Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp1191651rwd; Wed, 7 Jun 2023 12:24:31 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7/zO1oukf1ovM4kCuRe6UlbVi65YVa9YP1GF3m97IsIha1fLR5Mh6tFoAvTmfRC4n4idYU X-Received: by 2002:a05:6a00:99b:b0:645:ac97:5295 with SMTP id u27-20020a056a00099b00b00645ac975295mr5544034pfg.9.1686165870877; Wed, 07 Jun 2023 12:24:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686165870; cv=none; d=google.com; s=arc-20160816; b=ZAc6Bq+BYt/6mpRGc7lZB9KUxqzkLRaL4/hT5Nr5OrD5PKYCHtLNu84Du0mXrdLdXn NnMOfPUecwTa34G81S13IrNSxHHrpK/O/WjApin+dRWVZY8C5/nIZ48oBS8Ya7cWqRfC nAesBH400bNESayapMES5SFH7D1z+3QuC5p7crk6JE7T+zs6Z0LvZ1ghfCnZg4miBwy2 Fxa8SvB1j5n7EM4puiks7+7uj5V1kLoEAfPTCGtWlbTbtsjTzbQUYo9xks1yabgMQzWZ 5ATKAnrZ4oeIf37FCzq2SV7txu7hG+Nubbm9FqVv5cfTfFZC5YAB/jbAQrbI69GYYozh X7nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=8MO8idHjGgHobSj2+y8L7jZ0lTI1b+AM3qlVbDTHoEw=; b=flKZnkoUeG7X8sufrI9sEKH/4lURlXlsi8r7cJTQECfbAcjrl5oIfKOvJpSQCC4nN9 BUIDK1d4C9BoevxwfcAIaP4tzKUNQuW3Oy0wE9ISH6V0+sUyB59s/AjmyRsWHIrOh+4D kXrzLUl+5Dh6VstZohkcougu1hZLMEHrEuW27k0OkKC1vyTDNonmXRr12Ha2ffumiu2m PWh6s3hGBF2GC6v7f51V/lHyuQJwKobl1fE24EMJ9RcLNBsqEoTwZJhAXCx6vJor1uC/ g7/tCaLqDGmhRuWA9QZvOhDAMJp1mEmUJOzNYcNevvYkdQfFmqg1mpVnhV9e4knL/K/E IjOg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=l7PIGNLa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c29-20020a63725d000000b005347520b1b7si9286305pgn.436.2023.06.07.12.24.18; Wed, 07 Jun 2023 12:24:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=l7PIGNLa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232792AbjFGSg1 (ORCPT + 99 others); Wed, 7 Jun 2023 14:36:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50698 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232936AbjFGSgP (ORCPT ); Wed, 7 Jun 2023 14:36:15 -0400 Received: from mail-qv1-xf2f.google.com (mail-qv1-xf2f.google.com [IPv6:2607:f8b0:4864:20::f2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B2222703 for ; Wed, 7 Jun 2023 11:35:49 -0700 (PDT) Received: by mail-qv1-xf2f.google.com with SMTP id 6a1803df08f44-62613b2c8b7so78640686d6.1 for ; Wed, 07 Jun 2023 11:35:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1686162944; x=1688754944; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=8MO8idHjGgHobSj2+y8L7jZ0lTI1b+AM3qlVbDTHoEw=; b=l7PIGNLaNe8gpnf/YZ7Edx9UYXtsV67dV0Ugo24UM3bkzQMN51zevh7wJiYj40l/hh Qbp+Px0kgc7GFHPNdUmCapVc6RnCcU8GlWkqXG5uoiKshUBxFx2kW2lCwfdssl1RcPYJ nnPxslFYNkw4GLKZgbTEMeWEpL0A6LKNFauv9H3+suGpcnJSHTkSf2hYA7NaXPpoz47b a0YSGU/YlzKd/i9HnIf8Sqa+Ik/eVw1XFPkuqZpVR57kC06fojqpupEJbhhUMoIxF53Z +aY0wm/NG38QeRKTFAeLXoGlNMt0EJwO3YRvlQ0LpfqaWCksoBliyI1V3BruCbn2B32b CO6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686162944; x=1688754944; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8MO8idHjGgHobSj2+y8L7jZ0lTI1b+AM3qlVbDTHoEw=; b=anEarm4BEqAqysWh44HJyynixOdkMhhosUiNJWgV95SpqqUFpojIsy6S6bVlBL5S19 +G/CI5CTLakIrah7vRVwYFu+evZEAVkK8xvHfouJLT4q4jr0doICUuxpNxBrVN5Vb34Z TZhij2od9sTKA9wi+jMugQWpR1TdNypuHOWXeZFHi8SYwQjXMqUku7menKaXymUSrVNp C1el3jlPAaFgdIBmnDF/wQD9J9FDDnOFtcGN0CYP6zFUdsDB7GklYDDYKOCuzj7eHL91 Ln0bSA3jZVoquhXRMSkOl/Q+NQTyz4N8prQwrdQnCpXBkmWNOxJQjwv9FQ08jkbVFv8p a6kg== X-Gm-Message-State: AC+VfDzc66i6NDQRpiBJStoretJO9S9mD0zBvgzmTx2WWyGEVtM2nVm4 6HMSrPnAufo2uzt2Eyn3PHgB52NQ6YZoKwQeI+Glrw== X-Received: by 2002:a05:6214:260c:b0:623:8214:14c8 with SMTP id gu12-20020a056214260c00b00623821414c8mr4287841qvb.51.1686162944601; Wed, 07 Jun 2023 11:35:44 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Anders Roxell Date: Wed, 7 Jun 2023 20:35:34 +0200 Message-ID: Subject: Re: arm64: libgpiod: refcount_t: underflow; use-after-free. To: Bartosz Golaszewski Cc: Naresh Kamboju , Linux Media Mailing List , open list , "open list:GPIO SUBSYSTEM" , lkft-triage@lists.linaro.org, Andy Shevchenko , Ferry Toth , Linus Walleij , warthog618@gmail.com, Arnd Bergmann Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 22 Feb 2023 at 13:36, Bartosz Golaszewski wrote: > > On Mon, Feb 20, 2023 at 3:59 PM Naresh Kamboju > wrote: > > > > Following kernel warning notices on qemu-arm64, qemu-arm and also on devices > > running Linux version v6.2.0 while running libgpiod tests. > > > > I don't see it on v6.2 with libgpiod v1.6.4. Seeing the output of the > test script, it seems you're using an old version - what is it? Yes, I did run libgpiod v1.6.4 by mistake on todays next-20230607 tag. Not sure if I should or should not get the use-after-free warning by running the "wrong version" of a test suite or? > > > + ./gpiod.sh /opt/libgpiod/bin/ > > What's in gpiod.sh? its a wrapper script around gpiod-test [1] to parse the output to be understood by our test framework Cheers, Anders [1] https://github.com/Linaro/test-definitions/blob/master/automated/linux/gpiod/gpiod.sh > > Bart > > > [INFO] libgpiod test suite > > [INFO] 117 tests registered > > [INFO] checking the linux kernel version > > [INFO] kernel release is v6.2.0 - ok to run tests > > [INFO] using gpio-tools from '/usr/bin' > > [ 10.499036] ------------[ cut here ]------------ > > [ 10.499656] refcount_t: underflow; use-after-free. > > [ 10.500264] WARNING: CPU: 2 PID: 291 at lib/refcount.c:28 > > refcount_warn_saturate+0xf4/0x144 > > [ 10.501306] Modules linked in: gpio_mockup(-) cfg80211 bluetooth > > rfkill crct10dif_ce fuse drm > > [ 10.502364] CPU: 2 PID: 291 Comm: gpiod-test Not tainted 6.2.0 #1 > > [ 10.503229] Hardware name: linux,dummy-virt (DT) > > [ 10.503883] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) > > [ 10.505331] pc : refcount_warn_saturate+0xf4/0x144 > > [ 10.505723] lr : refcount_warn_saturate+0xf4/0x144 > > [ 10.506115] sp : ffff800008983cd0 > > [ 10.506391] x29: ffff800008983cd0 x28: ffff0000c4c4c100 x27: 0000000000000000 > > [ 10.506961] x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000 > > [ 10.507533] x23: 0000000000000200 x22: ffff0000c4e66800 x21: ffff0000c7734640 > > [ 10.508104] x20: 0000000000000001 x19: ffff0000c7734600 x18: ffffffffffffffff > > [ 10.508677] x17: 3d4d455453595342 x16: ffffcf0234432020 x15: ffff800088983957 > > [ 10.509424] x14: 0000000000000000 x13: 2e656572662d7265 x12: 7466612d65737520 > > [ 10.510003] x11: 3b776f6c66726564 x10: ffffcf02365db580 x9 : ffffcf0233b20138 > > [ 10.510575] x8 : 00000000ffffefff x7 : ffffcf02365db580 x6 : 0000000000000001 > > [ 10.511145] x5 : ffffcf023655f000 x4 : ffffcf023655f2e8 x3 : 0000000000000000 > > [ 10.511721] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000c4c4c100 > > [ 10.512294] Call trace: > > [ 10.512494] refcount_warn_saturate+0xf4/0x144 > > [ 10.512971] kobject_put+0x164/0x220 > > [ 10.513224] fwnode_remove_software_node+0x44/0x60 > > [ 10.513554] gpio_mockup_unregister_pdevs+0x54/0x70 [gpio_mockup] > > [ 10.513970] gpio_mockup_exit+0x10/0x328 [gpio_mockup] > > [ 10.514322] __arm64_sys_delete_module+0x190/0x2a0 > > [ 10.514653] invoke_syscall+0x50/0x120 > > [ 10.514915] el0_svc_common.constprop.0+0x104/0x124 > > [ 10.515277] do_el0_svc+0x44/0xcc > > [ 10.515541] el0_svc+0x30/0x94 > > [ 10.515788] el0t_64_sync_handler+0xbc/0x13c > > [ 10.516126] el0t_64_sync+0x190/0x194 > > [ 10.516419] ---[ end trace 0000000000000000 ]--- > > > > > > Build and test logs, > > https://qa-reports.linaro.org/lkft/linux-mainline-master/build/v6.2/testrun/14856342/suite/libgpiod/test/ctxless-get-value-single-line/log > > https://qa-reports.linaro.org/lkft/linux-mainline-master/build/v6.2/testrun/14856342/suite/libgpiod/tests/ > > > > > > -- > > Linaro LKFT > > https://lkft.linaro.org