lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+G9fYvB61RTie=PKQau1m2WWQNUQ++ZY+W_of4kXVh5P26B0w@mail.gmail.com>
Date: Thu, 25 Apr 2024 12:10:34 +0530
From: Naresh Kamboju <naresh.kamboju@...aro.org>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: stable@...r.kernel.org, patches@...ts.linux.dev, 
	linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org, 
	akpm@...ux-foundation.org, linux@...ck-us.net, shuah@...nel.org, 
	patches@...nelci.org, lkft-triage@...ts.linaro.org, pavel@...x.de, 
	jonathanh@...dia.com, f.fainelli@...il.com, sudipm.mukherjee@...il.com, 
	srw@...dewatkins.net, rwarsow@....de, conor@...nel.org, allen.lkml@...il.com, 
	broonie@...nel.org, Arnd Bergmann <arnd@...db.de>, 
	Linus Walleij <linus.walleij@...aro.org>
Subject: Re: [PATCH 6.8 000/158] 6.8.8-rc1 review

On Wed, 24 Apr 2024 at 03:11, Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
>
> This is the start of the stable review cycle for the 6.8.8 release.
> There are 158 patches in this series, all will be posted as a response
> to this one.  If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Thu, 25 Apr 2024 21:38:28 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
>         https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.8.8-rc1.gz
> or in the git tree and branch at:
>         git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.8.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h


Results from Linaro’s test farm.
No regressions on arm64, x86_64, and i386.

One regression on arm,
the TI BeagleBoard-X15 device kunit test boot failed and
it is always reproducible.

Not a problem on qemu-armv7.

However, I am bisecting this problem and let you know shortly.

Links:
---
 - https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2fWFwczHZDFUGnjqyT1mZ6wIeS9
 - https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.8.y/build/v6.8.7-159-g9919cd9ab988/testrun/23660959/suite/boot/test/gcc-13-lkftconfig-kunit/details/

log:
-- 
[   45.931457] BUG: KASAN: slab-out-of-bounds in
krealloc_more_oob_helper+0x464/0x4c0
[   45.950073] Write of size 1 at addr cacc68eb by task kunit_try_catch/176
[   45.956817]
[   45.958312] CPU: 0 PID: 176 Comm: kunit_try_catch Tainted: G    B
W        N 6.8.8-rc1 #1
[   45.966735] Hardware name: Generic DRA74X (Flattened Device Tree)
[   45.972869]  unwind_backtrace from show_stack+0x18/0x1c
[   45.978149]  show_stack from dump_stack_lvl+0x6c/0x8c
[   45.983245]  dump_stack_lvl from print_report+0x158/0x510
[   45.988677]  print_report from kasan_report+0xc8/0x104
[   45.993865]  kasan_report from krealloc_more_oob_helper+0x464/0x4c0
[   46.000183]  krealloc_more_oob_helper from kunit_try_run_case+0x224/0x598
[   46.007019]  kunit_try_run_case from
kunit_generic_run_threadfn_adapter+0x84/0xe4
[   46.014556]  kunit_generic_run_threadfn_adapter from kthread+0x378/0x410
[   46.021331]  kthread from ret_from_fork+0x14/0x28
[   46.026062] Exception stack(0xf219bfb0 to 0xf219bff8)
[   46.031158] bfa0:                                     00000000
00000000 00000000 00000000
[   46.039367] bfc0: 00000000 00000000 00000000 00000000 00000000
00000000 00000000 00000000
[   46.047607] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
[   46.054260]
[   46.055755] Allocated by task 176:
[   46.059173]  kasan_save_track+0x30/0x5c
[   46.063049]  __kasan_krealloc+0xf0/0x13c
[   46.067016]  krealloc+0xb8/0xfc
[   46.070190]  krealloc_more_oob_helper+0xd4/0x4c0
[   46.074829]  kunit_try_run_case+0x224/0x598
[   46.079040]  kunit_generic_run_threadfn_adapter+0x84/0xe4
[   46.084472]  kthread+0x378/0x410
[   46.087738]  ret_from_fork+0x14/0x28
[   46.091339]
[   46.092834] The buggy address belongs to the object at cacc6800
[   46.092834]  which belongs to the cache kmalloc-256 of size 256
[   46.104736] The buggy address is located 0 bytes to the right of
[   46.104736]  allocated 235-byte region [cacc6800, cacc68eb)
[   46.116363]
[   46.117858] The buggy address belongs to the physical page:
[   46.123474] page:af853d8a refcount:1 mapcount:0 mapping:00000000
index:0x0 pfn:0x8acc6
[   46.131439] head:af853d8a order:1 entire_mapcount:0
nr_pages_mapped:0 pincount:0
[   46.138885] flags: 0x840(slab|head|zone=0)
[   46.143005] page_type: 0xffffffff()
[   46.146514] raw: 00000840 c6801500 00000122 00000000 00000000
80100010 ffffffff 00000001
[   46.154663] raw: 00000000
[   46.157287] page dumped because: kasan: bad access detected
[   46.162902]
[   46.164398] Memory state around the buggy address:
[   46.169219]  cacc6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   46.175781]  cacc6800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   46.182373] >cacc6880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc
[   46.188934]                                                   ^
[   46.194885]  cacc6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   46.201446]  cacc6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   46.208038] ==================================================================
[   46.215454] hub 1-1:1.0: 4 ports detected
[   46.215637] ==================================================================
[   46.226745] BUG: KASAN: slab-out-of-bounds in
krealloc_more_oob_helper+0x458/0x4c0
[   46.234374] Write of size 1 at addr cacc68f0 by task kunit_try_catch/176
<common> [   46.570037]  krealloc_less_oob_helper from
kunit_try_run_case+0x224/0x598
<common> [   46.576873]  kunit_try_run_case from
kunit_generic_run_threadfn_adapter+0x84/0xe4
<common> [   46.584411]  kunit_generic_run_threadfn_adapter from
kthread+0x378/0x410

## Build
* kernel: 6.8.8-rc1
* git: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc
* git branch: linux-6.8.y
* git commit: ea4e35f1afd7d7d003c345bf14862183910ecc6b
* git describe: v6.8.7-159-gea4e35f1afd7
* test details:
https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.8.y/build/v6.8.7-159-gea4e35f1afd7

--
Linaro LKFT
https://lkft.linaro.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ