[linux-next:master] [serial] bfd3d4a40f: KASAN:null-ptr-deref_in_range[#-#]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hello,

kernel test robot noticed "KASAN:null-ptr-deref_in_range[#-#]" on:

commit: bfd3d4a40f3905ec70b17dbfa9b78764e59e4b4f ("serial: 8250_dw: Drop unneeded NULL checks in dw8250_quirks()")
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master

in testcase: kernel-selftests
version: kernel-selftests-x86_64-7503345ac5f5-1_20241208
with following parameters:

	group: sgx



config: x86_64-rhel-9.4-kselftests
compiler: gcc-12
test machine: 16 threads 1 sockets Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (Coffee Lake-E) with 32G memory

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202502121529.f7e65d49-lkp@xxxxxxxxx


[   34.377423][  T125] iTCO_wdt iTCO_wdt: unable to reset NO_REBOOT flag, device disabled by hardware/BIOS
[   34.392689][  T357] IOAPIC[0]: Preconfigured routing entry (2-17 -> IRQ 17 Level:1 ActiveLow:1)
Mountin[   34.427657][  T357] idma64 idma64.1: Found Intel integrated DMA 64-bit
[   34.431964][  T346] ppdev: user-space parallel port driver
[   34.457700][  T357] idma64 idma64.2: Found Intel integrated DMA 64-bit
[   34.481800][  T357] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[   34.490095][  T357] CPU: 6 UID: 0 PID: 357 Comm: (udev-worker) Not tainted 6.14.0-rc1-00009-gbfd3d4a40f39 #1
[   34.499959][  T357] Hardware name: Intel Corporation Mehlow UP Server Platform/Moss Beach Server, BIOS CNLSE2R1.R00.X188.B13.1903250419 03/25/2019
[   34.501967][  T125] i2c i2c-0: Successfully instantiated SPD at 0x51
[ 34.513099][ T357] RIP: 0010:dw8250_probe (kbuild/src/consumer/drivers/tty/serial/8250/8250_dw.c:462 kbuild/src/consumer/drivers/tty/serial/8250/8250_dw.c:629) 
[   34.521181][  T125] i2c i2c-0: Successfully instantiated SPD at 0x53
[ 34.524691][ T357] Code: c1 ea 03 80 3c 02 00 0f 85 21 07 00 00 49 8b 8c 24 30 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 79 08 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 07
All code
========
   0:	c1 ea 03             	shr    $0x3,%edx
   3:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   7:	0f 85 21 07 00 00    	jne    0x72e
   d:	49 8b 8c 24 30 01 00 	mov    0x130(%r12),%rcx
  14:	00 
  15:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  1c:	fc ff df 
  1f:	48 8d 79 08          	lea    0x8(%rcx),%rdi
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
  2a:*	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx		<-- trapping instruction
  2e:	48 89 f8             	mov    %rdi,%rax
  31:	83 e0 07             	and    $0x7,%eax
  34:	83 c0 03             	add    $0x3,%eax
  37:	38 d0                	cmp    %dl,%al
  39:	7c 08                	jl     0x43
  3b:	84 d2                	test   %dl,%dl
  3d:	0f                   	.byte 0xf
  3e:	85 07                	test   %eax,(%rdi)

Code starting with the faulting instruction
===========================================
   0:	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx
   4:	48 89 f8             	mov    %rdi,%rax
   7:	83 e0 07             	and    $0x7,%eax
   a:	83 c0 03             	add    $0x3,%eax
   d:	38 d0                	cmp    %dl,%al
   f:	7c 08                	jl     0x19
  11:	84 d2                	test   %dl,%dl
  13:	0f                   	.byte 0xf
  14:	85 07                	test   %eax,(%rdi)
[   34.524695][  T357] RSP: 0018:ffffc9000224e858 EFLAGS: 00010202
[   34.524700][  T357] RAX: dffffc0000000000 RBX: 1ffff92000449d12 RCX: 0000000000000000
[   34.564397][  T357] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000008
[   34.572267][  T357] RBP: ffff888107cff010 R08: 0000000000000001 R09: 0000000000000001
[   34.580138][  T357] R10: ffffffff86469427 R11: ffffffff81e3d5bb R12: ffff8881db096428
[   34.588001][  T357] R13: ffffc9000224e8b0 R14: ffff8881db096558 R15: 0000000000000000
[   34.595864][  T357] FS:  00007f2e783558c0(0000) GS:ffff8887d8300000(0000) knlGS:0000000000000000
[   34.604683][  T357] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   34.611161][  T357] CR2: 00007f2e78141e81 CR3: 00000002105a8005 CR4: 00000000003706f0
[   34.619049][  T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   34.626896][  T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   34.634759][  T357] Call Trace:
[   34.637933][  T357]  <TASK>
[ 34.640824][ T357] ? die_addr (kbuild/src/consumer/arch/x86/kernel/dumpstack.c:421 kbuild/src/consumer/arch/x86/kernel/dumpstack.c:460) 
[ 34.644877][ T357] ? exc_general_protection (kbuild/src/consumer/arch/x86/kernel/traps.c:751 kbuild/src/consumer/arch/x86/kernel/traps.c:693) 
[ 34.650318][ T357] ? asm_exc_general_protection (kbuild/src/consumer/arch/x86/include/asm/idtentry.h:574) 
[ 34.655938][ T357] ? __kasan_kmalloc (kbuild/src/consumer/mm/kasan/common.c:377 kbuild/src/consumer/mm/kasan/common.c:394) 


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250212/202502121529.f7e65d49-lkp@xxxxxxxxx



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux PPP]     [Linux FS]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Linmodem]     [Device Mapper]     [Linux Kernel for ARM]

  Powered by Linux