* Re: 6.5.13 regression: BUG: kernel NULL pointer dereference, address: 0000000000000020
[not found] <2b5d6cd4-0afb-4193-ab88-235f910a7293@gmx.de>
@ 2023-11-28 21:30 ` dan
2023-11-28 21:42 ` Sam James
0 siblings, 1 reply; 4+ messages in thread
From: dan @ 2023-11-28 21:30 UTC (permalink / raw)
To: toralf.foerster; +Cc: linux-kernel, stable
I'm seeing this too, but on 6.6.3 (6.6.2 is fine).
Bisected it down to commit 2e8b4e0992e16 ("gcc-plugins: randstruct:
Only warn about true flexible arrays"). Reverting that commit on top
of v6.6.3 makes it go away.
I do wonder if content such as that (which *looks* like it's purely
preparing for future changes) is appropriate for the stable trees.
Cheers,
-- Dan
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 6.5.13 regression: BUG: kernel NULL pointer dereference, address: 0000000000000020
2023-11-28 21:30 ` 6.5.13 regression: BUG: kernel NULL pointer dereference, address: 0000000000000020 dan
@ 2023-11-28 21:42 ` Sam James
2023-11-28 22:48 ` Dan Moulding
0 siblings, 1 reply; 4+ messages in thread
From: Sam James @ 2023-11-28 21:42 UTC (permalink / raw)
To: dan; +Cc: linux-kernel, stable, toralf.foerster, linux-hardening
I suspect this is https://lore.kernel.org/linux-hardening/20231124102458.GB1503258@e124191.cambridge.arm.com/
and the patch at
https://lore.kernel.org/linux-hardening/170117162434.28731.12930304842635897908.git-patchwork-notify@kernel.org/T/#t
may help.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 6.5.13 regression: BUG: kernel NULL pointer dereference, address: 0000000000000020
2023-11-28 21:42 ` Sam James
@ 2023-11-28 22:48 ` Dan Moulding
2023-11-29 18:59 ` Gustavo A. R. Silva
0 siblings, 1 reply; 4+ messages in thread
From: Dan Moulding @ 2023-11-28 22:48 UTC (permalink / raw)
To: sam; +Cc: dan, linux-hardening, linux-kernel, stable, toralf.foerster
Thanks, Sam. Yes it does look like that's the same issue.
I applied that patch to v6.6.3 instead of reverting the change to the
randomize_layout plugin and the problem also goes away with the patch
applied.
In that thread with the patch, Gustavo does mention that many other
zero-length arrays, besides this one in struct neighbor, were found in
the kernel source. But a quick (and possibly imperfect) grepping seems
to show that struct neighbor was the only one used with
__randomize_layout. So, I *think* it might be the only one that could
cause a problem with the recent change to the randomize_layout plugin.
-- Dan
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 6.5.13 regression: BUG: kernel NULL pointer dereference, address: 0000000000000020
2023-11-28 22:48 ` Dan Moulding
@ 2023-11-29 18:59 ` Gustavo A. R. Silva
0 siblings, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2023-11-29 18:59 UTC (permalink / raw)
To: Dan Moulding, sam; +Cc: linux-hardening, linux-kernel, stable, toralf.foerster
> the kernel source. But a quick (and possibly imperfect) grepping seems
> to show that struct neighbor was the only one used with
> __randomize_layout. So, I *think* it might be the only one that could
> cause a problem with the recent change to the randomize_layout plugin.
Yeah, I can confirm we don't currently have any other fake flex array
in a struct with __randomize_layout. :)
--
Gustavo
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-11-29 18:59 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <2b5d6cd4-0afb-4193-ab88-235f910a7293@gmx.de>
2023-11-28 21:30 ` 6.5.13 regression: BUG: kernel NULL pointer dereference, address: 0000000000000020 dan
2023-11-28 21:42 ` Sam James
2023-11-28 22:48 ` Dan Moulding
2023-11-29 18:59 ` Gustavo A. R. Silva
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox