lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Thu, 20 Oct 2022 09:14:16 +0800
From:   kernel test robot <lkp@...el.com>
To:     Aaron Tomlin <atomlin@...hat.com>
Cc:     kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org,
        Luis Chamberlain <mcgrof@...nel.org>,
        Christophe Leroy <christophe.leroy@...roup.eu>
Subject: kernel/module/main.c:912:1: sparse: sparse: Using plain integer as
 NULL pointer

Hi Aaron,

First bad commit (maybe != root cause):

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   aae703b02f92bde9264366c545e87cec451de471
commit: cfc1d277891eb499b3b5354df33b30f598683e90 module: Move all into module/
date:   7 months ago
config: s390-randconfig-s053-20221019
compiler: s390-linux-gcc (GCC) 12.1.0
reproduce:
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # apt-get install sparse
        # sparse version: v0.6.4-39-gce1a6720-dirty
        # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfc1d277891eb499b3b5354df33b30f598683e90
        git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
        git fetch --no-tags linus master
        git checkout cfc1d277891eb499b3b5354df33b30f598683e90
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=s390 SHELL=/bin/bash kernel/module/

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@...el.com>

sparse warnings: (new ones prefixed by >>)
>> kernel/module/main.c:912:1: sparse: sparse: Using plain integer as NULL pointer
>> kernel/module/main.c:912:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:2761:23: sparse: sparse: incorrect type in assignment (different address spaces) @@     expected struct mod_kallsyms [noderef] __rcu *kallsyms @@     got void * @@
   kernel/module/main.c:2761:23: sparse:     expected struct mod_kallsyms [noderef] __rcu *kallsyms
   kernel/module/main.c:2761:23: sparse:     got void *
   kernel/module/main.c:4169:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:4169:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:4169:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:4169:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:4189:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:4189:1: sparse: sparse: Using plain integer as NULL pointer
   kernel/module/main.c:4486:52: sparse: sparse: incorrect type in initializer (different address spaces) @@     expected struct mod_kallsyms *kallsyms @@     got struct mod_kallsyms [noderef] __rcu *kallsyms @@
   kernel/module/main.c:4486:52: sparse:     expected struct mod_kallsyms *kallsyms
   kernel/module/main.c:4486:52: sparse:     got struct mod_kallsyms [noderef] __rcu *kallsyms
   kernel/module/main.c: note: in included file (through include/linux/mm_types.h, include/linux/buildid.h, include/linux/module.h, ...):
   include/linux/rbtree.h:74:9: sparse: sparse: incompatible types in comparison expression (different address spaces):
   include/linux/rbtree.h:74:9: sparse:    struct rb_node [noderef] __rcu *
   include/linux/rbtree.h:74:9: sparse:    struct rb_node *
   include/linux/rbtree.h:74:9: sparse: sparse: incompatible types in comparison expression (different address spaces):
   include/linux/rbtree.h:74:9: sparse:    struct rb_node [noderef] __rcu *
   include/linux/rbtree.h:74:9: sparse:    struct rb_node *

vim +912 kernel/module/main.c

^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  911  
17da2bd90abf428 kernel/module.c Heiko Carstens      2009-01-14 @912  SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
17da2bd90abf428 kernel/module.c Heiko Carstens      2009-01-14  913  		unsigned int, flags)
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  914  {
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  915  	struct module *mod;
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  916  	char name[MODULE_NAME_LEN];
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  917  	int ret, forced = 0;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  918  
3d43321b7015387 kernel/module.c Kees Cook           2009-04-02  919  	if (!capable(CAP_SYS_MODULE) || modules_disabled)
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  920  		return -EPERM;
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  921  
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  922  	if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  923  		return -EFAULT;
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  924  	name[MODULE_NAME_LEN-1] = '\0';
dfff0a0671baf4e kernel/module.c Greg Kroah-Hartman  2007-02-23  925  
f6276ac95bde431 kernel/module.c Richard Guy Briggs  2017-05-02  926  	audit_log_kern_module(name);
f6276ac95bde431 kernel/module.c Richard Guy Briggs  2017-05-02  927  
3fc1f1e27a5b807 kernel/module.c Tejun Heo           2010-05-06  928  	if (mutex_lock_interruptible(&module_mutex) != 0)
3fc1f1e27a5b807 kernel/module.c Tejun Heo           2010-05-06  929  		return -EINTR;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  930  
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  931  	mod = find_module(name);
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  932  	if (!mod) {
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  933  		ret = -ENOENT;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  934  		goto out;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  935  	}
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  936  
2c02dfe7fe3fba9 kernel/module.c Linus Torvalds      2010-05-31  937  	if (!list_empty(&mod->source_list)) {
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  938  		/* Other modules depend on us: get rid of them first. */
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  939  		ret = -EWOULDBLOCK;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  940  		goto out;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  941  	}
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  942  
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  943  	/* Doing init or already dying? */
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  944  	if (mod->state != MODULE_STATE_LIVE) {
3f2b9c9cdf389e3 kernel/module.c Rusty Russell       2013-09-17  945  		/* FIXME: if (force), slam module count damn the torpedoes */
5e12416927975aa kernel/module.c Jim Cromie          2011-12-06  946  		pr_debug("%s already dying\n", mod->name);
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  947  		ret = -EBUSY;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  948  		goto out;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  949  	}
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  950  
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  951  	/* If it has an init func, it must have an exit func to unload */
af49d9248fca6f2 kernel/module.c Rusty Russell       2007-10-16  952  	if (mod->init && !mod->exit) {
fb1697933a03ec4 kernel/module.c Akinobu Mita        2006-01-08  953  		forced = try_force_unload(flags);
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  954  		if (!forced) {
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  955  			/* This module can't be removed */
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  956  			ret = -EBUSY;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  957  			goto out;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  958  		}
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  959  	}
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  960  
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  961  	ret = try_stop_module(mod, flags, &forced);
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  962  	if (ret != 0)
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  963  		goto out;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  964  
6389a385114ae35 kernel/module.c Ashutosh Naik       2006-03-23  965  	mutex_unlock(&module_mutex);
df4b565e1fbc777 kernel/module.c Peter Oberparleiter 2008-04-21  966  	/* Final destruction now no one is using it. */
df4b565e1fbc777 kernel/module.c Peter Oberparleiter 2008-04-21  967  	if (mod->exit != NULL)
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  968  		mod->exit();
df4b565e1fbc777 kernel/module.c Peter Oberparleiter 2008-04-21  969  	blocking_notifier_call_chain(&module_notify_list,
df4b565e1fbc777 kernel/module.c Peter Oberparleiter 2008-04-21  970  				     MODULE_STATE_GOING, mod);
7e545d6eca20ce8 kernel/module.c Jessica Yu          2016-03-16  971  	klp_module_going(mod);
7dcd182bec271ab kernel/module.c Jessica Yu          2016-02-16  972  	ftrace_release_mod(mod);
7dcd182bec271ab kernel/module.c Jessica Yu          2016-02-16  973  
22a9d645677feef kernel/module.c Arjan van de Ven    2009-01-07  974  	async_synchronize_full();
75676500f8298f0 kernel/module.c Rusty Russell       2010-06-05  975  
e14af7eeb47ea96 kernel/module.c Arjan van de Ven    2008-01-25  976  	/* Store the name of the last unloaded module for diagnostic purposes */
efa5345e39d01de kernel/module.c Rusty Russell       2008-01-29  977  	strlcpy(last_unloaded_module, mod->name, sizeof(last_unloaded_module));
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  978  
75676500f8298f0 kernel/module.c Rusty Russell       2010-06-05  979  	free_module(mod);
5d603311615f612 kernel/module.c Konstantin Khorenko 2019-11-13  980  	/* someone could wait for the module in add_unformed_module() */
5d603311615f612 kernel/module.c Konstantin Khorenko 2019-11-13  981  	wake_up_all(&module_wq);
75676500f8298f0 kernel/module.c Rusty Russell       2010-06-05  982  	return 0;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  983  out:
6389a385114ae35 kernel/module.c Ashutosh Naik       2006-03-23  984  	mutex_unlock(&module_mutex);
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  985  	return ret;
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  986  }
^1da177e4c3f415 kernel/module.c Linus Torvalds      2005-04-16  987  

:::::: The code at line 912 was first introduced by commit
:::::: 17da2bd90abf428523de0fb98f7075e00e3ed42e [CVE-2009-0029] System call wrappers part 08

:::::: TO: Heiko Carstens <heiko.carstens@...ibm.com>
:::::: CC: Heiko Carstens <heiko.carstens@...ibm.com>

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

View attachment "config" of type "text/plain" (85839 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ