lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Thu, 29 Dec 2016 01:23:38 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     Oleg Nesterov <oleg@...hat.com>
Cc:     linux-kernel@...r.kernel.org, lkp@...org
Subject: [lkp-developer] [kthread]  1da5c46fa9:
 BUG_kmalloc-#(Tainted:G_D):Poison_overwritten



FYI, we noticed the following commit:

commit: 1da5c46fa965ff90f5ffc080b6ab3fae5e227bc3 ("kthread: Make struct kthread kmalloc'ed")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G

caused below changes:


+-------------------------------------------------------+------------+------------+
|                                                       | 7c4788950b | 1da5c46fa9 |
+-------------------------------------------------------+------------+------------+
| boot_successes                                        | 0          | 0          |
| boot_failures                                         | 198        | 196        |
| calltrace:init                                        | 198        | 196        |
| general_protection_fault:#[##]PREEMPT_DEBUG_PAGEALLOC | 198        | 196        |
| RIP:kobject_get                                       | 198        | 196        |
| Kernel_panic-not_syncing:Fatal_exception              | 198        | 196        |
| BUG_kmalloc-#(Tainted:G_D):Poison_overwritten         | 0          | 23         |
| INFO:#-#.First_byte#instead_of                        | 0          | 23         |
| INFO:Allocated_in_device_private_init_age=#cpu=#pid=  | 0          | 23         |
| INFO:Freed_in_device_release_age=#cpu=#pid=           | 0          | 23         |
| INFO:Slab#objects=#used=#fp=0x(null)flags=            | 0          | 23         |
| INFO:Object#@...set=#fp=                              | 0          | 23         |
| calltrace:kmem_cache_alloc_trace                      | 0          | 23         |
+-------------------------------------------------------+------------+------------+



[  113.837586] usb usb1: dummy_bus_resume
[  113.898313] kobject (ffff88011a32b0d0): tried to init an initialized object, something is seriously wrong.
[  113.932793] CPU: 0 PID: 1 Comm: swapper Not tainted 4.9.0-rc6-00151-g1da5c46 #1
[  113.965456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[  114.007171]  ffffc9000000baf8 ffffffff815f58cb ffffc9000000bb18 ffffffff815f9095
[  114.049040]  ffff88011a32b0c0 00000000fffffff4 ffffc9000000bb30 ffffffff8179ff28
[  114.091078]  ffff88011a32b0c0 ffffc9000000bb48 ffffffff817a2d32 ffff88011c1a4a88
[  114.132549] Call Trace:
[  114.151991]  [<ffffffff815f58cb>] dump_stack+0x19/0x1e
[  114.182130]  [<ffffffff815f9095>] kobject_init+0xc5/0xd0
[  114.212856]  [<ffffffff8179ff28>] device_initialize+0x28/0x110
[  114.245784]  [<ffffffff817a2d32>] device_register+0x12/0x20
[  114.278607]  [<ffffffff81a2437b>] usb_add_gadget_udc_release+0xeb/0x3e0
[  114.315644]  [<ffffffff81a24720>] usb_add_gadget_udc+0x10/0x20
[  114.352233]  [<ffffffff81a2a972>] dummy_udc_probe+0x1f2/0x280
[  114.386934]  [<ffffffff817a92cc>] platform_drv_probe+0x9c/0x100
[  114.420096]  [<ffffffff817a6675>] really_probe+0x3f5/0x680
[  114.451531]  [<ffffffff817a7000>] ? __driver_attach+0x1b0/0x1b0
[  114.484284]  [<ffffffff817a6d99>] driver_probe_device+0x79/0x130
[  114.506127]  [<ffffffff817a70da>] __device_attach_driver+0xda/0x1b0
[  114.526765]  [<ffffffff817a42d5>] bus_for_each_drv+0x85/0xe0
[  114.549448]  [<ffffffff817a6aba>] __device_attach+0xda/0x1e0
[  114.574463]  [<ffffffff817a7213>] device_initial_probe+0x13/0x20
[  114.606811]  [<ffffffff817a4706>] bus_probe_device+0xf6/0x110
[  114.629723]  [<ffffffff817a2707>] device_add+0x4e7/0xb00
[  114.644270]  [<ffffffff817a9fa4>] platform_device_add+0x294/0x3a0
[  114.664941]  [<ffffffff832ac455>] init+0x34a/0x46d
[  114.681535]  [<ffffffff832ac10b>] ? trace_event_define_fields_udc_log_req+0x2c3/0x2c3
[  114.713782]  [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[  114.896908]  [<ffffffff832454fa>] do_one_initcall+0xad/0x1d4
[  114.919299]  [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[  114.936703]  [<ffffffff83245754>] kernel_init_freeable+0x133/0x1fd
[  114.955426]  [<ffffffff81dfcf80>] ? rest_init+0xc0/0xc0
[  114.969233]  [<ffffffff81dfcf8e>] kernel_init+0xe/0x180
[  114.982266]  [<ffffffff81e10475>] ret_from_fork+0x25/0x30
[  115.005860] general protection fault: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
[  115.031681] CPU: 0 PID: 1 Comm: swapper Not tainted 4.9.0-rc6-00151-g1da5c46 #1
[  115.065969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[  115.107834] task: ffff88013ab24f40 task.stack: ffffc90000008000
[  115.131974] RIP: 0010:[<ffffffff815f90c8>]  [<ffffffff815f90c8>] kobject_get+0x28/0x110
[  115.167482] RSP: 0000:ffffc9000000ba60  EFLAGS: 00010206
[  115.187115] RAX: 0000000000000003 RBX: 6b6b6b6b6b6b6b7b RCX: ffff88013aa37ad8
[  115.211098] RDX: ffffffff8179f660 RSI: 0000000000000000 RDI: 6b6b6b6b6b6b6b7b
[  115.236534] RBP: ffffc9000000ba70 R08: ffffffff8219faf0 R09: 0000000000000001
[  115.261557] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88011c2384a8
[  115.286775] R13: 0000000000000000 R14: ffff88011c3dd3e8 R15: 0000000000000003
[  115.311756] FS:  0000000000000000(0000) GS:ffffffff82839000(0000) knlGS:0000000000000000
[  115.349086] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  115.374489] CR2: 0000000000000000 CR3: 0000000002811000 CR4: 00000000000006f0
[  115.425916] Stack:
[  115.437133]  ffff88011c238c00 ffff88011c2384a8 ffffc9000000ba80 ffffffff8179f67b
[  115.470639]  ffffc9000000baa0 ffffffff81dfbcbf ffff88011c2384a8 ffff88011c238c00
[  115.506838]  ffffc9000000bac0 ffffffff81dfbfe8 ffff88011a32b0d0 ffff88011a32b0c0
[  115.542451] Call Trace:
[  115.555546]  [<ffffffff8179f67b>] klist_children_get+0x1b/0x20
[  115.578626]  [<ffffffff81dfbcbf>] klist_node_init+0x4f/0x60
[  115.599143]  [<ffffffff81dfbfe8>] klist_add_tail+0x18/0x50
[  115.619467]  [<ffffffff817a2ce7>] device_add+0xac7/0xb00
[  115.639486]  [<ffffffff81a21800>] ? usb_udc_uevent+0xe0/0xe0
[  115.660132]  [<ffffffff817a2d3a>] device_register+0x1a/0x20
[  115.680575]  [<ffffffff81a2437b>] usb_add_gadget_udc_release+0xeb/0x3e0
[  115.703681]  [<ffffffff81a24720>] usb_add_gadget_udc+0x10/0x20
[  115.724847]  [<ffffffff81a2a972>] dummy_udc_probe+0x1f2/0x280
[  115.739262]  [<ffffffff817a92cc>] platform_drv_probe+0x9c/0x100
[  115.754013]  [<ffffffff817a6675>] really_probe+0x3f5/0x680
[  115.775077]  [<ffffffff817a7000>] ? __driver_attach+0x1b0/0x1b0
[  115.796853]  [<ffffffff817a6d99>] driver_probe_device+0x79/0x130
[  115.818818]  [<ffffffff817a70da>] __device_attach_driver+0xda/0x1b0
[  115.841476]  [<ffffffff817a42d5>] bus_for_each_drv+0x85/0xe0
[  115.865516]  [<ffffffff817a6aba>] __device_attach+0xda/0x1e0
[  115.889695]  [<ffffffff817a7213>] device_initial_probe+0x13/0x20
[  115.914421]  [<ffffffff817a4706>] bus_probe_device+0xf6/0x110
[  115.932634]  [<ffffffff817a2707>] device_add+0x4e7/0xb00
[  115.947834]  [<ffffffff817a9fa4>] platform_device_add+0x294/0x3a0
[  115.964976]  [<ffffffff832ac455>] init+0x34a/0x46d
[  115.980077]  [<ffffffff832ac10b>] ? trace_event_define_fields_udc_log_req+0x2c3/0x2c3
[  116.012679]  [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[  116.036105]  [<ffffffff832454fa>] do_one_initcall+0xad/0x1d4
[  116.054418]  [<ffffffff832448ae>] ? do_early_param+0xbb/0xbb
[  116.087820]  [<ffffffff83245754>] kernel_init_freeable+0x133/0x1fd
[  116.112002]  [<ffffffff81dfcf80>] ? rest_init+0xc0/0xc0
[  116.126583]  [<ffffffff81dfcf8e>] kernel_init+0xe/0x180
[  116.143468]  [<ffffffff81e10475>] ret_from_fork+0x25/0x30
[  116.159739] Code: 82 eb cb 31 c0 48 85 ff 55 0f 95 c0 48 83 c0 02 48 89 e5 41 54 48 83 04 c5 b8 55 ec 82 01 48 85 ff 53 48 89 fb 0f 84 8e 00 00 00 <0f> b6 57 3c 89 d0 f7 d0 83 e0 01 48 83 c0 02 48 83 04 c5 90 55 
[  116.282228] RIP  [<ffffffff815f90c8>] kobject_get+0x28/0x110
[  116.305402]  RSP <ffffc9000000ba60>
[  116.326724] =============================================================================
[  116.352224] BUG kmalloc-256 (Tainted: G      D        ): Poison overwritten
[  116.368819] -----------------------------------------------------------------------------
[  116.368819] 
[  116.410204] INFO: 0xffff88011c238c00-0xffff88011c238c1b. First byte 0xa8 instead of 0x6b
[  116.442412] INFO: Allocated in device_private_init+0x23/0x90 age=260 cpu=0 pid=1
[  116.741039] INFO: Freed in device_release+0x10d/0x120 age=243 cpu=0 pid=1
[  117.017420] INFO: Slab 0xffffea0004708e00 objects=13 used=13 fp=0x          (null) flags=0x8000000000004080
[  117.059692] INFO: Object 0xffff88011c238b98 @offset=2968 fp=0xffff88011c239978
[  117.059692] 
[  117.100132] Redzone ffff88011c238b90: bb bb bb bb bb bb bb bb                          ........
[  117.128612] Object ffff88011c238b98: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b  kkkkkkkkkkkkkkkk
[  117.157068] Object ffff88011c238ba8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b  kkkkkkkkkkkkkkkk
[  117.185096] Object ffff88011c238bb8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b  kkkkkkkkkkkkkkkk


To reproduce:

        git clone git://git.kernel.org/pub/scm/linux/kernel/git/wfg/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.9.0-rc6-00151-g1da5c46" of type "text/plain" (104093 bytes)

View attachment "job-script" of type "text/plain" (4069 bytes)

Download attachment "dmesg.xz" of type "application/octet-stream" (13212 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ