lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e8207b09-265b-60a6-7fb0-51dda7cf59d6@linux.ibm.com>
Date:   Mon, 7 Jun 2021 16:32:14 +0200
From:   Peter Oberparleiter <oberpar@...ux.ibm.com>
To:     Luis Henriques <lhenriques@...e.de>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: gcov: NULL pointer dereference with gcc 9.3.1

On 02.06.2021 16:22, Luis Henriques wrote:
> On Wed, Jun 02, 2021 at 02:35:31PM +0200, Peter Oberparleiter wrote:
>> On 01.06.2021 17:56, Luis Henriques wrote:
>>> Hi!
>>>
>>> Maybe this is a known (gcc?) issue, but I'm seeing a NULL pointer splat if
>>> I instrument my kernel (or a module, more specifically) using gcc 9.3.1.
>>>
>>> It looks like, during initialization in __gcov_init(), gcov_info struct is
>>> invalid: the filename seems to be correct but ->function is NULL and
>>> ->n_functions contains garbage.
>>
>> Thanks for reporting this issue. The symptoms you're seeing look similar
>> to those that occur when the struct gcov_info layout emitted by GCC does
>> not match the one used by the kernel. In particular a change in the
>> GCOV_COUNTER value can cause this behavior.
>>
>> I've checked upstream GCC 9.3.1 and it seems to match what is used by
>> the kernel for that GCC version. Could you provide the exact version of
>> the compiler you are using? Both 'gcc --version' output and the GCC
>> package version should help. Also what architecture are you seeing this on?
> 
> Here's the output of 'gcc --version':
> 
> gcc (SUSE Linux) 9.3.1 20200903 [revision 9790fa53b48f3a48e0f7a7ad65e2bbf3b206a7b0]
> Copyright (C) 2019 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions.  There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> 
> This is the version shipped with openSUSE Tumbleweed, and I'm using it to
> compile an x86_64 kernel.  Regarding the 'package version', I'm assuming
> the packages as per the distro package version, right?  Here's the data
> from 'zypper info':
> 
> Information for package gcc9:
> -----------------------------
> Repository     : Main Repository (OSS)
> Name           : gcc9
> Version        : 9.3.1+git1684-3.5
> Arch           : x86_64
> Vendor         : openSUSE
> Installed Size : 94.6 MiB
> Installed      : Yes (automatically)
> Status         : up-to-date
> Source package : gcc9-9.3.1+git1684-3.5.src

I've checked the source you referenced and found that it contains a
backport of a change to gcov_info that was only introduced with GCC 10
to upstream source: the value of GCOV_COUNTERS was reduced from 9 to 8.

Since I don't think it's feasible to implement support for such
vendor-specific changes in the upstream kernel source my suggestion for
you would be to either

a) fall back to a vanilla GCC version,
b) fall back to a known-to-work vendor-specific GCC version (GCC 10
   should be fine), or
c) to manually change the GCOV_COUNTERS value in
   linux/kernel/gcov/gcc_4_7.c to 8.

> Do you have a link with binaries I could test for upstream 9.3.1?  I
> checked [1] but there's only 9.3.0.

I'm not sure there is any. My analysis was based on source code for
9.3.0 alone.


Regards,
  Peter Oberparleiter

-- 
Peter Oberparleiter
Linux on Z Development - IBM Germany

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ