| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20161228172338.GB21987@yexl-desktop>
Date: Thu, 29 Dec 2016 01:23:38 +0800
From: kernel test robot <xiaolong.ye@...el.com>
To: Oleg Nesterov <oleg@...hat.com>
Cc: linux-kernel@...r.kernel.org, lkp@...org
Subject: [lkp-developer] [kthread] 1da5c46fa9:
BUG_kmalloc-#(Tainted:G_D):Poison_overwritten
FYI, we noticed the following commit:
commit: 1da5c46fa965ff90f5ffc080b6ab3fae5e227bc3 ("kthread: Make struct kthread kmalloc'ed")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G
caused below changes:
+-------------------------------------------------------+------------+------------+
| | 7c4788950b | 1da5c46fa9 |
+-------------------------------------------------------+------------+------------+
| boot_successes | 0 | 0 |
| boot_failures | 198 | 196 |
| calltrace:init | 198 | 196 |
| general_protection_fault:#[##]PREEMPT_DEBUG_PAGEALLOC | 198 | 196 |
| RIP:kobject_get | 198 | 196 |
| Kernel_panic-not_syncing:Fatal_exception | 198 | 196 |
| BUG_kmalloc-#(Tainted:G_D):Poison_overwritten | 0 | 23 |
| INFO:#-#.First_byte#instead_of | 0 | 23 |
| INFO:Allocated_in_device_private_init_age=#cpu=#pid= | 0 | 23 |
| INFO:Freed_in_device_release_age=#cpu=#pid= | 0 | 23 |
| INFO:Slab#objects=#used=#fp=0x(null)flags= | 0 | 23 |
| INFO:Object#@...set=#fp= | 0 | 23 |
| calltrace:kmem_cache_alloc_trace | 0 | 23 |
+-------------------------------------------------------+------------+------------+
[ 113.837586] usb usb1: dummy_bus_resume
[ 113.898313] kobject (ffff88011a32b0d0): tried to init an initialized object, something is seriously wrong.
[ 113.932793] CPU: 0 PID: 1 Comm: swapper Not tainted 4.9.0-rc6-00151-g1da5c46 #1
[ 113.965456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 114.007171] ffffc9000000baf8 ffffffff815f58cb ffffc9000000bb18 ffffffff815f9095
[ 114.049040] ffff88011a32b0c0 00000000fffffff4 ffffc9000000bb30 ffffffff8179ff28
[ 114.091078] ffff88011a32b0c0 ffffc9000000bb48 ffffffff817a2d32 ffff88011c1a4a88
[ 114.132549] Call Trace:
[ 114.151991] [<ffffffff815f58cb>] dump_stack+0x19/0x1e
[ 114.182130] [<ffffffff815f9095>] kobject_init+0xc5/0xd0
[ 114.212856] [<ffffffff8179ff28>] device_initialize+0x28/0x110
[ 114.245784] [<ffffffff817a2d32>] device_register+0x12/0x20
[ 114.278607] [<ffffffff81a2437b>] usb_add_gadget_udc_release+0xeb/0x3e0
[ 114.315644] [<ffffffff81a24720>] usb_add_gadget_udc+0x10/0x20
[ 114.352233] [<ffffffff81a2a972>] dummy_udc_probe+0x1f2/0x280
[ 114.386934] [<ffffffff817a92cc>] platform_drv_probe+0x9c/0x100
[ 114.420096] [<ffffffff817a6675>] really_probe+0x3f5/0x680
[ 114.451531] [<ffffffff817a7000>] ? __driver_attach+0x1b0/0x1b0
[ 114.484284] [<ffffffff817a6d99>] driver_probe_device+0x79/0x130
[ 114.506127] [<ffffffff817a70da>] __device_attach_driver+0xda/0x1b0
[ 114.526765] [<ffffffff817a42d5>] bus_for_each_drv+0x85/0xe0
[ 114.549448] [<ffffffff817a6aba>] __device_attach+0xda/0x1e0
[ 114.574463] [<ffffffff817a7213>] device_initial_probe+0x13/0x20
[ 114.606811] [<ffffffff817a4706>] bus_probe_device+0xf6/0x110
[ 114.629723] [<ffffffff817a2707>] device_add+0x4e7/0xb00
[ 114.644270] [<ffffffff817a9fa4>] platform_device_add+0x294/0x3a0
[ 114.664941] [<ffffffff832ac455>] init+0x34a/0x46d
[ 114.681535] [<ffffffff832ac10b>] ? trace_event_define_fields_udc_log_req+0x2c3/0x2c3
[ 114.713782] [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[ 114.896908] [<ffffffff832454fa>] do_one_initcall+0xad/0x1d4
[ 114.919299] [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[ 114.936703] [<ffffffff83245754>] kernel_init_freeable+0x133/0x1fd
[ 114.955426] [<ffffffff81dfcf80>] ? rest_init+0xc0/0xc0
[ 114.969233] [<ffffffff81dfcf8e>] kernel_init+0xe/0x180
[ 114.982266] [<ffffffff81e10475>] ret_from_fork+0x25/0x30
[ 115.005860] general protection fault: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
[ 115.031681] CPU: 0 PID: 1 Comm: swapper Not tainted 4.9.0-rc6-00151-g1da5c46 #1
[ 115.065969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 115.107834] task: ffff88013ab24f40 task.stack: ffffc90000008000
[ 115.131974] RIP: 0010:[<ffffffff815f90c8>] [<ffffffff815f90c8>] kobject_get+0x28/0x110
[ 115.167482] RSP: 0000:ffffc9000000ba60 EFLAGS: 00010206
[ 115.187115] RAX: 0000000000000003 RBX: 6b6b6b6b6b6b6b7b RCX: ffff88013aa37ad8
[ 115.211098] RDX: ffffffff8179f660 RSI: 0000000000000000 RDI: 6b6b6b6b6b6b6b7b
[ 115.236534] RBP: ffffc9000000ba70 R08: ffffffff8219faf0 R09: 0000000000000001
[ 115.261557] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88011c2384a8
[ 115.286775] R13: 0000000000000000 R14: ffff88011c3dd3e8 R15: 0000000000000003
[ 115.311756] FS: 0000000000000000(0000) GS:ffffffff82839000(0000) knlGS:0000000000000000
[ 115.349086] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 115.374489] CR2: 0000000000000000 CR3: 0000000002811000 CR4: 00000000000006f0
[ 115.425916] Stack:
[ 115.437133] ffff88011c238c00 ffff88011c2384a8 ffffc9000000ba80 ffffffff8179f67b
[ 115.470639] ffffc9000000baa0 ffffffff81dfbcbf ffff88011c2384a8 ffff88011c238c00
[ 115.506838] ffffc9000000bac0 ffffffff81dfbfe8 ffff88011a32b0d0 ffff88011a32b0c0
[ 115.542451] Call Trace:
[ 115.555546] [<ffffffff8179f67b>] klist_children_get+0x1b/0x20
[ 115.578626] [<ffffffff81dfbcbf>] klist_node_init+0x4f/0x60
[ 115.599143] [<ffffffff81dfbfe8>] klist_add_tail+0x18/0x50
[ 115.619467] [<ffffffff817a2ce7>] device_add+0xac7/0xb00
[ 115.639486] [<ffffffff81a21800>] ? usb_udc_uevent+0xe0/0xe0
[ 115.660132] [<ffffffff817a2d3a>] device_register+0x1a/0x20
[ 115.680575] [<ffffffff81a2437b>] usb_add_gadget_udc_release+0xeb/0x3e0
[ 115.703681] [<ffffffff81a24720>] usb_add_gadget_udc+0x10/0x20
[ 115.724847] [<ffffffff81a2a972>] dummy_udc_probe+0x1f2/0x280
[ 115.739262] [<ffffffff817a92cc>] platform_drv_probe+0x9c/0x100
[ 115.754013] [<ffffffff817a6675>] really_probe+0x3f5/0x680
[ 115.775077] [<ffffffff817a7000>] ? __driver_attach+0x1b0/0x1b0
[ 115.796853] [<ffffffff817a6d99>] driver_probe_device+0x79/0x130
[ 115.818818] [<ffffffff817a70da>] __device_attach_driver+0xda/0x1b0
[ 115.841476] [<ffffffff817a42d5>] bus_for_each_drv+0x85/0xe0
[ 115.865516] [<ffffffff817a6aba>] __device_attach+0xda/0x1e0
[ 115.889695] [<ffffffff817a7213>] device_initial_probe+0x13/0x20
[ 115.914421] [<ffffffff817a4706>] bus_probe_device+0xf6/0x110
[ 115.932634] [<ffffffff817a2707>] device_add+0x4e7/0xb00
[ 115.947834] [<ffffffff817a9fa4>] platform_device_add+0x294/0x3a0
[ 115.964976] [<ffffffff832ac455>] init+0x34a/0x46d
[ 115.980077] [<ffffffff832ac10b>] ? trace_event_define_fields_udc_log_req+0x2c3/0x2c3
[ 116.012679] [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[ 116.036105] [<ffffffff832454fa>] do_one_initcall+0xad/0x1d4
[ 116.054418] [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[ 116.087820] [<ffffffff83245754>] kernel_init_freeable+0x133/0x1fd
[ 116.112002] [<ffffffff81dfcf80>] ? rest_init+0xc0/0xc0
[ 116.126583] [<ffffffff81dfcf8e>] kernel_init+0xe/0x180
[ 116.143468] [<ffffffff81e10475>] ret_from_fork+0x25/0x30
[ 116.159739] Code: 82 eb cb 31 c0 48 85 ff 55 0f 95 c0 48 83 c0 02 48 89 e5 41 54 48 83 04 c5 b8 55 ec 82 01 48 85 ff 53 48 89 fb 0f 84 8e 00 00 00 <0f> b6 57 3c 89 d0 f7 d0 83 e0 01 48 83 c0 02 48 83 04 c5 90 55
[ 116.282228] RIP [<ffffffff815f90c8>] kobject_get+0x28/0x110
[ 116.305402] RSP <ffffc9000000ba60>
[ 116.326724] =============================================================================
[ 116.352224] BUG kmalloc-256 (Tainted: G D ): Poison overwritten
[ 116.368819] -----------------------------------------------------------------------------
[ 116.368819]
[ 116.410204] INFO: 0xffff88011c238c00-0xffff88011c238c1b. First byte 0xa8 instead of 0x6b
[ 116.442412] INFO: Allocated in device_private_init+0x23/0x90 age=260 cpu=0 pid=1
[ 116.741039] INFO: Freed in device_release+0x10d/0x120 age=243 cpu=0 pid=1
[ 117.017420] INFO: Slab 0xffffea0004708e00 objects=13 used=13 fp=0x (null) flags=0x8000000000004080
[ 117.059692] INFO: Object 0xffff88011c238b98 @offset=2968 fp=0xffff88011c239978
[ 117.059692]
[ 117.100132] Redzone ffff88011c238b90: bb bb bb bb bb bb bb bb ........
[ 117.128612] Object ffff88011c238b98: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 117.157068] Object ffff88011c238ba8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 117.185096] Object ffff88011c238bb8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
To reproduce:
git clone git://git.kernel.org/pub/scm/linux/kernel/git/wfg/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Xiaolong
View attachment "config-4.9.0-rc6-00151-g1da5c46" of type "text/plain" (104093 bytes)
View attachment "job-script" of type "text/plain" (4069 bytes)
Download attachment "dmesg.xz" of type "application/octet-stream" (13212 bytes)
Powered by blists - more mailing lists