| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202502131453.cb6d2e4a-lkp@intel.com>
Date: Thu, 13 Feb 2025 15:45:00 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Dave Penkler <dpenkler@...il.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
<linux-staging@...ts.linux.dev>, <gregkh@...uxfoundation.org>,
<linux-kernel@...r.kernel.org>, Dave Penkler <dpenkler@...il.com>,
<oliver.sang@...el.com>
Subject: Re: [PATCH] staging: gpib: Remove dependencies on !X86_PAE
hi, Dave Penkler,
by this commit, we noticed the config diff with parent:
==================== PARENT FIRST_BAD KCONFIGS 7b66aae77da56f2eabd92d3fb012d2fb98212bbd ====================
--- /pkg/linux/i386-randconfig-005-20250211/gcc-12/7b66aae77da56f2eabd92d3fb012d2fb98212bbd/.config 2025-02-12 21:02:39.882369919 +0800
+++ /pkg/linux/i386-randconfig-005-20250211/gcc-12/01b060a1e15939da2119458ea676709c33f0d26e/.config 2025-02-12 17:50:30.932361132 +0800
@@ -4569,9 +4569,14 @@ CONFIG_GPIB=y
CONFIG_GPIB_COMMON=y
CONFIG_GPIB_AGILENT_82350B=y
CONFIG_GPIB_AGILENT_82357A=y
+CONFIG_GPIB_CEC_PCI=y
+# CONFIG_GPIB_NI_PCI_ISA is not set
+CONFIG_GPIB_CB7210=y
CONFIG_GPIB_NI_USB=y
CONFIG_GPIB_HP82335=y
CONFIG_GPIB_HP82341=y
+CONFIG_GPIB_INES=y
+CONFIG_GPIB_PCMCIA=y
# CONFIG_GPIB_LPVO is not set
CONFIG_GPIB_PC2=y
CONFIG_GPIB_TMS9914=y
then we found the reported issue after below two lines:
[ 7.884853][ T1] agilent_82357a_gpib driver loading
[ 7.884906][ T1] usbcore: registered new interface driver agilent_82357a_gpib
but for parent, there is no this issue. below full report FYI.
Hello,
kernel test robot noticed "BUG:kernel_NULL_pointer_dereference,address" on:
commit: 01b060a1e15939da2119458ea676709c33f0d26e ("[PATCH] staging: gpib: Remove dependencies on !X86_PAE")
url: https://github.com/intel-lab-lkp/linux/commits/Dave-Penkler/staging-gpib-Remove-dependencies-on-X86_PAE/20250205-014405
base: https://git.kernel.org/cgit/linux/kernel/git/gregkh/staging.git 7b66aae77da56f2eabd92d3fb012d2fb98212bbd
patch link: https://lore.kernel.org/all/20250204174254.16576-1-dpenkler@gmail.com/
patch subject: [PATCH] staging: gpib: Remove dependencies on !X86_PAE
in testcase: boot
config: i386-randconfig-005-20250211
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+---------------------------------------------------------------------------+------------+------------+
| | 7b66aae77d | 01b060a1e1 |
+---------------------------------------------------------------------------+------------+------------+
| BUG:kernel_NULL_pointer_dereference,address | 0 | 24 |
| Oops | 0 | 24 |
| EIP:strcmp | 0 | 24 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 24 |
+---------------------------------------------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202502131453.cb6d2e4a-lkp@intel.com
[ 7.884853][ T1] agilent_82357a_gpib driver loading
[ 7.884906][ T1] usbcore: registered new interface driver agilent_82357a_gpib
[ 7.886405][ T1] BUG: kernel NULL pointer dereference, address: 00000000
[ 7.887131][ T1] #PF: supervisor read access in kernel mode
[ 7.887739][ T1] #PF: error_code(0x0000) - not-present page
[ 7.888347][ T1] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 7.889046][ T1] Oops: Oops: 0000 [#1] PREEMPT
[ 7.889536][ T1] CPU: 0 UID: 0 PID: 1 Comm: swapper Not tainted 6.14.0-rc1-00010-g01b060a1e159 #1 f08c34d46b2d33c70805190edc7163ed78d17b6d
[ 7.889552][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 7.889552][ T1] EIP: strcmp (arch/x86/lib/string_32.c:100)
[ 7.889552][ T1] Code: 8b 4d f0 49 78 06 ac aa 84 c0 75 f7 31 c0 aa 5e 89 d8 5b 5e 5f 5d 31 d2 31 c9 c3 3e 8d 74 26 00 55 89 e5 57 89 d7 56 89 c6 ac <ae> 75 08 84 c0 75 f8 31 c0 eb 04 19 c0 0c 01 5e 5f 5d 31 d2 c3 3e
All code
========
0: 8b 4d f0 mov -0x10(%rbp),%ecx
3: 49 78 06 rex.WB js 0xc
6: ac lods %ds:(%rsi),%al
7: aa stos %al,%es:(%rdi)
8: 84 c0 test %al,%al
a: 75 f7 jne 0x3
c: 31 c0 xor %eax,%eax
e: aa stos %al,%es:(%rdi)
f: 5e pop %rsi
10: 89 d8 mov %ebx,%eax
12: 5b pop %rbx
13: 5e pop %rsi
14: 5f pop %rdi
15: 5d pop %rbp
16: 31 d2 xor %edx,%edx
18: 31 c9 xor %ecx,%ecx
1a: c3 ret
1b: 3e 8d 74 26 00 ds lea 0x0(%rsi,%riz,1),%esi
20: 55 push %rbp
21: 89 e5 mov %esp,%ebp
23: 57 push %rdi
24: 89 d7 mov %edx,%edi
26: 56 push %rsi
27: 89 c6 mov %eax,%esi
29: ac lods %ds:(%rsi),%al
2a:* ae scas %es:(%rdi),%al <-- trapping instruction
2b: 75 08 jne 0x35
2d: 84 c0 test %al,%al
2f: 75 f8 jne 0x29
31: 31 c0 xor %eax,%eax
33: eb 04 jmp 0x39
35: 19 c0 sbb %eax,%eax
37: 0c 01 or $0x1,%al
39: 5e pop %rsi
3a: 5f pop %rdi
3b: 5d pop %rbp
3c: 31 d2 xor %edx,%edx
3e: c3 ret
3f: 3e ds
Code starting with the faulting instruction
===========================================
0: ae scas %es:(%rdi),%al
1: 75 08 jne 0xb
3: 84 c0 test %al,%al
5: 75 f8 jne 0xffffffffffffffff
7: 31 c0 xor %eax,%eax
9: eb 04 jmp 0xf
b: 19 c0 sbb %eax,%eax
d: 0c 01 or $0x1,%al
f: 5e pop %rsi
10: 5f pop %rdi
11: 5d pop %rbp
12: 31 d2 xor %edx,%edx
14: c3 ret
15: 3e ds
[ 7.889552][ T1] EAX: c2f01073 EBX: c66fcd00 ECX: 00000000 EDX: 00000000
[ 7.889552][ T1] ESI: c2f0109f EDI: 00000000 EBP: c4759ea4 ESP: c4759e9c
[ 7.889552][ T1] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 EFLAGS: 00010282
[ 7.889552][ T1] CR0: 80050033 CR2: 00000000 CR3: 03a47000 CR4: 000406b0
[ 7.889552][ T1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 7.889552][ T1] DR6: fffe0ff0 DR7: 00000400
[ 7.889552][ T1] Call Trace:
[ 7.889552][ T1] ? show_regs (arch/x86/kernel/dumpstack.c:478)
[ 7.889552][ T1] ? __die_body (arch/x86/kernel/dumpstack.c:421)
[ 7.889552][ T1] ? __die (arch/x86/kernel/dumpstack.c:435)
[ 7.889552][ T1] ? page_fault_oops (arch/x86/mm/fault.c:714)
[ 7.889552][ T1] ? kernelmode_fixup_or_oops+0x55/0x63
[ 7.889552][ T1] ? __bad_area_nosemaphore+0x31/0x17b
[ 7.889552][ T1] ? bad_area_nosemaphore (arch/x86/mm/fault.c:834)
[ 7.889552][ T1] ? do_user_addr_fault (arch/x86/mm/fault.c:1279 (discriminator 1))
[ 7.889552][ T1] ? __this_cpu_preempt_check (lib/smp_processor_id.c:67)
[ 7.889552][ T1] ? exc_page_fault (arch/x86/include/asm/irqflags.h:26 arch/x86/include/asm/irqflags.h:87 arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)
[ 7.889552][ T1] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1493)
[ 7.889552][ T1] ? handle_exception (arch/x86/entry/entry_32.S:1048)
[ 7.889552][ T1] ? rs690_fix_64bit_dma (arch/x86/pci/fixup.c:801)
[ 7.889552][ T1] ? psi_show (kernel/sched/psi.c:1241)
[ 7.889552][ T1] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1493)
[ 7.889552][ T1] ? strcmp (arch/x86/lib/string_32.c:100)
[ 7.889552][ T1] ? psi_show (kernel/sched/psi.c:1241)
[ 7.889552][ T1] ? pvclock_clocksource_read_nowd (arch/x86/mm/fault.c:1493)
[ 7.889552][ T1] ? strcmp (arch/x86/lib/string_32.c:100)
[ 7.889552][ T1] kset_find_obj (lib/kobject.c:912)
[ 7.889552][ T1] driver_find (drivers/base/bus.c:1333)
[ 7.889552][ T1] driver_register (drivers/base/driver.c:243)
[ 7.889552][ T1] pcmcia_register_driver (drivers/pcmcia/ds.c:187)
[ 7.889552][ T1] cb7210_init_module (drivers/staging/gpib/cb7210/cb7210.c:1571)
[ 7.889552][ T1] ? agilent_82357a_init_module (drivers/staging/gpib/cb7210/cb7210.c:1507)
[ 7.889552][ T1] do_one_initcall (init/main.c:1257)
[ 7.889552][ T1] ? do_initcalls (init/main.c:1317 init/main.c:1335)
[ 7.889552][ T1] do_initcalls (init/main.c:1318 init/main.c:1335)
[ 7.889552][ T1] ? rest_init (init/main.c:1449)
[ 7.889552][ T1] kernel_init_freeable (init/main.c:1570)
[ 7.889552][ T1] kernel_init (init/main.c:1459)
[ 7.889552][ T1] ret_from_fork (arch/x86/kernel/process.c:154)
[ 7.889552][ T1] ? rest_init (init/main.c:1449)
[ 7.889552][ T1] ret_from_fork_asm (arch/x86/entry/entry_32.S:737)
[ 7.889552][ T1] entry_INT80_32 (arch/x86/entry/entry_32.S:945)
[ 7.889552][ T1] Modules linked in:
[ 7.889552][ T1] CR2: 0000000000000000
[ 7.889552][ T1] ---[ end trace 0000000000000000 ]---
[ 7.889552][ T1] EIP: strcmp (arch/x86/lib/string_32.c:100)
[ 7.889552][ T1] Code: 8b 4d f0 49 78 06 ac aa 84 c0 75 f7 31 c0 aa 5e 89 d8 5b 5e 5f 5d 31 d2 31 c9 c3 3e 8d 74 26 00 55 89 e5 57 89 d7 56 89 c6 ac <ae> 75 08 84 c0 75 f8 31 c0 eb 04 19 c0 0c 01 5e 5f 5d 31 d2 c3 3e
All code
========
0: 8b 4d f0 mov -0x10(%rbp),%ecx
3: 49 78 06 rex.WB js 0xc
6: ac lods %ds:(%rsi),%al
7: aa stos %al,%es:(%rdi)
8: 84 c0 test %al,%al
a: 75 f7 jne 0x3
c: 31 c0 xor %eax,%eax
e: aa stos %al,%es:(%rdi)
f: 5e pop %rsi
10: 89 d8 mov %ebx,%eax
12: 5b pop %rbx
13: 5e pop %rsi
14: 5f pop %rdi
15: 5d pop %rbp
16: 31 d2 xor %edx,%edx
18: 31 c9 xor %ecx,%ecx
1a: c3 ret
1b: 3e 8d 74 26 00 ds lea 0x0(%rsi,%riz,1),%esi
20: 55 push %rbp
21: 89 e5 mov %esp,%ebp
23: 57 push %rdi
24: 89 d7 mov %edx,%edi
26: 56 push %rsi
27: 89 c6 mov %eax,%esi
29: ac lods %ds:(%rsi),%al
2a:* ae scas %es:(%rdi),%al <-- trapping instruction
2b: 75 08 jne 0x35
2d: 84 c0 test %al,%al
2f: 75 f8 jne 0x29
31: 31 c0 xor %eax,%eax
33: eb 04 jmp 0x39
35: 19 c0 sbb %eax,%eax
37: 0c 01 or $0x1,%al
39: 5e pop %rsi
3a: 5f pop %rdi
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250213/202502131453.cb6d2e4a-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists