| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 May 2016 16:07:42 +0800
From: kernel test robot <xiaolong.ye@...el.com>
To: Eduardo Valentin <edubezval@...il.com>
Cc: 0day robot <fengguang.wu@...el.com>,
Zhang Rui <rui.zhang@...el.com>,
LKML <linux-kernel@...r.kernel.org>, lkp@...org
Subject: [lkp] [thermal] d56e262ce9: BUG: unable to handle kernel NULL
pointer dereference at 0000000000000010
FYI, we noticed the following commit:
https://github.com/0day-ci/linux Eduardo-Valentin/thermal-core-prevent-zones-with-no-types-to-be-registered/20160531-054136
commit d56e262ce9bb43ee5ff603afef30a2670ecda94f ("thermal: core: move trips attributes to tz->device.groups")
on test machine: vm-lkp-wsx03-1G: 1 threads qemu-system-x86_64 -enable-kvm -cpu host with 1G memory
caused below changes:
+------------------------------------------------------------------+------------+------------+
| | a9ad6daaba | d56e262ce9 |
+------------------------------------------------------------------+------------+------------+
| boot_successes | 0 | 0 |
| boot_failures | 16 | 29 |
| BUG:KASAN:global-out-of-bounds_in_internal_create_group_at_addr | 16 | 29 |
| invoked_oom-killer:gfp_mask=0x | 2 | |
| Mem-Info | 2 | |
| Kernel_panic-not_syncing:Out_of_memory_and_no_killable_processes | 2 | |
| backtrace:power_supply_register | 16 | 29 |
| backtrace:test_power_init | 16 | 29 |
| backtrace:kernel_init_freeable | 16 | 29 |
| backtrace:btrfs_test_extent_io | 2 | |
| backtrace:init_btrfs_fs | 2 | |
| IP-Config:Auto-configuration_of_network_failed | 10 | |
| BUG:KASAN:null-ptr-deref_on_address | 0 | 29 |
| BUG:unable_to_handle_kernel | 0 | 29 |
| Oops | 0 | 29 |
| RIP:internal_create_group | 0 | 29 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 29 |
+------------------------------------------------------------------+------------+------------+
[ 13.017811] ==================================================================
[ 13.019206] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
[ 13.020849] IP: [<ffffffff87858fb2>] internal_create_group+0x1df/0x3ca
[ 13.022049] PGD 0
[ 13.022613] Oops: 0000 [#1] KASAN
[ 13.023465] CPU: 0 PID: 1 Comm: swapper Tainted: G B 4.6.0-rc6-00065-gd56e262 #1
[ 13.025036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[ 13.026595] task: ffff88002ec88040 ti: ffff88002ec90000 task.ti: ffff88002ec90000
[ 13.028029] RIP: 0010:[<ffffffff87858fb2>] [<ffffffff87858fb2>] internal_create_group+0x1df/0x3ca
[ 13.029753] RSP: 0000:ffff88002ec97ac8 EFLAGS: 00010246
[ 13.030687] RAX: 0000000000000000 RBX: ffff88003ed3cb18 RCX: 0000000000000000
[ 13.031910] RDX: 0000000000000042 RSI: 0000000000000000 RDI: 0000000000000246
[ 13.033116] RBP: ffff88002ec97b10 R08: 0000000000000000 R09: fffffbfff1367072
[ 13.034291] R10: ffff88002ec88040 R11: fffffbfff1367073 R12: ffff88003ed3c8d0
[ 13.035510] R13: ffff88003ed72328 R14: 0000000000000010 R15: ffff88003ed3cb30
[ 13.036731] FS: 0000000000000000(0000) GS:ffffffff8925c000(0000) knlGS:0000000000000000
[ 13.038214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 13.039289] CR2: 0000000000000010 CR3: 0000000009215000 CR4: 00000000000006f0
[ 13.040493] Stack:
[ 13.041009] ffffffff88484c6c ffff88003ed3cb20 000000003ecd3c68 ffff880000000000
[ 13.042687] 0000000000000003 ffff88001b5b07e8 ffff88003ed3c8d0 ffff88001b5b0800
[ 13.044410] 0000000000000000 ffff88002ec97b20 ffffffff878591ab ffff88002ec97b58
[ 13.046130] Call Trace:
[ 13.046689] [<ffffffff88484c6c>] ? thermal_zone_mode_is_visible+0x46/0x46
[ 13.047884] [<ffffffff878591ab>] sysfs_create_group+0xe/0x10
[ 13.048922] [<ffffffff8785929d>] sysfs_create_groups+0x3c/0x83
[ 13.049996] [<ffffffff87e9207f>] device_add+0x3ea/0x87f
[ 13.064033] [<ffffffff87e91c95>] ? dev_warn+0xd0/0xd0
[ 13.064991] [<ffffffff877022ed>] ? __wake_up_locked+0xe/0x10
[ 13.066000] [<ffffffff8771b55d>] ? init_timer_key+0x34/0x40
[ 13.066999] [<ffffffff877020f3>] ? __init_waitqueue_head+0x19/0x20
[ 13.068113] [<ffffffff87ea389c>] ? pm_runtime_init+0x1b2/0x1b7
[ 13.069164] [<ffffffff87e92529>] device_register+0x15/0x18
[ 13.070133] [<ffffffff8848980f>] thermal_zone_device_register+0x37e/0x940
[ 13.071321] [<ffffffff88489491>] ? thermal_notify_framework+0xb/0xb
[ 13.072420] [<ffffffff87e8fe1a>] ? put_device+0x12/0x14
[ 13.073380] [<ffffffff87e9224f>] ? device_add+0x5ba/0x87f
[ 13.074360] [<ffffffff87e91c95>] ? dev_warn+0xd0/0xd0
[ 13.075298] [<ffffffff87ea7e07>] ? wakeup_source_register+0x1b/0x21
[ 13.076389] [<ffffffff883e480f>] __power_supply_register+0x505/0x64d
[ 13.077509] [<ffffffff883e4ef5>] power_supply_register+0xe/0x10
[ 13.078551] [<ffffffff89a0d286>] test_power_init+0x35/0xeb
[ 13.079565] [<ffffffff89a0d251>] ? max8925_power_driver_init+0x14/0x14
[ 13.080736] [<ffffffff899b72b2>] do_one_initcall+0x178/0x242
[ 13.081742] [<ffffffff899b713a>] ? start_kernel+0x49b/0x49b
[ 13.082740] [<ffffffff899b6900>] ? initcall_blacklist+0x60/0xd8
[ 13.083798] [<ffffffff876f1780>] ? parse_args+0x7f/0x448
[ 13.084779] [<ffffffff899b698a>] ? set_debug_rodata+0x12/0x12
[ 13.085804] [<ffffffff899b757d>] kernel_init_freeable+0x201/0x29b
[ 13.086871] [<ffffffff88737aeb>] kernel_init+0xc/0xfb
[ 13.087821] [<ffffffff8873efe2>] ret_from_fork+0x22/0x40
[ 13.088809] [<ffffffff88737adf>] ? rest_init+0x86/0x86
[ 13.089763] Code: e8 9c 3f f6 ff 8b 55 cc 49 8b 36 4c 89 e7 48 8b 45 b8 ff d0 66 85 c0 41 89 c7 75 41 ff 45 cc 49 83 c6 08 4c 89 f7 e8 76 3f f6 ff <49> 8b 06 48 85 c0 75 80 48 8d 7b 20 e8 65 3f f6 ff 4c 8b 73 20
[ 13.098062] RIP [<ffffffff87858fb2>] internal_create_group+0x1df/0x3ca
[ 13.099294] RSP <ffff88002ec97ac8>
[ 13.100011] CR2: 0000000000000010
[ 13.100719] ---[ end trace 1779220cc3662cfa ]---
[ 13.101553] Kernel panic - not syncing: Fatal exception
[ 13.102502] Kernel Offset: 0x6600000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
FYI, raw QEMU command line is:
qemu-system-x86_64 -enable-kvm -cpu host -kernel /pkg/linux/x86_64-randconfig-s3-05310954/gcc-6/d56e262ce9bb43ee5ff603afef30a2670ecda94f/vmlinuz-4.6.0-rc6-00065-gd56e262 -append 'root=/dev/ram0 user=lkp job=/lkp/scheduled/vm-lkp-wsx03-1G-24/bisect_boot-1-debian-x86_64-2015-02-07.cgz-x86_64-randconfig-s3-05310954-d56e262ce9bb43ee5ff603afef30a2670ecda94f-20160531-109035-igvyw5-0.yaml ARCH=x86_64 kconfig=x86_64-randconfig-s3-05310954 branch=linux-devel/devel-catchup-201605311019 commit=d56e262ce9bb43ee5ff603afef30a2670ecda94f BOOT_IMAGE=/pkg/linux/x86_64-randconfig-s3-05310954/gcc-6/d56e262ce9bb43ee5ff603afef30a2670ecda94f/vmlinuz-4.6.0-rc6-00065-gd56e262 max_uptime=600 RESULT_ROOT=/result/boot/1/vm-lkp-wsx03-1G/debian-x86_64-2015-02-07.cgz/x86_64-randconfig-s3-05310954/gcc-6/d56e262ce9bb43ee5ff603afef30a2670ecda94f/0 LKP_SERVER=inn earlyprintk=ttyS0,115200 systemd.log_level=err debug apic=debug sysrq_always_enabled rcupdate.rcu_cpu_stall_timeout=100 panic=-1 softlockup_panic=1 nmi_watchdog=panic oops=panic load_ramdisk=2 prompt_ramdisk=0 console=ttyS0,115200 console=tty0 vga=normal rw ip=::::vm-lkp-wsx03-1G-24::dhcp' -initrd /fs/sdc1/initrd-vm-lkp-wsx03-1G-24 -m 1024 -smp 1 -device e1000,netdev=net0 -netdev user,id=net0,hostfwd=tcp::23623-:22 -boot order=nc -no-reboot -watchdog i6300esb -rtc base=localtime -drive file=/fs/sdc1/disk0-vm-lkp-wsx03-1G-24,media=disk,if=virtio -drive file=/fs/sdc1/disk1-vm-lkp-wsx03-1G-24,media=disk,if=virtio -pidfile /dev/shm/kboot/pid-vm-lkp-wsx03-1G-24 -serial file:/dev/shm/kboot/serial-vm-lkp-wsx03-1G-24 -daemonize -display none -monitor null
Thanks,
Xiaolong
View attachment "config-4.6.0-rc6-00065-gd56e262" of type "text/plain" (107062 bytes)
Download attachment "dmesg.xz" of type "application/octet-stream" (12216 bytes)
Powered by blists - more mailing lists