lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202504131701.941039cd-lkp@intel.com>
Date: Mon, 14 Apr 2025 09:59:25 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Peter Zijlstra <peterz@...radead.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
	<x86@...nel.org>, Ravi Bangoria <ravi.bangoria@....com>,
	<linux-perf-users@...r.kernel.org>, <oliver.sang@...el.com>
Subject: [tip:perf/core] [perf]  da916e96e2:
  BUG:KASAN:null-ptr-deref_in_put_event



Hello,

kernel test robot noticed "BUG:KASAN:null-ptr-deref_in_put_event" on:

commit: da916e96e2dedcb2d40de77a7def833d315b81a6 ("perf: Make perf_pmu_unregister() useable")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git perf/core

[test failed on linux-next/master 29e7bf01ed8033c9a14ed0dc990dfe2736dbcd18]

in testcase: trinity
version: trinity-x86_64-ba2360ed-1_20241228
with following parameters:

	runtime: 300s
	group: group-02
	nr_groups: 5



config: x86_64-randconfig-078-20250407
compiler: clang-20
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202504131701.941039cd-lkp@intel.com



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250413/202504131701.941039cd-lkp@intel.com


[  100.647813][ T3900] ==================================================================
[  100.648676][ T3900] BUG: KASAN: null-ptr-deref in put_event+0x2a/0x730
[  100.649303][ T3900] Write of size 8 at addr 0000000000000237 by task trinity-c1/3900
[  100.650021][ T3900] 
[  100.650314][ T3900] CPU: 1 UID: 65534 PID: 3900 Comm: trinity-c1 Tainted: G                T   6.15.0-rc1-00011-gda916e96e2de #1 PREEMPT(voluntary) 
[  100.650323][ T3900] Tainted: [T]=RANDSTRUCT
[  100.650325][ T3900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.650328][ T3900] Call Trace:
[  100.650332][ T3900]  <TASK>
[  100.650334][ T3900]  __dump_stack+0x19/0x30
[  100.650345][ T3900]  dump_stack_lvl+0xaf/0x118
[  100.650350][ T3900]  print_report+0x41/0x2d0
[  100.650359][ T3900]  kasan_report+0x15c/0x1a0
[  100.650367][ T3900]  ? put_event+0x2a/0x730
[  100.650373][ T3900]  ? put_event+0x2a/0x730
[  100.650379][ T3900]  kasan_check_range+0x2b3/0x2c0
[  100.650383][ T3900]  __kasan_check_write+0x18/0x20
[  100.650389][ T3900]  put_event+0x2a/0x730
[  100.650392][ T3900]  ? __free_event+0x707/0x7f0
[  100.650398][ T3900]  put_event+0x69f/0x730
[  100.650401][ T3900]  ? perf_event_wakeup+0x66/0x2c0
[  100.650404][ T3900]  ? perf_event_wakeup+0x1b3/0x2c0
[  100.650408][ T3900]  perf_event_exit_event+0xa6/0xd0
[  100.650417][ T3900]  perf_event_exit_task_context+0x44e/0x550
[  100.650424][ T3900]  perf_event_exit_task+0x1dd/0x2a0
[  100.650428][ T3900]  ? fpu__drop+0x131/0x390
[  100.650432][ T3900]  ? preempt_count_sub+0x218/0x2f0
[  100.650441][ T3900]  ? fpu__drop+0x131/0x390
[  100.650445][ T3900]  do_exit+0xa4d/0x2490
[  100.650449][ T3900]  ? _raw_spin_unlock_irq+0x38/0x90
[  100.650454][ T3900]  ? do_group_exit+0x1ae/0x290
[  100.650459][ T3900]  ? _raw_spin_unlock_irq+0x38/0x90
[  100.650463][ T3900]  ? trace_preempt_on+0x179/0x2e0
[  100.650473][ T3900]  do_group_exit+0x1be/0x290
[  100.650478][ T3900]  __x64_sys_exit_group+0x48/0x50
[  100.650481][ T3900]  x64_sys_call+0x2c68/0x2c70
[  100.650484][ T3900]  do_syscall_64+0xff/0x220
[  100.650493][ T3900]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[  100.650499][ T3900] RIP: 0033:0x7fc7ce262349
[  100.650503][ T3900] Code: Unable to access opcode bytes at 0x7fc7ce26231f.
[  100.650505][ T3900] RSP: 002b:00007ffdecd6a3e8 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7
[  100.650513][ T3900] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc7ce262349
[  100.650515][ T3900] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[  100.650517][ T3900] RBP: 00007fc7ccbbe058 R08: ffffffffffffff80 R09: fffffffffffffff8
[  100.650522][ T3900] R10: 00007fc7ce1a0200 R11: 0000000000000206 R12: 0000000000000128
[  100.650524][ T3900] R13: 00007fc7ce18b6c0 R14: 00007fc7ccbbe058 R15: 00007fc7ccbbe000
[  100.650530][ T3900]  </TASK>
[  100.650532][ T3900] ==================================================================
[  100.673381][ T3900] BUG: kernel NULL pointer dereference, address: 0000000000000237
[  100.674119][ T3900] #PF: supervisor write access in kernel mode
[  100.674687][ T3900] #PF: error_code(0x0002) - not-present page
[  100.675251][ T3900] PGD 0 P4D 0 
[  100.675618][ T3900] Oops: Oops: 0002 [#1] SMP KASAN
[  100.676091][ T3900] CPU: 1 UID: 65534 PID: 3900 Comm: trinity-c1 Tainted: G    B           T   6.15.0-rc1-00011-gda916e96e2de #1 PREEMPT(voluntary) 
[  100.677189][ T3900] Tainted: [B]=BAD_PAGE, [T]=RANDSTRUCT
[  100.677704][ T3900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.678670][ T3900] RIP: 0010:put_event+0x2a/0x730
[  100.679152][ T3900] Code: 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 38 48 89 fb 48 81 c7 38 02 00 00 be 08 00 00 00 e8 06 14 22 00 <f0> 48 ff 8b 38 02 00 00 0f 85 67 06 00 00 49 be 00 00 00 00 00 fc
[  100.680761][ T3900] RSP: 0018:ffffc90004d67b70 EFLAGS: 00010246
[  100.681342][ T3900] RAX: 0000000000000000 RBX: ffffffffffffffff RCX: 0000000000000000
[  100.682061][ T3900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  100.682766][ T3900] RBP: ffffc90004d67bd0 R08: 0000000000000000 R09: 0000000000000000
[  100.686319][ T3900] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffffffffffff
[  100.687356][ T3900] R13: 1ffff11024ef368a R14: dffffc0000000000 R15: ffff88812779b618
[  100.694079][ T3900] FS:  00007fc7ce18b740(0000) GS:ffff888428dd7000(0000) knlGS:0000000000000000
[  100.695168][ T3900] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  100.695958][ T3900] CR2: 0000000000000237 CR3: 0000000004cd7000 CR4: 00000000000406b0
[  100.696932][ T3900] DR0: 00007fc7cc290000 DR1: 0000000000000000 DR2: 0000000000000000
[  100.702041][ T3900] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  100.703069][ T3900] Call Trace:
[  100.703563][ T3900]  <TASK>
[  100.704019][ T3900]  ? __free_event+0x707/0x7f0
[  100.704649][ T3900]  put_event+0x69f/0x730
[  100.705985][ T3900]  ? perf_event_wakeup+0x66/0x2c0
[  100.706648][ T3900]  ? perf_event_wakeup+0x1b3/0x2c0
[  100.707305][ T3900]  perf_event_exit_event+0xa6/0xd0
[  100.708809][ T3900]  perf_event_exit_task_context+0x44e/0x550
[  100.709677][ T3900]  perf_event_exit_task+0x1dd/0x2a0
[  100.710349][ T3900]  ? fpu__drop+0x131/0x390
[  100.710922][ T3900]  ? preempt_count_sub+0x218/0x2f0
[  100.711576][ T3900]  ? fpu__drop+0x131/0x390
[  100.712162][ T3900]  do_exit+0xa4d/0x2490
[  100.712728][ T3900]  ? _raw_spin_unlock_irq+0x38/0x90
[  100.717506][ T3900]  ? do_group_exit+0x1ae/0x290
[  100.718138][ T3900]  ? _raw_spin_unlock_irq+0x38/0x90
[  100.718797][ T3900]  ? trace_preempt_on+0x179/0x2e0
[  100.719458][ T3900]  do_group_exit+0x1be/0x290
[  100.720074][ T3900]  __x64_sys_exit_group+0x48/0x50
[  100.720714][ T3900]  x64_sys_call+0x2c68/0x2c70
[  100.721340][ T3900]  do_syscall_64+0xff/0x220
[  100.721946][ T3900]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[  100.722683][ T3900] RIP: 0033:0x7fc7ce262349
[  100.723272][ T3900] Code: Unable to access opcode bytes at 0x7fc7ce26231f.
[  100.724109][ T3900] RSP: 002b:00007ffdecd6a3e8 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7
[  100.725125][ T3900] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc7ce262349
[  100.726139][ T3900] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[  100.727073][ T3900] RBP: 00007fc7ccbbe058 R08: ffffffffffffff80 R09: fffffffffffffff8
[  100.727935][ T3900] R10: 00007fc7ce1a0200 R11: 0000000000000206 R12: 0000000000000128
[  100.728806][ T3900] R13: 00007fc7ce18b6c0 R14: 00007fc7ccbbe058 R15: 00007fc7ccbbe000
[  100.729722][ T3900]  </TASK>
[  100.730174][ T3900] Modules linked in: tiny_power_button button pcspkr evdev input_leds loop
[  100.731230][ T3900] CR2: 0000000000000237
[  100.731791][ T3900] ---[ end trace 0000000000000000 ]---
[  100.731795][ T3903] BUG: kernel NULL pointer dereference, address: 0000000000000237
[  100.732199][ T3900] RIP: 0010:put_event+0x2a/0x730
[  100.732817][ T3903] #PF: supervisor write access in kernel mode
[  100.733228][ T3900] Code: 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 38 48 89 fb 48 81 c7 38 02 00 00 be 08 00 00 00 e8 06 14 22 00 <f0> 48 ff 8b 38 02 00 00 0f 85 67 06 00 00 49 be 00 00 00 00 00 fc
[  100.733677][ T3903] #PF: error_code(0x0002) - not-present page
[  100.733686][ T3903] PGD 0 
[  100.735120][ T3900] RSP: 0018:ffffc90004d67b70 EFLAGS: 00010246
[  100.735548][ T3903] P4D 0 
[  100.735789][ T3900] 
[  100.736225][ T3903] Oops: Oops: 0002 [#2] SMP KASAN
[  100.736469][ T3900] RAX: 0000000000000000 RBX: ffffffffffffffff RCX: 0000000000000000
[  100.736653][ T3903] CPU: 0 UID: 65534 PID: 3903 Comm: trinity-c4 Tainted: G    B D         T   6.15.0-rc1-00011-gda916e96e2de #1 PREEMPT(voluntary) 
[  100.737053][ T3900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  100.737624][ T3903] Tainted: [B]=BAD_PAGE, [D]=DIE, [T]=RANDSTRUCT
[  100.737634][ T3903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.738628][ T3900] RBP: ffffc90004d67bd0 R08: 0000000000000000 R09: 0000000000000000
[  100.739246][ T3903] RIP: 0010:put_event+0x2a/0x730
[  100.739740][ T3900] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffffffffffff
[  100.740493][ T3903] Code: 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 38 48 89 fb 48 81 c7 38 02 00 00 be 08 00 00 00 e8 06 14 22 00 <f0> 48 ff 8b 38 02 00 00 0f 85 67 06 00 00 49 be 00 00 00 00 00 fc
[  100.741089][ T3900] R13: 1ffff11024ef368a R14: dffffc0000000000 R15: ffff88812779b618
[  100.741461][ T3903] RSP: 0018:ffffc90004d97b70 EFLAGS: 00010246
[  100.741877][ T3900] FS:  00007fc7ce18b740(0000) GS:ffff888428dd7000(0000) knlGS:0000000000000000
[  100.743537][ T3903] 
[  100.744014][ T3900] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  100.744534][ T3903] RAX: 0000000000000001 RBX: ffffffffffffffff RCX: 0000000000000000
[  100.745071][ T3900] CR2: 0000000000000237 CR3: 0000000004cd7000 CR4: 00000000000406b0
[  100.745279][ T3903] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  100.745681][ T3900] DR0: 00007fc7cc290000 DR1: 0000000000000000 DR2: 0000000000000000
[  100.746350][ T3903] RBP: ffffc90004d97bd0 R08: 0000000000000000 R09: 0000000000000000
[  100.746828][ T3900] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  100.746840][ T3900] Kernel panic - not syncing: Fatal exception
[  101.916945][ T3900] Shutting down cpus with NMI
[  101.929723][ T3900] Kernel Offset: disabled


-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ