lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 19 Dec 2017 10:42:45 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     Byungchul Park <byungchul.park@....com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        LKML <linux-kernel@...r.kernel.org>, lkp@...org
Subject: [lkp-robot] [locking/lockdep]  e966eaeeb6:
 BUG:KASAN:use-after-scope_in_v


FYI, we noticed the following commit (built with gcc-7):

commit: e966eaeeb623f09975ef362c2866fae6f86844f9 ("locking/lockdep: Remove the cross-release locking checks")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -smp 2 -m 512M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+--------------------------------+------------+------------+
|                                | d89c70356a | e966eaeeb6 |
+--------------------------------+------------+------------+
| boot_successes                 | 4          | 4          |
| boot_failures                  | 48         | 2          |
| BUG:KASAN:use-after-scope_in_r | 48         |            |
| BUG:KASAN:use-after-scope_in_v | 0          | 2          |
+--------------------------------+------------+------------+



[    0.010000] BUG: KASAN: use-after-scope in validate_chain+0x11bb/0x1954
[    0.010000] BUG: KASAN: use-after-scope in validate_chain+0x11bb/0x1954
[    0.010000] Write of size 64 at addr ffffffff842074a0 by task swapper/0
[    0.010000] Write of size 64 at addr ffffffff842074a0 by task swapper/0
[    0.010000] 
[    0.010000] 
[    0.010000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.15.0-rc3-00003-ge966eae #1
[    0.010000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.15.0-rc3-00003-ge966eae #1
[    0.010000] Call Trace:
[    0.010000] Call Trace:
[    0.010000]  dump_stack+0x2e/0x3e
[    0.010000]  dump_stack+0x2e/0x3e
[    0.010000]  print_address_description+0x96/0x37b
[    0.010000]  print_address_description+0x96/0x37b
[    0.010000]  ? validate_chain+0x11bb/0x1954
[    0.010000]  ? validate_chain+0x11bb/0x1954
[    0.010000]  kasan_report+0x30d/0x362
[    0.010000]  kasan_report+0x30d/0x362
[    0.010000]  __asan_report_store_n_noabort+0x20/0x29
[    0.010000]  __asan_report_store_n_noabort+0x20/0x29
[    0.010000]  validate_chain+0x11bb/0x1954
[    0.010000]  validate_chain+0x11bb/0x1954
[    0.010000]  ? check_irq_usage+0x9b/0x9b
[    0.010000]  ? check_irq_usage+0x9b/0x9b
[    0.010000]  ? check_irq_usage+0x9b/0x9b
[    0.010000]  ? check_irq_usage+0x9b/0x9b
[    0.010000]  __lock_acquire+0xfdb/0x11b1
[    0.010000]  __lock_acquire+0xfdb/0x11b1
[    0.010000]  ? __lock_acquire+0xfdb/0x11b1
[    0.010000]  ? __lock_acquire+0xfdb/0x11b1
[    0.010000]  lock_acquire+0xec/0x14c
[    0.010000]  lock_acquire+0xec/0x14c
[    0.010000]  ? console_unlock+0xa1/0x597
[    0.010000]  ? console_unlock+0xa1/0x597
[    0.010000]  _raw_spin_lock+0x4a/0xbf
[    0.010000]  _raw_spin_lock+0x4a/0xbf
[    0.010000]  ? console_unlock+0xa1/0x597
[    0.010000]  ? console_unlock+0xa1/0x597
[    0.010000]  console_unlock+0xa1/0x597
[    0.010000]  console_unlock+0xa1/0x597
[    0.010000]  ? __down_trylock_console_sem+0xd3/0xe8
[    0.010000]  ? __down_trylock_console_sem+0xd3/0xe8
[    0.010000]  ? vprintk_emit+0x408/0x437
[    0.010000]  ? vprintk_emit+0x408/0x437
[    0.010000]  vprintk_emit+0x41f/0x437
[    0.010000]  vprintk_emit+0x41f/0x437
[    0.010000]  vprintk_default+0x1f/0x28
[    0.010000]  vprintk_default+0x1f/0x28
[    0.010000]  vprintk_func+0x9c/0xa5
[    0.010000]  vprintk_func+0x9c/0xa5
[    0.010000]  printk+0x9d/0xc7
[    0.010000]  printk+0x9d/0xc7
[    0.010000]  ? show_regs_print_info+0x19/0x19
[    0.010000]  ? show_regs_print_info+0x19/0x19
[    0.010000]  ? arch_local_save_flags+0x4f/0x58
[    0.010000]  ? arch_local_save_flags+0x4f/0x58
[    0.010000]  ? trace_hardirqs_off_caller+0x297/0x2c1
[    0.010000]  ? trace_hardirqs_off_caller+0x297/0x2c1
[    0.010000]  mp_register_ioapic+0xbb3/0xdaa
[    0.010000]  mp_register_ioapic+0xbb3/0xdaa
[    0.010000]  ? mp_map_gsi_to_irq+0xa0/0xa0
[    0.010000]  ? mp_map_gsi_to_irq+0xa0/0xa0
[    0.010000]  ? acpi_os_map_memory+0x10/0x19
[    0.010000]  ? acpi_os_map_memory+0x10/0x19
[    0.010000]  ? acpi_tb_acquire_table+0xc4/0x201
[    0.010000]  ? acpi_tb_acquire_table+0xc4/0x201
[    0.010000]  acpi_parse_ioapic+0x4b9/0x508
[    0.010000]  acpi_parse_ioapic+0x4b9/0x508
[    0.010000]  ? acpi_parse_nmi_src+0x114/0x114
[    0.010000]  ? acpi_parse_nmi_src+0x114/0x114
[    0.010000]  ? acpi_get_table+0x199/0x1b8
[    0.010000]  ? acpi_get_table+0x199/0x1b8
[    0.010000]  acpi_table_parse_entries_array+0x54e/0x88e
[    0.010000]  acpi_table_parse_entries_array+0x54e/0x88e
[    0.010000]  ? __mutex_lock+0x234/0x8e5
[    0.010000]  ? __mutex_lock+0x234/0x8e5
[    0.010000]  ? acpi_parse_apic_instance+0xcc/0xcc
[    0.010000]  ? acpi_parse_apic_instance+0xcc/0xcc
[    0.010000]  ? acpi_put_table+0x16f/0x185
[    0.010000]  ? acpi_put_table+0x16f/0x185
[    0.010000]  acpi_table_parse_entries+0x1ab/0x203
[    0.010000]  acpi_table_parse_entries+0x1ab/0x203
[    0.010000]  ? acpi_parse_nmi_src+0x114/0x114
[    0.010000]  ? acpi_parse_nmi_src+0x114/0x114
[    0.010000]  ? acpi_table_parse_entries_array+0x88e/0x88e
[    0.010000]  ? acpi_table_parse_entries_array+0x88e/0x88e
[    0.010000]  ? acpi_parse_nmi_src+0x114/0x114
[    0.010000]  ? acpi_parse_nmi_src+0x114/0x114
[    0.010000]  ? memset+0x46/0x54
[    0.010000]  ? memset+0x46/0x54
[    0.010000]  acpi_table_parse_madt+0x2c/0x57
[    0.010000]  acpi_table_parse_madt+0x2c/0x57
[    0.010000]  acpi_boot_init+0x66a/0x14c9
[    0.010000]  acpi_boot_init+0x66a/0x14c9
[    0.010000]  ? early_acpi_boot_init+0x3c1/0x3c1
[    0.010000]  ? early_acpi_boot_init+0x3c1/0x3c1
[    0.010000]  ? pmd_page_vaddr+0x16/0x71
[    0.010000]  ? pmd_page_vaddr+0x16/0x71
[    0.010000]  ? pte_offset_kernel+0x43/0x52
[    0.010000]  ? pte_offset_kernel+0x43/0x52
[    0.010000]  ? set_pte+0x7f/0x8a
[    0.010000]  ? set_pte+0x7f/0x8a


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.15.0-rc3-00003-ge966eae" of type "text/plain" (121972 bytes)

View attachment "job-script" of type "text/plain" (4135 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (16992 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ