Re: UBSAN: Undefined behaviour in linux-4.7.2/drivers/usb/core/devio.c:1713:25
From: Vittorio Zecca
Date: Tue Aug 23 2016 - 11:53:09 EST
After applying the patch above the UBSAN issue in devio.c disappeared.
However, I got the following messages in dmesg, probably due to a NetworkManager
malfunctioning, and if I click on the NetworkManager icon I get
"NetworkManager is not running"
but maybe this is another issue and your patch did solve the devio.c problem.
Unfortunately I cannot use the 4.7.2 kernel with ubsan and asan because
I need the networkmanager running, as it is doing now on kernel version 4.6.6
[ +0.648205] BUG: unable to handle kernel paging request at ffff8272d6400205
[ +0.000118] IP: [<ffffffff818e11d4>] strcmp+0x48/0x8b
[ +0.000075] PGD 0
[ +0.000033] Oops: 0000 [#1] SMP KASAN
[ +0.000051] Modules linked in: ebtable_nat ebtable_broute bridge stp
llc ebtable_filter ebtables ip6table_nat nf_conntrack_ipv6
nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security
ip6table_raw ip6table_filter ip6_tables iptable_nat nf_conntrack_ipv4
nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle
iptable_security iptable_raw intel_rapl x86_pkg_temp_thermal coretemp
kvm_intel kvm snd_hda_codec_realtek snd_hda_codec_hdmi
snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core
huawei_cdc_ncm snd_hwdep snd_seq irqbypass cdc_wdm ppdev
crct10dif_pclmul cdc_ncm snd_seq_device iTCO_wdt option
iTCO_vendor_support crc32_pclmul snd_pcm crc32c_intel usb_wwan usbnet
ghash_clmulni_intel snd_timer parport_pc i2c_i801 snd nuvoton_cir
pcspkr mei_me parport soc_button_array mei rc_core
[ +0.001125] shpchp lpc_ich soundcore tpm_tis tpm nfsd auth_rpcgss
nfs_acl lockd grace sunrpc i915 i2c_algo_bit drm_kms_helper r8169 drm
serio_raw mii video fjes uas usb_storage
[ +0.000265] CPU: 1 PID: 856 Comm: NetworkManager Not tainted 4.7.2sanitized #4
[ +0.000094] Hardware name: To Be Filled By O.E.M. To Be Filled By
O.E.M./H81M-DGS R2.0, BIOS P1.30 07/02/2014
[ +0.000127] task: ffff8800346f9e00 ti: ffff8800d5df8000 task.ti:
ffff8800d5df8000
[ +0.000096] RIP: 0010:[<ffffffff818e11d4>] [<ffffffff818e11d4>]
strcmp+0x48/0x8b
[ +0.000104] RSP: 0018:ffff8800d5dfed28 EFLAGS: 00010246
[ +0.000071] RAX: 0000000000000000 RBX: ffffffffc0263c20 RCX: ffffffff818e11d4
[ +0.000093] RDX: 1ffff04e5ac80040 RSI: ffff8272d6400205 RDI: ffff8272d6400205
[ +0.000093] RBP: ffff8800d5dfed50 R08: ffff880389669150 R09: ffffed00712cd3d2
[ +0.000092] R10: ffff8800346f9e00 R11: 0000000000000010 R12: ffff8272d6400205
[ +0.000092] R13: 0000000000000072 R14: ffffffffc0263c21 R15: ffff8272d6400206
[ +0.000093] FS: 00007fce6294e880(0000) GS:ffff88038ed00000(0000)
knlGS:0000000000000000
[ +0.000103] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ +0.002818] CR2: ffff8272d6400205 CR3: 00000000350b6000 CR4: 00000000000406e0
[ +0.002903] Stack:
[ +0.002833] ffffffff82aa6a78 1ffff1001abbfdaf ffff880384ba0b80
ffffffffc0263c20
[ +0.000047] ffff880389669e70
[ +0.000001] ffff8800d5dfee00
[ +0.000001] ffffffff81bf33dd
[ +0.000000] ffff88038b1c8000
[ +0.000001] 00000000026040c0
[ +0.000001] ffff88038c7fc560
[ +0.000000] 0000000041b58ab3
[ +0.000001] ffffffff82a70a84
[ +0.000001] Call Trace:
[ +0.000007] [<ffffffff81bf33dd>] _request_firmware+0x156/0x274
[ +0.000004] [<ffffffff81bf3287>] ? request_firmware_nowait+0x2ad/0x2ad
[ +0.000004] [<ffffffff814be62b>] ? kasan_kmalloc+0x5e/0x64
[ +0.000004] [<ffffffff814b67b6>] ? kmem_cache_alloc_trace+0x124/0x390
[ +0.000004] [<ffffffff81bf352c>] request_firmware+0x31/0x43
[ +0.000009] [<ffffffffc025d7a7>] rtl_open+0x1133/0x1b3a [r8169]
[ +0.000009] [<ffffffffc025c674>] ? rtl_remove_one+0x35d/0x35d [r8169]
[ +0.000004] [<ffffffff821da57f>] ? packet_notifier+0xdb/0x593
[ +0.000004] [<ffffffff821da4a4>] ? register_prot_hook.part.17+0x6e/0x6e
[ +0.000003] [<ffffffff821bc032>] ? ip6mr_device_event+0xa6/0x276
[ +0.000003] [<ffffffff821bbf8c>] ? mif6_delete+0x41c/0x41c
[ +0.000014] [<ffffffffc16101a1>] ? br_device_event+0x41/0x360 [bridge]
[ +0.000005] [<ffffffff8119993a>] ? raw_notifier_call_chain+0x85/0xec
[ +0.000005] [<ffffffff81f7d103>] __dev_open+0x161/0x24c
[ +0.000002] [<ffffffff81f7cfa2>] ? dev_set_rx_mode+0x33/0x33
[ +0.000003] [<ffffffff81f7cdf0>] ? __dev_set_rx_mode+0x3d/0x1bc
[ +0.000003] [<ffffffff81f7d611>] __dev_change_flags+0xe8/0x229
[ +0.000003] [<ffffffff81f7d7af>] dev_change_flags+0x5d/0xbd
[ +0.000004] [<ffffffff81f9e31e>] do_setlink+0x628/0x1c26
[ +0.000003] [<ffffffff813e2df8>] ? __alloc_pages_nodemask+0x26a/0x1ebe
[ +0.000003] [<ffffffff81f9dcf6>] ? rtnl_unregister+0x201/0x201
[ +0.000004] [<ffffffff814b3841>] ? alloc_debug_processing+0x56/0x36e
[ +0.000003] [<ffffffff813e2df8>] ? __alloc_pages_nodemask+0x26a/0x1ebe
[ +0.000003] [<ffffffff813e2b8e>] ? warn_alloc_failed+0x266/0x266
[ +0.000003] [<ffffffff812059ad>] ? __init_rwsem+0xfd/0x17c
[ +0.000004] [<ffffffff812058b0>] ? rt_mutex_finish_proxy_lock+0x1bd/0x1bd
[ +0.000005] [<ffffffff81307a48>] ? is_ftrace_trampoline+0x62/0xaf
[ +0.000003] [<ffffffff81192ff7>] ? __kernel_text_address+0x63/0x82
[ +0.000004] [<ffffffff8106decc>] ? print_context_stack+0x7e/0x177
[ +0.000002] [<ffffffff814be72c>] ? memset+0x31/0x38
[ +0.000004] [<ffffffff8194332b>] ? nla_parse+0xa1/0x2d9
[ +0.000003] [<ffffffff81f9cb88>] ? validate_linkmsg+0x140/0x3df
[ +0.000003] [<ffffffff81f9ca48>] ? rtnl_link_get_net+0xf3/0xf3
[ +0.000003] [<ffffffff81307a48>] ? is_ftrace_trampoline+0x62/0xaf
[ +0.000003] [<ffffffff81fa09a3>] rtnl_newlink+0x9c8/0xf17
[ +0.000003] [<ffffffff81fa0679>] ? rtnl_newlink+0x69e/0xf17
[ +0.000003] [<ffffffff81f9ffdb>] ? rtnetlink_put_metrics+0x454/0x454
[ +0.000004] [<ffffffff81192ff7>] ? __kernel_text_address+0x63/0x82
[ +0.000003] [<ffffffff8106decc>] ? print_context_stack+0x7e/0x177
[ +0.000004] [<ffffffff81791a03>] ? cap_capable+0xc3/0x134
[ +0.000003] [<ffffffff817963e2>] ? security_capable+0x3c/0x8f
[ +0.000003] [<ffffffff811619cf>] ? ns_capable+0x60/0xb9
[ +0.000004] [<ffffffff81feec1f>] ? __netlink_ns_capable+0x80/0xba
[ +0.000003] [<ffffffff81f9ffdb>] ? rtnetlink_put_metrics+0x454/0x454
[ +0.000003] [<ffffffff81f9be12>] rtnetlink_rcv_msg+0x1e0/0x8fc
[ +0.000003] [<ffffffff81f425a0>] ? __alloc_skb+0xb6/0x414
[ +0.000003] [<ffffffff81f9bc32>] ? rtnl_link_unregister+0x213/0x213
[ +0.000002] [<ffffffff81ff2bca>] ? netlink_lookup+0x1cf/0x2b2
[ +0.000003] [<ffffffff81ff29fb>] ? netlink_broadcast+0x1f/0x1f
[ +0.000003] [<ffffffff81ff7843>] netlink_rcv_skb+0x147/0x1bb
[ +0.000003] [<ffffffff81f9bc32>] ? rtnl_link_unregister+0x213/0x213
[ +0.000003] [<ffffffff81f98fb6>] rtnetlink_rcv+0x28/0x30
[ +0.000002] [<ffffffff81ff6a1f>] netlink_unicast+0x33f/0x472
[ +0.000003] [<ffffffff81ff66e0>] ? netlink_attachskb+0x49a/0x49a
[ +0.000002] [<ffffffff814be51c>] ? kasan_check_write+0x14/0x16
[ +0.000003] [<ffffffff818faef0>] ? copy_from_iter+0x17d/0x5e2
[ +0.000003] [<ffffffff81ff71ff>] netlink_sendmsg+0x6ad/0x89c
[ +0.000003] [<ffffffff81ff6b52>] ? netlink_unicast+0x472/0x472
[ +0.000003] [<ffffffff81ff6b52>] ? netlink_unicast+0x472/0x472
[ +0.000004] [<ffffffff81f2d710>] sock_sendmsg+0x84/0xcc
[ +0.000003] [<ffffffff81f2eb1f>] ___sys_sendmsg+0x51b/0x5da
[ +0.000003] [<ffffffff8162e8ea>] ? unuse_table.part.3+0x1b/0x42
[ +0.000003] [<ffffffff81f2e604>] ? copy_msghdr_from_user+0x2b6/0x2b6
[ +0.000003] [<ffffffff81160007>] ? proc_dointvec+0x5c/0x7b
[ +0.000003] [<ffffffff8162f126>] ? proc_sys_call_handler+0x112/0x1d8
[ +0.000004] [<ffffffff812358c0>] ? __call_rcu_nocb_enqueue+0x140/0x31d
[ +0.000002] [<ffffffff8162f014>] ? proc_sys_poll+0x1a2/0x1a2
[ +0.000004] [<ffffffff818f14e4>] ? lockref_put_or_lock+0x182/0x227
[ +0.000003] [<ffffffff818f1362>] ? lockref_get_or_lock+0x247/0x247
[ +0.000003] [<ffffffff81551968>] ? __fget+0xde/0x1ee
[ +0.000003] [<ffffffff81552695>] ? __fget_light+0xdd/0x14f
[ +0.000003] [<ffffffff8155271a>] ? __fdget+0x13/0x15
[ +0.000003] [<ffffffff81f2fe24>] __sys_sendmsg+0xcb/0x145
[ +0.000003] [<ffffffff81f2fd59>] ? SyS_shutdown+0x170/0x170
[ +0.000003] [<ffffffff815114a1>] ? __fput+0x262/0x3e7
[ +0.000004] [<ffffffff814eb849>] ? mem_cgroup_handle_over_high+0x7a/0x1f5
[ +0.000002] [<ffffffff814eb7cf>] ? mem_cgroup_oom_synchronize+0x72e/0x72e
[ +0.000003] [<ffffffff8151168a>] ? ____fput+0xe/0x10
[ +0.000003] [<ffffffff81f2feb0>] SyS_sendmsg+0x12/0x1c
[ +0.000004] [<ffffffff82226d72>] entry_SYSCALL_64_fastpath+0x1a/0xa4
[ +0.000025] Code: 4d 89 fc 4c 8d 73 01 48 85 db 74 52 48 89 df e8 a6
cd bd ff 45 0f b6 6e ff 4d 8d 7c 24 01 4d 85 e4 74 2b 4c 89 e7 e8 8f
cd bd ff <45> 3a 6f ff 74 c7 19 c0 83 c8 01 5b 41 5c 41 5d 41 5e 41 5f
5d
[ +0.000003] RIP [<ffffffff818e11d4>] strcmp+0x48/0x8b
[ +0.000000] RSP <ffff8800d5dfed28>
[ +0.000001] CR2: ffff8272d6400205
[ +0.012995] ---[ end trace aed6c80e54c9629a ]---
[Aug23 17:34] usb 3-8: USB disconnect, device number 3
[ +0.005711] option1 ttyUSB0: GSM modem (1-port) converter now
disconnected from ttyUSB0
[ +0.001105] option 3-8:1.0: device disconnected
[ +0.003580] huawei_cdc_ncm 3-8:1.1 wwp0s20u8i1: unregister
'huawei_cdc_ncm' usb-0000:00:14.0-8, Huawei CDC NCM device