f 45 c6 51 48 89 f9 48 c7 c2 45 5b 2b 94 41 52 48 c7 c6 b5 30 2a 94 48 c7 c7 10 5c 2b 94 48 0f 45 f2 48 89 c2 e8 7f ae e5 ff <0f> 0b 49 89 f0 48 89 f9 44 89 e2 31 f6 48 c7 c7 6c 5b 2b 94 e8 73
[214217.179309] RSP: 0018:ffffbee70b0fbc48 EFLAGS: 00010246
[214217.179310] RAX: 0000000000000075 RBX: ffff9ae487b3e788 RCX: 0000000000000000
[214217.179311] RDX: 0000000000000000 RSI: ffff9ae57f7d6a08 RDI: ffff9ae57f7d6a08
[214217.179311] RBP: 0000000000000016 R08: 000000000000088c R09: 0000000000000085
[214217.179312] R10: 0000000000000000 R11: ffffbee70b0fbaf8 R12: 0000000000000001
[214217.179313] R13: ffff9ae487b3e79e R14: 0000000000000016 R15: ffff9ae5777e9800
[214217.179314] FS: 00007f5707088700(0000) GS:ffff9ae57f7c0000(0000) knlGS:0000000000000000
[214217.179315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[214217.179315] CR2: 00007fdfe5e95800 CR3: 000000102d72e002 CR4: 00000000003606e0
[214217.179316] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[214217.179317] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[214217.179317] Call Trace:
[214217.179322] __check_heap_object+0xda/0x110
[214217.179324] __check_object_size+0xff/0x16b
[214217.179327] sg_io+0x395/0x450
[214217.179329] scsi_cmd_ioctl+0x1b0/0x3d0
[214217.179332] ? _cond_resched+0x15/0x30
[214217.179335] ? scsi_block_when_processing_errors+0x22/0xc0
[214217.179339] sd_ioctl+0x7c/0x100 [sd_mod]
[214217.179343] blkdev_ioctl+0x32b/0x9f0
[214217.179346] ? selinux_file_ioctl+0x161/0x200
[214217.179349] block_ioctl+0x39/0x40
[214217.179351] do_vfs_ioctl+0xa4/0x630
[214217.179353] ksys_ioctl+0x60/0x90
[214217.179354] __x64_sys_ioctl+0x16/0x20
[214217.179357] do_syscall_64+0x5b/0x1a0
[214217.179358] entry_SYSCALL_64_after_hwframe+0x65/0xca
Environment
- Red Hat Enterprise Linux 8
- Veritas kernel modules loaded
- EMC powerpath modules loaded
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.