| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180224053405.ksymb5yurtpwmfs6@shao2-debian>
Date: Sat, 24 Feb 2018 13:34:05 +0800
From: kernel test robot <shun.hao@...el.com>
To: Petr Mladek <pmladek@...e.com>
Cc: Cong Wang <xiyou.wangcong@...il.com>,
Dave Hansen <dave.hansen@...el.com>,
Johannes Weiner <hannes@...xchg.org>,
Mel Gorman <mgorman@...e.de>, Michal Hocko <mhocko@...nel.org>,
Vlastimil Babka <vbabka@...e.cz>,
Peter Zijlstra <peterz@...radead.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Jan Kara <jack@...e.cz>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
Byungchul Park <byungchul.park@....com>,
Tejun Heo <tj@...nel.org>, Pavel Machek <pavel@....cz>,
Steven Rostedt <rostedt@...dmis.org>,
Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
LKML <linux-kernel@...r.kernel.org>,
linux-kernel@...r.kernel.org, lkp@...org
Subject: [lkp-robot] [printk] c162d5b433: BUG:KASAN:use-after-scope_in_c
TO: Petr Mladek <pmladek@...e.com>
CC: Cong Wang <xiyou.wangcong@...il.com>, Dave Hansen <dave.hansen@...el.com>, Johannes Weiner <hannes@...xchg.org>, Mel Gorman <mgorman@...e.de>, Michal Hocko <mhocko@...nel.org>, Vlastimil Babka <vbabka@...e.cz>, Peter Zijlstra <peterz@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Jan Kara <jack@...e.cz>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>, Byungchul Park <byungchul.park@....com>, Tejun Heo <tj@...nel.org>, Pavel Machek <pavel@....cz>, Steven Rostedt (VMware) <rostedt@...dmis.org>, Sergey Senozhatsky <sergey.senozhatsky@...il.com>, LKML <linux-kernel@...r.kernel.org>, linux-kernel@...r.kernel.org, lkp@...org
FYI, we noticed the following commit (built with gcc-7):
commit: c162d5b4338d72deed61aa65ed0f2f4ba2bbc8ab ("printk: Hide console waiter logic into helpers")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 1G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+--------------------------------+------------+------------+
| | dbdda842fe | c162d5b433 |
+--------------------------------+------------+------------+
| boot_successes | 0 | 0 |
| boot_failures | 18 | 16 |
| BUG:KASAN:use-after-scope_in_p | 18 | |
| BUG:KASAN:use-after-scope_in_c | 0 | 16 |
+--------------------------------+------------+------------+
[ 0.003333] BUG: KASAN: use-after-scope in console_unlock+0x185/0x960
[ 0.003333] BUG: KASAN: use-after-scope in console_unlock+0x185/0x960
[ 0.003333] Write of size 1 at addr ffffffff828079b8 by task swapper/0
[ 0.003333] Write of size 1 at addr ffffffff828079b8 by task swapper/0
[ 0.003333]
[ 0.003333]
[ 0.003333] CPU: 0 PID: 0 Comm: swapper Not tainted 4.14.0-12953-gc162d5b #1
[ 0.003333] CPU: 0 PID: 0 Comm: swapper Not tainted 4.14.0-12953-gc162d5b #1
[ 0.003333] Call Trace:
[ 0.003333] Call Trace:
[ 0.003333] ? dump_stack+0x11d/0x1c5
[ 0.003333] ? dump_stack+0x11d/0x1c5
[ 0.003333] ? printk+0xb5/0xd1
[ 0.003333] ? printk+0xb5/0xd1
[ 0.003333] ? arch_local_irq_restore+0x17/0x17
[ 0.003333] ? arch_local_irq_restore+0x17/0x17
[ 0.003333] ? do_raw_spin_unlock+0x137/0x169
[ 0.003333] ? do_raw_spin_unlock+0x137/0x169
[ 0.003333] ? irq_trace+0x2e/0x32
[ 0.003333] ? irq_trace+0x2e/0x32
[ 0.003333] ? console_unlock+0x185/0x960
[ 0.003333] ? console_unlock+0x185/0x960
[ 0.003333] ? print_address_description+0x6e/0x23b
[ 0.003333] ? print_address_description+0x6e/0x23b
[ 0.003333] ? console_unlock+0x185/0x960
[ 0.003333] ? console_unlock+0x185/0x960
[ 0.003333] ? kasan_report+0x223/0x249
[ 0.003333] ? kasan_report+0x223/0x249
[ 0.003333] ? console_unlock+0x185/0x960
[ 0.003333] ? console_unlock+0x185/0x960
[ 0.003333] ? wake_up_klogd+0xdf/0xdf
[ 0.003333] ? wake_up_klogd+0xdf/0xdf
[ 0.003333] ? do_raw_spin_unlock+0x145/0x169
[ 0.003333] ? do_raw_spin_unlock+0x145/0x169
[ 0.003333] ? do_raw_spin_trylock+0xed/0xed
[ 0.003333] ? do_raw_spin_trylock+0xed/0xed
[ 0.003333] ? irq_trace+0x2e/0x32
[ 0.003333] ? irq_trace+0x2e/0x32
[ 0.003333] ? _raw_spin_unlock_irqrestore+0x3b/0x54
[ 0.003333] ? _raw_spin_unlock_irqrestore+0x3b/0x54
[ 0.003333] ? time_hardirqs_off+0x12/0x2d
[ 0.003333] ? time_hardirqs_off+0x12/0x2d
[ 0.003333] ? arch_local_save_flags+0x7/0x8
[ 0.003333] ? arch_local_save_flags+0x7/0x8
[ 0.003333] ? trace_hardirqs_off_caller+0x127/0x139
[ 0.003333] ? trace_hardirqs_off_caller+0x127/0x139
[ 0.003333] ? irq_trace+0x2e/0x32
[ 0.003333] ? irq_trace+0x2e/0x32
[ 0.003333] ? vprintk_emit+0x579/0x823
[ 0.003333] ? vprintk_emit+0x579/0x823
[ 0.003333] ? __down_trylock_console_sem+0x90/0xa4
[ 0.003333] ? __down_trylock_console_sem+0x90/0xa4
[ 0.003333] ? __down_trylock_console_sem+0x9d/0xa4
[ 0.003333] ? __down_trylock_console_sem+0x9d/0xa4
[ 0.003333] ? vprintk_emit+0x7ec/0x823
[ 0.003333] ? vprintk_emit+0x7ec/0x823
[ 0.003333] ? console_unlock+0x960/0x960
[ 0.003333] ? console_unlock+0x960/0x960
[ 0.003333] ? memblock_merge_regions+0x2d/0x154
[ 0.003333] ? memblock_merge_regions+0x2d/0x154
[ 0.003333] ? memblock_add_range+0x322/0x333
[ 0.003333] ? memblock_add_range+0x322/0x333
[ 0.003333] ? memblock_reserve+0xbb/0xe1
[ 0.003333] ? memblock_reserve+0xbb/0xe1
[ 0.003333] ? memblock_add+0xe1/0xe1
[ 0.003333] ? memblock_add+0xe1/0xe1
[ 0.003333] ? set_pte+0x24/0x27
[ 0.003333] ? set_pte+0x24/0x27
[ 0.003333] ? vprintk_func+0x94/0xa5
[ 0.003333] ? vprintk_func+0x94/0xa5
[ 0.003333] ? printk+0xb5/0xd1
[ 0.003333] ? printk+0xb5/0xd1
[ 0.003333] ? show_regs_print_info+0x41/0x41
[ 0.003333] ? show_regs_print_info+0x41/0x41
[ 0.003333] ? kasan_populate_zero_shadow+0x37b/0x3f6
[ 0.003333] ? kasan_populate_zero_shadow+0x37b/0x3f6
[ 0.003333] ? native_flush_tlb_global+0x74/0x80
[ 0.003333] ? native_flush_tlb_global+0x74/0x80
[ 0.003333] ? kasan_init+0x211/0x22d
[ 0.003333] ? kasan_init+0x211/0x22d
[ 0.003333] ? setup_arch+0xdfa/0xf3c
[ 0.003333] ? setup_arch+0xdfa/0xf3c
[ 0.003333] ? css_set_populated+0x79/0x79
[ 0.003333] ? css_set_populated+0x79/0x79
[ 0.003333] ? reserve_standard_io_resources+0x39/0x39
[ 0.003333] ? reserve_standard_io_resources+0x39/0x39
[ 0.003333] ? vprintk_func+0x9d/0xa5
[ 0.003333] ? vprintk_func+0x9d/0xa5
[ 0.003333] ? printk+0xb5/0xd1
[ 0.003333] ? printk+0xb5/0xd1
[ 0.003333] ? show_regs_print_info+0x41/0x41
[ 0.003333] ? show_regs_print_info+0x41/0x41
[ 0.003333] ? start_kernel+0xa2/0x515
[ 0.003333] ? start_kernel+0xa2/0x515
[ 0.003333] ? mem_encrypt_init+0xa/0xa
[ 0.003333] ? mem_encrypt_init+0xa/0xa
[ 0.003333] ? x86_family+0x2e/0x33
[ 0.003333] ? x86_family+0x2e/0x33
[ 0.003333] ? load_ucode_bsp+0x58/0xec
[ 0.003333] ? load_ucode_bsp+0x58/0xec
[ 0.003333] ? secondary_startup_64+0xa5/0xb0
[ 0.003333] ? secondary_startup_64+0xa5/0xb0
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Shun
View attachment "config-4.14.0-12953-gc162d5b" of type "text/plain" (107800 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (7836 bytes)
Powered by blists - more mailing lists