lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Sun, 10 Sep 2017 22:27:17 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     George Cherian <george.cherian@...ium.com>
Cc:     devel@...ica.org, linux-kernel@...r.kernel.org,
        linux-acpi@...r.kernel.org, rjw@...ysocki.net, lenb@...nel.org,
        jassisinghbrar@...il.com, robert.moore@...el.com,
        lv.zheng@...el.com, pprakash@...eaurora.org,
        George Cherian <george.cherian@...ium.com>, lkp@...org
Subject: [lkp-robot] [ACPI / CPPC]  266c175b9b: BUG:KASAN:null-ptr-deref


FYI, we noticed the following commit:

commit: 266c175b9b3242f472f0ae5260a97cf62747a1d1 ("ACPI / CPPC: Make cppc acpi driver aware of pcc subspace ids")
url: https://github.com/0day-ci/linux/commits/George-Cherian/mailbox-PCC-Move-the-MAX_PCC_SUBSPACES-definition-to-header-file/20170908-060133


in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -cpu Haswell,+smep,+smap -smp 2 -m 1G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+------------------------------------------+------------+------------+
|                                          | 91805fa192 | 266c175b9b |
+------------------------------------------+------------+------------+
| boot_successes                           | 10         | 0          |
| boot_failures                            | 0          | 12         |
| BUG:KASAN:null-ptr-deref                 | 0          | 12         |
| BUG:unable_to_handle_kernel              | 0          | 12         |
| Oops:#[##]                               | 0          | 12         |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 12         |
+------------------------------------------+------------+------------+



[   37.051995] BUG: KASAN: null-ptr-deref in acpi_cppc_processor_exit+0x71/0x185
[   37.053134] Read of size 1 at addr 0000000000000014 by task swapper/0/1
[   37.054195] 
[   37.054455] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.13.0-06468-g266c175 #1
[   37.054546] Call Trace:
[   37.054546]  dump_stack+0x85/0xbe
[   37.054546]  kasan_report+0x21e/0x253
[   37.054546]  __asan_load1+0x45/0x47
[   37.054546]  acpi_cppc_processor_exit+0x71/0x185
[   37.054546]  acpi_processor_stop+0x9d/0xa4
[   37.054546]  driver_probe_device+0x228/0x481
[   37.054546]  __driver_attach+0x9f/0xc9
[   37.054546]  ? driver_probe_device+0x481/0x481
[   37.054546]  bus_for_each_dev+0x89/0xa9
[   37.054546]  driver_attach+0x26/0x29
[   37.054546]  bus_add_driver+0x19b/0x2bd
[   37.054546]  driver_register+0x103/0x151
[   37.054546]  ? acpi_video_init+0xb2/0xb2
[   37.054546]  acpi_processor_driver_init+0x28/0x9d
[   37.054546]  do_one_initcall+0x9a/0x145
[   37.054546]  kernel_init_freeable+0x1ab/0x23c
[   37.054546]  ? rest_init+0x235/0x235
[   37.054546]  kernel_init+0xc/0x108
[   37.054546]  ? rest_init+0x235/0x235
[   37.054546]  ret_from_fork+0x2a/0x40
[   37.054546] ==================================================================
[   37.069690] BUG: unable to handle kernel NULL pointer dereference at 0000000000000014
[   37.070969] IP: acpi_cppc_processor_exit+0x71/0x185
[   37.071770] PGD 0 P4D 0 
[   37.072205] Oops: 0000 [#1] SMP KASAN
[   37.072802] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G    B           4.13.0-06468-g266c175 #1
[   37.073659] task: ffff88002aea0000 task.stack: ffff88002aea8000
[   37.073659] RIP: 0010:acpi_cppc_processor_exit+0x71/0x185
[   37.073659] RSP: 0000:ffff88002aeafcd0 EFLAGS: 00010256
[   37.073659] RAX: 0000000000000296 RBX: 0000000000000000 RCX: ffffffff8252bab2
[   37.073659] RDX: 1ffffffff09aa1d0 RSI: 0000000000000003 RDI: 0000000000000296
[   37.073659] RBP: ffff88002aeafcf8 R08: dffffc0000000000 R09: 0000000000000001
[   37.073659] R10: ffffed00055d5f83 R11: ffffffff85f7c750 R12: ffff880029d54900
[   37.073659] R13: ffff880029d54910 R14: 0000000000000000 R15: ffffffff8693b800
[   37.073659] FS:  0000000000000000(0000) GS:ffff88002b000000(0000) knlGS:0000000000000000
[   37.073659] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   37.073659] CR2: 0000000000000014 CR3: 0000000026a83000 CR4: 00000000000606b0
[   37.073659] Call Trace:
[   37.073659]  acpi_processor_stop+0x9d/0xa4
[   37.073659]  driver_probe_device+0x228/0x481
[   37.073659]  __driver_attach+0x9f/0xc9
[   37.073659]  ? driver_probe_device+0x481/0x481
[   37.073659]  bus_for_each_dev+0x89/0xa9
[   37.073659]  driver_attach+0x26/0x29
[   37.073659]  bus_add_driver+0x19b/0x2bd
[   37.073659]  driver_register+0x103/0x151
[   37.073659]  ? acpi_video_init+0xb2/0xb2
[   37.073659]  acpi_processor_driver_init+0x28/0x9d
[   37.073659]  do_one_initcall+0x9a/0x145
[   37.073659]  kernel_init_freeable+0x1ab/0x23c
[   37.073659]  ? rest_init+0x235/0x235
[   37.073659]  kernel_init+0xc/0x108
[   37.073659]  ? rest_init+0x235/0x235
[   37.073659]  ret_from_fork+0x2a/0x40
[   37.073659] Code: 63 1b 85 db 0f 88 9c 00 00 00 4c 8d 3c dd 00 b8 93 86 4c 89 ff e8 46 ce b4 ff 4c 8b 34 dd 00 b8 93 86 49 8d 7e 14 e8 9c cb b4 ff <41> 80 7e 14 00 74 74 49 8d be 5c 01 00 00 e8 19 cd b4 ff 41 ff 
[   37.073659] RIP: acpi_cppc_processor_exit+0x71/0x185 RSP: ffff88002aeafcd0
[   37.073659] CR2: 0000000000000014
[   37.073659] ---[ end trace 0a860a241596ffde ]---


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.13.0-06468-g266c175" of type "text/plain" (99834 bytes)

View attachment "job-script" of type "text/plain" (4306 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (10140 bytes)

Powered by blists - more mailing lists