lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b772c39f-c5ae-8f17-fe6e-6a2bc4d1f83b@kernel.org>
Date:   Mon, 29 Aug 2022 11:16:34 +0200
From:   Jiri Slaby <jirislaby@...nel.org>
To:     Hans de Goede <hdegoede@...hat.com>,
        Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux regressions mailing list <regressions@...ts.linux.dev>,
        Thomas Gleixner <tglx@...utronix.de>,
        Borislav Petkov <bp@...e.de>, Oleg Nesterov <oleg@...hat.com>
Subject: Weird RIP printed in BUGs [was: 6.0 tty regression, NULL pointer
 deref in flush_to_ldisc]

Hi,

On 29. 08. 22, 10:37, Hans de Goede wrote:
> [   28.626537] BUG: kernel NULL pointer dereference, address: 0000000000000000
> [   28.626555] #PF: supervisor instruction fetch in kernel mode
> [   28.626563] #PF: error_code(0x0010) - not-present page
> [   28.626569] PGD 0 P4D 0
> [   28.626580] Oops: 0010 [#1] PREEMPT SMP PTI
> [   28.626589] CPU: 2 PID: 8 Comm: kworker/u8:0 Tainted: G         C  E      6.0.0-rc2+ #102
> [   28.626598] Hardware name: MPMAN Converter9/Converter9, BIOS 5.6.5 07/28/2015
> [   28.626604] Workqueue: events_unbound flush_to_ldisc
> [   28.626617] RIP: 0010:0x0
> [   28.626633] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.

Irrelevant to the original report, this new message format (the old 
being "Bad RIP value") confuses me. It always makes me think how can RIP 
be -42. So can we either:

1) print regs->ip value (0x0000000000000000) instead of prologue value 
(regs->ip - 42 = 0xffffffffffffffd6) here? Even though we really pass 
"regs->ip - 42" to copy_code()), or

2) don't print "RIP" in that message. So only "at 0xffffffffffffffd6"

? (I can send a patch for whichever is preferred, if anything.)

thanks,
-- 
js
suse labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ