| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5887386c.KVVQelScITHnzTIS%fengguang.wu@intel.com>
Date: Tue, 24 Jan 2017 19:20:12 +0800
From: kernel test robot <fengguang.wu@...el.com>
To: Sergey Senozhatsky <sergey.senozhatsky@...il.com>
Cc: LKP <lkp@...org>, linux-kernel@...r.kernel.org,
devicetree@...r.kernel.org, Frank Rowand <frowand.list@...il.com>,
Rob Herring <robh@...nel.org>, wfg@...ux.intel.com
Subject: [of/unittest] 815d74b35e: BUG: unable to handle kernel NULL
pointer dereference at 00000012
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
commit 815d74b35e3366261ac2519af64b53f76fb0c0e1
Author: Sergey Senozhatsky <sergey.senozhatsky@...il.com>
AuthorDate: Wed Mar 2 20:24:49 2016 +0900
Commit: Rob Herring <robh@...nel.org>
CommitDate: Thu Mar 3 16:51:31 2016 -0600
of/unittest: fix infinite loop in of_unittest_destroy_tracked_overlays()
of_overlay_destroy() can return `-ENODEV' error code once it
failed to find the requested overlay in `ov_idr'. However,
of_unittest_destroy_tracked_overlays() does not handle this
error code correctly and continues to call of_overlay_destroy()
on the 'missing' overlay over and over again. This results in
a printk flood
[..]
[ 33.497583] of_overlay_destroy: Could not find overlay #6
[ 33.497583] of_overlay_destroy: Could not find overlay #6
[ 33.497584] ### dt-test ### of_unittest_destroy_tracked_overlays: overlay destroy failed for #6
[ 33.497584] ### dt-test ### of_unittest_destroy_tracked_overlays: overlay destroy failed for #6
[ 33.497586] of_overlay_destroy: Could not find overlay #6
[ 33.497586] of_overlay_destroy: Could not find overlay #6
[ 33.497587] ### dt-test ### of_unittest_destroy_tracked_overlays: overlay destroy failed for #6
[ 33.497587] ### dt-test ### of_unittest_destroy_tracked_overlays: overlay destroy failed for #6
[..]
which is not really good due to printk design, and can lead to soft
lockups, hard lockups, etc. (depending on the context console_unlock()
is being called from). The problem has bee observed in real life
and reported by Ying Huang.
This patch does not address the root cause of missing overlay in
`ov_idr', it fixes the endless loop only.
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@...il.com>
Reported-by: kernel test robot <ying.huang@...ux.intel.com>
Link: lkml.kernel.org/r/87fuwk1c0o.fsf@...ang-dev.intel.com
Signed-off-by: Rob Herring <robh@...nel.org>
+-------------------------------------------------------+------------+------------+------------+
| | e53b50c0cb | 815d74b35e | 0ba37614e4 |
+-------------------------------------------------------+------------+------------+------------+
| boot_successes | 918 | 302 | 32 |
| boot_failures | 0 | 8 | 4 |
| BUG:unable_to_handle_kernel | 0 | 8 | 2 |
| Oops | 0 | 8 | |
| EIP_is_at_perf_prepare_sample | 0 | 8 | |
| calltrace:SyS_getdents64 | 0 | 5 | |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 7 | 2 |
| calltrace:SyS_fstatat64 | 0 | 1 | |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 1 | |
| BUG:kernel_reboot-without-warning_in_test_stage | 0 | 0 | 1 |
| BUG_kmalloc-#(Not_tainted):Redzone_overwritten | 0 | 0 | 1 |
| INFO:#-#.First_byte#instead_of | 0 | 0 | 1 |
| INFO:Allocated_in_sock_alloc_inode_age=#cpu=#pid= | 0 | 0 | 1 |
| INFO:Freed_in__rcu_process_callbacks_age=#cpu=#pid= | 0 | 0 | 1 |
| INFO:Slab#objects=#used=#fp=#flags= | 0 | 0 | 2 |
| INFO:Object#@...set=#fp= | 0 | 0 | 1 |
| Oops:#[##] | 0 | 0 | 2 |
| BUG_kmalloc-#(Tainted:G_D):Padding_overwritten | 0 | 0 | 1 |
| BUG_kmalloc-#(Tainted:G_B_D):Invalid_object_pointer | 0 | 0 | 1 |
+-------------------------------------------------------+------------+------------+------------+
[ 6.375988] udevd (116) used greatest stack depth: 6448 bytes left
[ 6.378878] udevd (122) used greatest stack depth: 6336 bytes left
[ 14.130887] sock: process `trinity-main' is using obsolete setsockopt SO_BSDCOMPAT
[ 18.803451] BUG: unable to handle kernel NULL pointer dereference at 00000012
[ 18.805819] IP: [<c9aa6893>] perf_prepare_sample+0x82/0x2a7
[ 18.807694] *pde = 00000000
[ 18.809017] Oops: 0000 [#1] DEBUG_PAGEALLOC
[ 18.810162] Modules linked in:
[ 18.811069] CPU: 0 PID: 12140 Comm: trinity-main Not tainted 4.5.0-rc1-00010-g815d74b #1
[ 18.812906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 18.815004] task: d013ca00 ti: d0614000 task.ti: d0614000
[ 18.816107] EIP: 0060:[<c9aa6893>] EFLAGS: 00010206 CPU: 0
[ 18.817247] EIP is at perf_prepare_sample+0x82/0x2a7
[ 18.818305] EAX: 00000012 EBX: d0615d24 ECX: 00000008 EDX: 00000001
[ 18.819499] ESI: d0615e00 EDI: d06184b0 EBP: d0615d08 ESP: d0615ce4
[ 18.820713] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
[ 18.821827] CR0: 80050033 CR2: 00000012 CR3: 1068d000 CR4: 00040610
[ 18.823044] DR0: c0100220 DR1: 080ce000 DR2: 00000000 DR3: 00000000
[ 18.824240] DR6: ffff0ff0 DR7: 00010602
[ 18.825162] Stack:
[ 18.825885] 00000000 00000000 c9aa6ab8 00000000 00000000 000021ea d06184b0 d0615e00
[ 18.828238] d0615fb4 d0615d50 c9aa6af3 d0615fb4 00000002 00000000 00000000 c9aa6ab8
[ 18.830578] 00000009 00300002 d013ce78 d0615d3c c9a2888f d013ce78 d0615d48 c9a07cf5
[ 18.832911] Call Trace:
[ 18.833732] [<c9aa6ab8>] ? perf_prepare_sample+0x2a7/0x2a7
[ 18.834865] [<c9aa6af3>] perf_event_output+0x3b/0x89
[ 18.835929] [<c9aa6ab8>] ? perf_prepare_sample+0x2a7/0x2a7
[ 18.837114] [<c9a2888f>] ? kvm_sched_clock_read+0x9/0x18
[ 18.838211] [<c9a07cf5>] ? sched_clock+0x9/0xd
[ 18.839217] [<c9aa6ca6>] __perf_event_overflow+0x165/0x1d2
[ 18.840381] [<c9aa742f>] perf_swevent_overflow+0x46/0x60
[ 18.841481] [<c9aa750b>] perf_swevent_event+0xc2/0xcc
[ 18.842554] [<c9aa7ab1>] ___perf_sw_event+0x24b/0x25b
[ 18.843678] [<c9a07cf5>] ? sched_clock+0x9/0xd
[ 18.844687] [<c9a28871>] ? kvm_clock_read+0x14/0x1d
[ 18.845744] [<c9a2888f>] ? kvm_sched_clock_read+0x9/0x18
git bisect start v4.6 v4.5 --
git bisect bad 7b367f5dba5c5162a7308e85d3fc9170b0cb3e5f # 13:29 32- 1 Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad 46e595a17dcf11404f713845ecb5b06b92a94e43 # 13:39 0- 2 Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
git bisect good d77bed0d4c61cb0258851367a36b358dbeb7abcc # 14:17 301+ 0 Merge tag 'dlm-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/teigland/linux-dlm
git bisect good fcab86add71623e3963d7565c0d61bb9d99aea7c # 14:36 308+ 0 Merge branch 'for-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata
git bisect bad fffad3e1b34aaced7724ef513dff0d8232ad8d80 # 14:46 20- 1 Merge tag 'xtensa-next-20160320' of git://github.com/czankel/xtensa-linux
git bisect bad 3c2de27d793bf55167804fc47954711e94f27be7 # 14:59 0- 2 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
git bisect bad d5e2d00898bdfed9586472679760fc81a2ca2d02 # 15:10 1- 4 Merge tag 'powerpc-4.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
git bisect good 1200b6809dfd9d73bc4c7db76d288c35fa4b2ebe # 15:32 310+ 0 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
git bisect bad 31e182363b39d84031eadf0caf6d99fd9eb056f0 # 15:53 4- 3 Merge tag 'devicetree-for-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux
git bisect good 6b22b3d1614af1a775f2ef006009f15077592c9c # 16:18 309+ 0 kbuild: Allow using host dtc instead of kernel's copy
git bisect bad 29626043c493a26d319a2b8c225fdc0c70e326bd # 16:28 0- 1 serial: fsl-imx-uart: Fix typo in fsl,dte-mode description
git bisect bad 815d74b35e3366261ac2519af64b53f76fb0c0e1 # 16:44 0- 1 of/unittest: fix infinite loop in of_unittest_destroy_tracked_overlays()
git bisect good e53b50c0cbe392c946807abf7d07615a3c588642 # 17:07 300+ 0 of: alloc anywhere from memblock if range not specified
# first bad commit: [815d74b35e3366261ac2519af64b53f76fb0c0e1] of/unittest: fix infinite loop in of_unittest_destroy_tracked_overlays()
git bisect good e53b50c0cbe392c946807abf7d07615a3c588642 # 17:25 901+ 0 of: alloc anywhere from memblock if range not specified
# extra tests with CONFIG_DEBUG_INFO_REDUCED
git bisect bad 815d74b35e3366261ac2519af64b53f76fb0c0e1 # 17:39 0- 1 of/unittest: fix infinite loop in of_unittest_destroy_tracked_overlays()
# extra tests on HEAD of linux-devel/devel-spot-201701241015
git bisect bad 0ba37614e4119b6f06354826443271e055243c09 # 17:39 0- 4 0day head guard for 'devel-spot-201701241015'
# extra tests on tree/branch linus/master
git bisect bad a4685d2f58e2230d4e27fb2ee581d7ea35e5d046 # 17:55 2- 4 Merge branch 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile
# extra tests with first bad commit reverted
git bisect good b0c2a27b05d3a1a66105a81cfcae335665c9e91e # 18:53 904+ 0 Revert "of/unittest: fix infinite loop in of_unittest_destroy_tracked_overlays()"
# extra tests on tree/branch linus/master
git bisect bad a4685d2f58e2230d4e27fb2ee581d7ea35e5d046 # 18:53 0- 95 Merge branch 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile
# extra tests on tree/branch linux-next/master
git bisect bad 766074e78188aac7ffbc1b51893a65668f315c54 # 19:19 18- 19 Add linux-next specific files for 20170124
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation
Download attachment "dmesg-yocto-kbuild-22:20170124164619:i386-randconfig-b0-01241049:4.5.0-rc1-00010-g815d74b:1.gz" of type "application/gzip" (13152 bytes)
View attachment "config-4.5.0-rc1-00010-g815d74b" of type "text/plain" (104130 bytes)
Powered by blists - more mailing lists