bind04 from ubuntu_ltp_syscalls caused kernel NULL pointer dereference on B-5.4 i386
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-kernel-tests |
New
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Issue found on 5.4.0-49.53~18.04.1 i386 node pepe (this issue does not exist on other arhces)
bind04 test will cause kernel NULL pointer dereference and taints the kernel, making other tests to fail.
Test output:
<<<test_output>>>
incrementing stop
tst_test.c:1250: TINFO: Timeout per run is 0h 05m 00s
bind04.c:117: TINFO: Testing AF_UNIX pathname stream
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing AF_UNIX pathname seqpacket
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing AF_UNIX abstract stream
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing AF_UNIX abstract seqpacket
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv4 loop TCP variant 1
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv4 loop TCP variant 2
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv4 loop SCTP
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv4 any TCP variant 1
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv4 any TCP variant 2
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv4 any SCTP
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv6 loop TCP variant 1
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv6 loop TCP variant 2
bind04.c:150: TPASS: Communication successful
bind04.c:117: TINFO: Testing IPv6 loop SCTP
bind04.c:150: TPASS: Communication successful
tst_test.c:1295: TINFO: If you are running on slow machine, try exporting LTP_TIMEOUT_MUL > 1
tst_test.c:1296: TBROK: Test killed! (timeout?)
Summary:
passed 13
failed 0
skipped 0
warnings 0
<<<execution_
initiation_
duration=3 termination_
cutime=40 cstime=324
<<<test_end>>>
syslog output:
pepe kernel: [ 456.420474] LTP: starting bind04
pepe kernel: [ 456.451023] sctp: Hash tables configured (bind 512/512)
pepe kernel: [ 456.452997] BUG: kernel NULL pointer dereference, address: 00000008
pepe kernel: [ 456.528037] #PF: supervisor read access in kernel mode
pepe kernel: [ 456.589500] #PF: error_code(0x0000) - not-present page
pepe kernel: [ 456.651172] *pdpt = 00000000220e0001 *pde = 0000000000000000
pepe kernel: [ 456.720122] Oops: 0000 [#1] SMP PTI
pepe kernel: [ 456.761828] CPU: 1 PID: 9783 Comm: bind04 Not tainted 5.4.0-48-generic #52~18.04.1-Ubuntu
pepe kernel: [ 456.859798] Hardware name: Dell Inc. PowerEdge R310/05XKKK, BIOS 1.8.2 08/17/2011
pepe kernel: [ 456.949345] EIP: sctp_ulpevent_
pepe kernel: [ 457.008824] Code: 52 67 71 e3 66 90 66 66 66 66 90 55 89 e5 57 56 53 66 83 78 20 00 89 c3 78 3b 8b 78 3c 8b 40 40 85 c0 74 20 8b 83 88 00 00 00 <8b> 70 08 85 f6 74 13 90 8d 74 26 00 8d 46 18 e8 48 ec ff ff 8b 36
pepe kernel: [ 457.233564] EAX: 00000000 EBX: e239aa20 ECX: 00000246 EDX: e239aa08
pepe kernel: [ 457.308755] ESI: e1c02a08 EDI: 00000000 EBP: e5661eac ESP: e5661ea0
pepe kernel: [ 457.383798] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010202
pepe kernel: [ 457.465170] CR0: 80050033 CR2: 00000008 CR3: 25602000 CR4: 000006f0
pepe kernel: [ 457.540361] Call Trace:
pepe kernel: [ 457.569594] sctp_queue_
pepe kernel: [ 457.633241] sctp_close+
pepe kernel: [ 457.681179] ? tty_write_
pepe kernel: [ 457.729224] ? tty_ldisc_
pepe kernel: [ 457.776127] inet_release+
pepe kernel: [ 457.818040] inet6_release+
pepe kernel: [ 457.860783] __sock_
pepe kernel: [ 457.904565] sock_close+
pepe kernel: [ 457.944190] __fput+0xb3/0x240
pepe kernel: [ 457.980694] ____fput+0xd/0x10
pepe kernel: [ 458.017302] task_work_
pepe kernel: [ 458.060044] exit_to_
pepe kernel: [ 458.112251] do_fast_
pepe kernel: [ 458.162275] entry_SYSENTER_
pepe kernel: [ 458.209176] EIP: 0xb7ef5bb5
pepe kernel: [ 458.242666] Code: d3 5b 5e 5f 5d c3 8d b4 26 00 00 00 00 b8 00 09 3d 00 eb b5 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76
pepe kernel: [ 458.467405] EAX: 00000000 EBX: 00000007 ECX: 00000002 EDX: 00000000
pepe kernel: [ 458.542597] ESI: b7ee4000 EDI: 00000006 EBP: 004b1210 ESP: bfebe150
pepe kernel: [ 458.617789] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000293
pepe kernel: [ 458.699012] Modules linked in: sctp nfsd auth_rpcgss nfs_acl lockd grace sunrpc intel_powerclamp coretemp kvm_intel kvm irqbypass ipmi_ssif gpio_ich intel_cstate lpc_ich dcdbas i7core_edac acpi_power_meter mac_hid ipmi_si ipmi_devintf ipmi_msghandler sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_
pepe kernel: [ 459.415874] CR2: 0000000000000008
pepe kernel: [ 459.455555] ---[ end trace 3324c5a4a96e9820 ]---
pepe kernel: [ 459.510874] EIP: sctp_ulpevent_
pepe kernel: [ 459.570321] Code: 52 67 71 e3 66 90 66 66 66 66 90 55 89 e5 57 56 53 66 83 78 20 00 89 c3 78 3b 8b 78 3c 8b 40 40 85 c0 74 20 8b 83 88 00 00 00 <8b> 70 08 85 f6 74 13 90 8d 74 26 00 8d 46 18 e8 48 ec ff ff 8b 36
pepe kernel: [ 459.795066] EAX: 00000000 EBX: e239aa20 ECX: 00000246 EDX: e239aa08
pepe kernel: [ 459.870047] ESI: e1c02a08 EDI: 00000000 EBP: e5661eac ESP: e5661ea0
pepe kernel: [ 459.945240] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010202
pepe kernel: [ 460.026673] CR0: 80050033 CR2: 00000008 CR3: 25602000 CR4: 000006f0
This issue can be traced back to 5.4.0-38.42~18.04.1
Test case:
https:/
description: | updated |
apport information