| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Aug 2020 16:49:44 +0800
From: kernel test robot <rong.a.chen@...el.com>
To: Marek Szyprowski <m.szyprowski@...sung.com>
Cc: linux-clk@...r.kernel.org, linux-pm@...r.kernel.org,
linux-samsung-soc@...r.kernel.org,
Marek Szyprowski <m.szyprowski@...sung.com>,
Sylwester Nawrocki <snawrocki@...nel.org>,
Chanwoo Choi <cw00.choi@...sung.com>,
Krzysztof Kozlowski <krzk@...nel.org>,
Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>,
Lukasz Luba <lukasz.luba@....com>,
Stephen Boyd <sboyd@...nel.org>, 0day robot <lkp@...el.com>,
LKML <linux-kernel@...r.kernel.org>, lkp@...ts.01.org
Subject: [clk] a2499eff4b: BUG:kernel_NULL_pointer_dereference,address
Greeting,
FYI, we noticed the following commit (built with gcc-9):
commit: a2499eff4b30a85d56e4466e6ca4746c72a347c6 ("[PATCH v2] clk: samsung: Keep top BPLL mux on Exynos542x enabled")
url: https://github.com/0day-ci/linux/commits/Marek-Szyprowski/clk-samsung-Keep-top-BPLL-mux-on-Exynos542x-enabled/20200807-213239
base: https://git.kernel.org/cgit/linux/kernel/git/clk/linux.git clk-next
in testcase: trinity
with following parameters:
runtime: 300s
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-----------------------------------------------------------+------------+------------+
| | dd9c697a94 | a2499eff4b |
+-----------------------------------------------------------+------------+------------+
| boot_successes | 4 | 5 |
| boot_failures | 0 | 7 |
| BUG:kernel_NULL_pointer_dereference,address | 0 | 7 |
| Oops:#[##] | 0 | 7 |
| EIP:check_preempt_wakeup | 0 | 6 |
| EIP:lock_release | 0 | 2 |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 6 |
| EIP:preempt_count_sub | 0 | 1 |
| EIP:trace_preempt_on | 0 | 1 |
| WARNING:at_kernel/rcu/rcutorture.c:#rcutorture_oom_notify | 0 | 1 |
| EIP:rcutorture_oom_notify | 0 | 1 |
| EIP:rcu_torture_fwd_cb_hist | 0 | 1 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 1 |
| EIP:check_poison_obj | 0 | 1 |
| EIP:clear_user | 0 | 1 |
+-----------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <rong.a.chen@...el.com>
[ 41.780557] BUG: kernel NULL pointer dereference, address: 00000050
[ 41.781493] #PF: supervisor read access in kernel mode
[ 41.782161] #PF: error_code(0x0000) - not-present page
[ 41.782827] *pde = 00000000
[ 41.783213] Oops: 0000 [#1] PREEMPT SMP
[ 41.783775] CPU: 0 PID: 435 Comm: dropbearkey Not tainted 5.8.0-rc1-00185-ga2499eff4b30a8 #5
[ 41.792945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 41.794014] EIP: check_preempt_wakeup+0x224/0x610
[ 41.794611] Code: cc 8b 15 a4 c5 86 cc 8b 75 ec eb 1e 8d b4 26 00 00 00 00 8d 76 00 8b 5b 4c 8b 76 4c 83 05 98 c5 86 cc 01 83 15 9c c5 86 cc 00 <8b> 4b 50 3b 4e 50 75 e4 83 c0 01 83 d2 00 a3 a0 c5 86 cc 89 15 a4
[ 41.796956] EAX: 00009486 EBX: 00000000 ECX: 00000000 EDX: 00000000
[ 41.797754] ESI: f432cb60 EDI: 00000000 EBP: f4129e8c ESP: f4129e4c
[ 41.798527] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010046
[ 41.799360] CR0: 80050033 CR2: 00000050 CR3: 3123c000 CR4: 000006d0
[ 41.800144] Call Trace:
[ 41.800519] <SOFTIRQ>
[ 41.800889] check_preempt_curr+0x13a/0x220
[ 41.801435] ttwu_do_wakeup+0x25/0x520
[ 41.801897] ? activate_task+0x67/0x210
[ 41.802394] ttwu_do_activate+0x8b/0x130
[ 41.802907] try_to_wake_up+0x853/0xeb0
[ 41.803416] ? run_timer_softirq+0x90/0x90
[ 41.803957] wake_up_process+0x22/0x40
[ 41.804499] process_timeout+0x1e/0x30
[ 41.804962] call_timer_fn+0xf2/0x5a0
[ 41.805428] ? run_timer_softirq+0x90/0x90
[ 41.805957] __run_timers+0x27f/0x3c0
[ 41.806437] ? run_timer_softirq+0x90/0x90
[ 41.807078] ? __do_softirq+0x8c/0x7e7
[ 41.807577] ? __do_softirq+0x8c/0x7e7
[ 41.808103] ? trace_preempt_off+0x31/0x250
[ 41.808671] run_timer_softirq+0x3d/0x90
[ 41.809183] __do_softirq+0x203/0x7e7
[ 41.809658] ? __softirqentry_text_start+0x8/0x8
[ 41.810237] do_softirq_own_stack+0x48/0x60
[ 41.810768] </SOFTIRQ>
[ 41.811135] ? sysvec_call_function_single+0x80/0x80
[ 41.811745] irq_exit_rcu+0x233/0x270
[ 41.812226] sysvec_apic_timer_interrupt+0x57/0x90
[ 41.812873] handle_exception+0x110/0x110
[ 41.813429] EIP: 0x80653cd
[ 41.813803] Code: Bad RIP value.
[ 41.814224] EAX: db711762 EBX: 0000004a ECX: 00000024 EDX: 0090295e
[ 41.815025] ESI: bff9ba10 EDI: 08565340 EBP: bff9b998 ESP: bff9b160
[ 41.815820] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000a83
[ 41.819646] Modules linked in:
[ 41.820123] CR2: 0000000000000050
[ 41.820586] ---[ end trace ae3e72db222d1a93 ]---
To reproduce:
# build kernel
cd linux
cp config-5.8.0-rc1-00185-ga2499eff4b30a8 .config
make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
Rong Chen
View attachment "config-5.8.0-rc1-00185-ga2499eff4b30a8" of type "text/plain" (137921 bytes)
View attachment "job-script" of type "text/plain" (4552 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (20272 bytes)
Powered by blists - more mailing lists