lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 14 Mar 2018 13:48:48 +0800
From:   kernel test robot <fengguang.wu@...el.com>
To:     Nipun Gupta <nipun.gupta@....com>
Cc:     hch@....de, robin.murphy@....com, linux@...linux.org.uk,
        gregkh@...uxfoundation.org, m.szyprowski@...sung.com,
        bhelgaas@...gle.com, dmitry.torokhov@...il.com,
        rafael.j.wysocki@...el.com, jarkko.sakkinen@...ux.intel.com,
        linus.walleij@...aro.org, johan@...nel.org, msuchanek@...e.de,
        linux-kernel@...r.kernel.org, iommu@...ts.linux-foundation.org,
        linux-pci@...r.kernel.org, Nipun Gupta <nipun.gupta@....com>,
        lkp@...org
Subject: [dma]  9a019f4251: BUG:unable_to_handle_kernel

FYI, we noticed the following commit (built with gcc-7):

commit: 9a019f425175e1c42b68b5b628492ed07e6b1e22 ("dma-mapping: move dma configuration to bus infrastructure")
url: https://github.com/0day-ci/linux/commits/Nipun-Gupta/dma-mapping-move-dma-configuration-to-bus-infrastructure/20180313-225250


in testcase: trinity
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -m 512M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+------------------------------------------+------------+------------+
|                                          | 3266b5bd97 | 9a019f4251 |
+------------------------------------------+------------+------------+
| boot_successes                           | 8          | 0          |
| boot_failures                            | 0          | 8          |
| BUG:unable_to_handle_kernel              | 0          | 8          |
| Oops:#[##]                               | 0          | 8          |
| RIP:device_release_driver_internal       | 0          | 8          |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 8          |
+------------------------------------------+------------+------------+



[   69.592314] BUG: unable to handle kernel NULL pointer dereference at 0000000000000088
[   69.593011] IP: device_release_driver_internal+0x157/0x230
[   69.593011] PGD 0 P4D 0 
[   69.593011] Oops: 0000 [#1] SMP
[   69.593011] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.16.0-rc4-00340-g9a019f4 #1
[   69.593011] RIP: 0010:device_release_driver_internal+0x157/0x230
[   69.593011] RSP: 0000:ffff89575e43fd70 EFLAGS: 00010292
[   69.593011] RAX: 0000000000000000 RBX: ffff89575c6f58a8 RCX: 0000000000000000
[   69.593011] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000246
[   69.593011] RBP: ffff89575e43fd98 R08: 0000000000000001 R09: 0000000000000000
[   69.593011] R10: ffff89575e43fd48 R11: 0000000000000000 R12: 0000000000000000
[   69.593011] R13: ffff89575c6f5908 R14: ffffffffbd87fba8 R15: 0000000000000060
[   69.593011] FS:  0000000000000000(0000) GS:ffff89575f600000(0000) knlGS:0000000000000000
[   69.593011] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.593011] CR2: 0000000000000088 CR3: 0000000017a1d000 CR4: 00000000000406b0
[   69.593011] Call Trace:
[   69.593011]  device_release_driver+0xd/0x10
[   69.593011]  mac80211_hwsim_new_radio+0x390/0x1000
[   69.593011]  ? hwsim_init_net+0x4e/0x4e
[   69.593011]  init_mac80211_hwsim+0x26a/0x671
[   69.593011]  ? hwsim_init_net+0x4e/0x4e
[   69.593011]  do_one_initcall+0xe1/0x256
[   69.593011]  ? set_debug_rodata+0x3c/0x3c
[   69.593011]  kernel_init_freeable+0x175/0x283
[   69.593011]  ? rest_init+0xc0/0xc0
[   69.593011]  kernel_init+0x9/0x100
[   69.593011]  ret_from_fork+0x3a/0x50
[   69.593011] Code: c0 0f 84 e1 00 00 00 48 8b 40 48 48 85 c0 0f 84 d4 00 00 00 48 89 df e8 98 1c 20 01 48 89 df e8 d0 d0 ff ff 48 8b 83 e0 00 00 00 <48> 8b 80 88 00 00 00 48 85 c0 74 08 48 89 df e8 75 1c 20 01 48 
[   69.593011] RIP: device_release_driver_internal+0x157/0x230 RSP: ffff89575e43fd70
[   69.593011] CR2: 0000000000000088
[   69.593011] ---[ end trace 60349fca5b9c7ff9 ]---


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
lkp

View attachment "config-4.16.0-rc4-00340-g9a019f4" of type "text/plain" (129740 bytes)

View attachment "job-script" of type "text/plain" (3828 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (12316 bytes)

Powered by blists - more mailing lists