| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170510022446.GK28430@yexl-desktop>
Date: Wed, 10 May 2017 10:24:46 +0800
From: kernel test robot <xiaolong.ye@...el.com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc: Ingo Molnar <mingo@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Andrew Morton <akpm@...ux-foundation.org>,
Andy Lutomirski <luto@...capital.net>,
Andy Lutomirski <luto@...nel.org>,
Arnd Bergmann <arnd@...db.de>, Borislav Petkov <bp@...en8.de>,
Brian Gerst <brgerst@...il.com>,
Dave Hansen <dave.hansen@...el.com>,
Denys Vlasenko <dvlasenk@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Michal Hocko <mhocko@...e.com>,
Peter Zijlstra <peterz@...radead.org>,
LKML <linux-kernel@...r.kernel.org>, lkp@...org
Subject: [lkp-robot] [x86] f2a6a70501: BUG:KASAN:null-ptr-deref_on_address
FYI, we noticed the following commit:
commit: f2a6a7050109e0a5c7a84c70aa6010f682b2f1ee ("x86: Convert the rest of the code to support p4d_t")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -smp 2 -m 512M
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-------------------------------------------------------------------------------------------------+------------+------------+
| | 907cd43902 | f2a6a70501 |
+-------------------------------------------------------------------------------------------------+------------+------------+
| boot_successes | 0 | 0 |
| boot_failures | 8 | 6 |
| invoked_oom-killer:gfp_mask=0x | 2 | 2 |
| Mem-Info | 8 | 6 |
| Kernel_panic-not_syncing:Out_of_memory_and_no_killable_processes | 2 | 2 |
| page_allocation_failure:order:#,mode:#(__GFP_COMP|__GFP_NOTRACK),nodemask=(null) | 6 | 4 |
| page_allocation_failure:order:#,mode:#(__GFP_COMP|__GFP_HARDWALL|__GFP_NOTRACK),nodemask=(null) | 6 | |
| Kernel_panic-not_syncing:can't_set_nsfs_up | 6 | |
| BUG:KASAN:null-ptr-deref_on_address | 0 | 4 |
| BUG:unable_to_handle_kernel | 0 | 4 |
| Oops:#[##] | 0 | 4 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 4 |
+-------------------------------------------------------------------------------------------------+------------+------------+
[ 0.225718] BUG: KASAN: null-ptr-deref on address 0000000000000020
[ 0.225718] BUG: KASAN: null-ptr-deref on address 0000000000000020
[ 0.226666] Write of size 8 by task swapper/0/0
[ 0.226666] Write of size 8 by task swapper/0/0
[ 0.226666] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.11.0-rc2-00278-gf2a6a70 #2
[ 0.226666] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.11.0-rc2-00278-gf2a6a70 #2
[ 0.226666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 0.226666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 0.226666] Call Trace:
[ 0.226666] Call Trace:
[ 0.226666] dump_stack+0x149/0x1eb
[ 0.226666] dump_stack+0x149/0x1eb
[ 0.226666] kasan_report+0x61d/0x670
[ 0.226666] kasan_report+0x61d/0x670
[ 0.226666] ? proc_sys_init+0x30/0x87
[ 0.226666] ? proc_sys_init+0x30/0x87
[ 0.226666] ? __asan_loadN+0xf/0x20
[ 0.226666] ? __asan_loadN+0xf/0x20
[ 0.226666] ? proc_mkdir_data+0xb6/0x170
[ 0.226666] ? proc_mkdir_data+0xb6/0x170
[ 0.226666] __asan_store8+0x61/0x70
[ 0.226666] __asan_store8+0x61/0x70
[ 0.226666] proc_sys_init+0x30/0x87
[ 0.226666] proc_sys_init+0x30/0x87
[ 0.226666] proc_root_init+0xf4/0x11e
[ 0.226666] proc_root_init+0xf4/0x11e
[ 0.226666] start_kernel+0x8b5/0x990
[ 0.226666] start_kernel+0x8b5/0x990
[ 0.226666] ? thread_stack_cache_init+0x35/0x35
[ 0.226666] ? thread_stack_cache_init+0x35/0x35
[ 0.226666] ? __asan_loadN+0xf/0x20
[ 0.226666] ? __asan_loadN+0xf/0x20
[ 0.226666] ? early_idt_handler_array+0x120/0x120
[ 0.226666] ? early_idt_handler_array+0x120/0x120
[ 0.226666] x86_64_start_reservations+0x6b/0x8c
[ 0.226666] x86_64_start_reservations+0x6b/0x8c
[ 0.226666] x86_64_start_kernel+0x199/0x1bd
[ 0.226666] x86_64_start_kernel+0x199/0x1bd
[ 0.226666] start_cpu+0x14/0x14
[ 0.226666] start_cpu+0x14/0x14
[ 0.226666] ==================================================================
[ 0.226666] ==================================================================
[ 0.226666] Disabling lock debugging due to kernel taint
[ 0.226666] Disabling lock debugging due to kernel taint
[ 0.226704] BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
[ 0.226704] BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
[ 0.228866] IP: proc_sys_init+0x35/0x87
[ 0.228866] IP: proc_sys_init+0x35/0x87
[ 0.229726] PGD 0
[ 0.229726] PGD 0
[ 0.229732] P4D 0
[ 0.229732] P4D 0
[ 0.229999]
[ 0.229999]
[ 0.229999] Oops: 0002 [#1] SMP KASAN
[ 0.229999] Oops: 0002 [#1] SMP KASAN
[ 0.229999] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 4.11.0-rc2-00278-gf2a6a70 #2
[ 0.229999] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B 4.11.0-rc2-00278-gf2a6a70 #2
[ 0.229999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 0.229999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 0.229999] task: ffffffff8762a380 task.stack: ffffffff87600000
[ 0.229999] task: ffffffff8762a380 task.stack: ffffffff87600000
[ 0.229999] RIP: 0010:proc_sys_init+0x35/0x87
[ 0.229999] RIP: 0010:proc_sys_init+0x35/0x87
[ 0.229999] RSP: 0000:ffffffff87607e00 EFLAGS: 00010286
[ 0.229999] RSP: 0000:ffffffff87607e00 EFLAGS: 00010286
[ 0.229999] RAX: ffffffff8762a380 RBX: 332459ea0398d339 RCX: ffffffff8128f6d6
[ 0.229999] RAX: ffffffff8762a380 RBX: 332459ea0398d339 RCX: ffffffff8128f6d6
[ 0.229999] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000028
[ 0.229999] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000028
[ 0.229999] RBP: ffffffff87607e10 R08: fffffbfff11abe65 R09: fffffbfff11abe64
[ 0.229999] RBP: ffffffff87607e10 R08: fffffbfff11abe65 R09: fffffbfff11abe64
[ 0.229999] R10: ffffffff88d5f327 R11: fffffbfff11abe65 R12: 0000000000000000
[ 0.229999] R10: ffffffff88d5f327 R11: fffffbfff11abe65 R12: 0000000000000000
[ 0.229999] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000002
[ 0.229999] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000002
[ 0.229999] FS: 0000000000000000(0000) GS:ffff880000200000(0000) knlGS:0000000000000000
[ 0.229999] FS: 0000000000000000(0000) GS:ffff880000200000(0000) knlGS:0000000000000000
[ 0.229999] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.229999] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.229999] CR2: 0000000000000020 CR3: 000000000761e000 CR4: 00000000000006b0
[ 0.229999] CR2: 0000000000000020 CR3: 000000000761e000 CR4: 00000000000006b0
[ 0.229999] Call Trace:
[ 0.229999] Call Trace:
[ 0.229999] proc_root_init+0xf4/0x11e
[ 0.229999] proc_root_init+0xf4/0x11e
[ 0.229999] start_kernel+0x8b5/0x990
[ 0.229999] start_kernel+0x8b5/0x990
[ 0.229999] ? thread_stack_cache_init+0x35/0x35
[ 0.229999] ? thread_stack_cache_init+0x35/0x35
[ 0.229999] ? __asan_loadN+0xf/0x20
[ 0.229999] ? __asan_loadN+0xf/0x20
[ 0.229999] ? early_idt_handler_array+0x120/0x120
[ 0.229999] ? early_idt_handler_array+0x120/0x120
[ 0.229999] x86_64_start_reservations+0x6b/0x8c
[ 0.229999] x86_64_start_reservations+0x6b/0x8c
[ 0.229999] x86_64_start_kernel+0x199/0x1bd
[ 0.229999] x86_64_start_kernel+0x199/0x1bd
[ 0.229999] start_cpu+0x14/0x14
[ 0.229999] start_cpu+0x14/0x14
[ 0.229999] Code: 1d 51 9f fd e8 08 7a 5b f7 31 f6 48 c7 c7 80 af a0 85 e8 fa fa 96 f7 48 8d 78 20 49 89 c4 48 31 eb e8 3b db 7b f7 49 8d 7c 24 28 <49> c7 44 24 20 40 c0 a0 85 e8 28 db 7b f7 49 8d 7c 24 08 49 c7
[ 0.229999] Code: 1d 51 9f fd e8 08 7a 5b f7 31 f6 48 c7 c7 80 af a0 85 e8 fa fa 96 f7 48 8d 78 20 49 89 c4 48 31 eb e8 3b db 7b f7 49 8d 7c 24 28 <49> c7 44 24 20 40 c0 a0 85 e8 28 db 7b f7 49 8d 7c 24 08 49 c7
[ 0.229999] RIP: proc_sys_init+0x35/0x87 RSP: ffffffff87607e00
[ 0.229999] RIP: proc_sys_init+0x35/0x87 RSP: ffffffff87607e00
[ 0.229999] CR2: 0000000000000020
[ 0.229999] CR2: 0000000000000020
[ 0.229999] ---[ end trace d7042a2b0fc5a1e6 ]---
To reproduce:
git clone https://github.com/01org/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Xiaolong
View attachment "config-4.11.0-rc2-00278-gf2a6a70" of type "text/plain" (120665 bytes)
View attachment "job-script" of type "text/plain" (3933 bytes)
Download attachment "dmesg.xz" of type "application/octet-stream" (7192 bytes)
Powered by blists - more mailing lists