From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Naresh Kamboju <naresh.kamboju@linaro.org>
Cc: open list <linux-kernel@vger.kernel.org>,
linux-usb@vger.kernel.org, lkft-triage@lists.linaro.org,
Alan Stern <stern@rowland.harvard.edu>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
Jason Yan <yanaijie@huawei.com>,
"Ahmed S. Darwish" <a.darwish@linutronix.de>,
Oliver Neukum <oneukum@suse.com>,
Eugeniu Rosca <erosca@de.adit-jv.com>,
Arnd Bergmann <arnd@arndb.de>,
Anders Roxell <anders.roxell@linaro.org>
Subject: Re: BUG: KFENCE: memory corruption in usb_get_device_descriptor
Date: Wed, 17 Mar 2021 13:53:53 +0100 [thread overview]
Message-ID: <YFH74Y6QfofcMOkv@kroah.com> (raw)
In-Reply-To: <CA+G9fYv9kwQDYzzA1e=c8kg1wWQ1MwKtintBvyqMiKG5S+ggqA@mail.gmail.com>
On Wed, Mar 17, 2021 at 04:56:15PM +0530, Naresh Kamboju wrote:
> On Wed, 17 Mar 2021 at 15:34, Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> >
> > On Wed, Mar 17, 2021 at 02:28:40PM +0530, Naresh Kamboju wrote:
> > > While booting Linux mainline master 5.12.0-rc2 and 5.12.0-rc3 on arm64
> > > Hikey device the following KFENCE bug was found.
> > >
> > > Recently, we have enabled CONFIG_KFENCE=y and started seeing this crash.
> > > kernel BUG log:
> >
> > What USB traffic are you having here?
>
> This is getting triggered while booting the device.
> We are not running any traffic.
Ah, so this is device probe time.
> > And has this ever not triggered?
>
> No.
> It was not triggered before.
> Since CONFIG_KFENCE=y is added to our builds recently we are able to
> reproduce always on recent builds.
>
> Steps to reproduce:
> 1) Build arm64 kernel Image with this given config.
> - tuxmake --runtime podman --target-arch arm64 --toolchain gcc-9
> --kconfig defconfig --kconfig-add
> https://builds.tuxbuild.com/1pfztfszUNcDwOAyMrw2wPMKNfc/config
> 2) Boot arm64 hikey hi6220 device
> 3) While booting the device you will get to see this kernel BUG:
>
> [ 18.243075] BUG: KFENCE: memory corruption in
> usb_get_device_descriptor+0x80/0xb0
> [ 18.813861] BUG: KFENCE: memory corruption in
> __usbnet_read_cmd.isra.0+0xd0/0x1a0
There was a warning before this, from the hub code, when reading from
this device as well. Perhaps this is just a side affect of the real
memory corruption issue somewhere else?
Bisection would be nice, but I'm placing odds on this always being an
issue here in this driver code...
thanks for the report.
greg k-h
prev parent reply other threads:[~2021-03-17 12:54 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-17 8:58 BUG: KFENCE: memory corruption in usb_get_device_descriptor Naresh Kamboju
2021-03-17 10:04 ` Greg Kroah-Hartman
2021-03-17 11:26 ` Naresh Kamboju
2021-03-17 12:53 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YFH74Y6QfofcMOkv@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=a.darwish@linutronix.de \
--cc=anders.roxell@linaro.org \
--cc=arnd@arndb.de \
--cc=erosca@de.adit-jv.com \
--cc=gustavoars@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=lkft-triage@lists.linaro.org \
--cc=naresh.kamboju@linaro.org \
--cc=oneukum@suse.com \
--cc=stern@rowland.harvard.edu \
--cc=yanaijie@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox