lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20201109062934.GA7739@xsang-OptiPlex-9020>
Date:   Mon, 9 Nov 2020 14:29:34 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Lars Poeschel <poeschel@...onage.de>
Cc:     Miguel Ojeda <ojeda@...nel.org>, kernel test robot <lkp@...el.com>,
        Willy Tarreau <w@....eu>, LKML <linux-kernel@...r.kernel.org>,
        Linux Memory Management List <linux-mm@...ck.org>,
        lkp@...ts.01.org
Subject: [auxdisplay]  b26deabb1d: BUG:kernel_NULL_pointer_dereference,address

Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: b26deabb1d915fe87d395081bbd3058b938dee89 ("auxdisplay: hd44780_common_print")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master


in testcase: trinity
version: trinity-i386
with following parameters:

	runtime: 300s

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 8G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+----------------------------------------------------------------------------+------------+------------+
|                                                                            | 11588b59cf | b26deabb1d |
+----------------------------------------------------------------------------+------------+------------+
| BUG:kernel_NULL_pointer_dereference,address                                | 0          | 20         |
| Oops:#[##]                                                                 | 0          | 20         |
| Kernel_panic-not_syncing:Fatal_exception                                   | 0          | 20         |
+----------------------------------------------------------------------------+------------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>


[    6.798731] BUG: kernel NULL pointer dereference, address: 00000000
[    6.798780] #PF: supervisor read access in kernel mode
[    6.798780] #PF: error_code(0x0000) - not-present page
[    6.798780] *pde = 00000000 
[    6.798780] Oops: 0000 [#1]
[    6.798780] CPU: 0 PID: 1 Comm: swapper Tainted: G S                5.10.0-rc2-00008-gb26deabb1d91 #1
[    6.798780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[    6.798780] EIP: 0x0
[    6.798780] Code: Unable to access opcode bytes at RIP 0xffffffd6.
[    6.798780] EAX: c689ea00 EBX: c689ea00 ECX: c2aba7ec EDX: 0000004c
[    6.798780] ESI: c69ab120 EDI: c320980d EBP: c4b67e44 ESP: c4b67e3c
[    6.798780] DS: 007b ES: 007b FS: 0000 GS: 00e0 SS: 0068 EFLAGS: 00010246
[    6.798780] CR0: 80050033 CR2: ffffffd6 CR3: 039df000 CR4: 000406d0
[    6.798780] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[    6.798780] DR6: fffe0ff0 DR7: 00000400
[    6.798780] Call Trace:
[    6.798780]  charlcd_print+0x1d/0x60
[    6.798780]  charlcd_write_char+0xd2/0x220
[    6.798780]  charlcd_puts+0x2b/0x60
[    6.798780]  charlcd_register+0x94/0xe0
[    6.798780]  ? parport_irq_handler+0x60/0x60
[    6.798780]  panel_attach+0xb3/0x420
[    6.798780]  ? mark_held_locks+0x3e/0x80
[    6.798780]  ? parport_irq_handler+0x60/0x60
[    6.798780]  port_check+0x19/0x20
[    6.798780]  bus_for_each_dev+0x49/0x80
[    6.798780]  __parport_register_driver+0x7a/0xa0
[    6.798780]  ? parport_irq_handler+0x60/0x60
[    6.798780]  ? ht16k33_driver_init+0x11/0x11
[    6.798780]  panel_init_module+0x1a6/0x1ee
[    6.798780]  do_one_initcall+0x5e/0x240
[    6.798780]  ? parse_args+0x151/0x280
[    6.798780]  ? rcu_read_lock_sched_held+0x1b/0x40
[    6.798780]  ? trace_initcall_level+0x4d/0x74
[    6.798780]  do_initcalls+0xaa/0xc9
[    6.798780]  kernel_init_freeable+0x81/0xab
[    6.798780]  ? rest_init+0x10d/0x10d
[    6.798780]  kernel_init+0x8/0xf3
[    6.798780]  ret_from_fork+0x19/0x30
[    6.798780] Modules linked in:
[    6.798780] CR2: 0000000000000000
[    6.798780] ---[ end trace b407eb061aec0003 ]---


To reproduce:

        # build kernel
	cd linux
	cp config-5.10.0-rc2-00008-gb26deabb1d91 .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email



Thanks,
Oliver Sang


View attachment "config-5.10.0-rc2-00008-gb26deabb1d91" of type "text/plain" (149333 bytes)

View attachment "job-script" of type "text/plain" (4302 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (14056 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ