Found this on Intel 5.13 5.13.0-1004.4
** Also affects: linux-intel-5.13 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-intel-5.13 (Ubuntu)
Status: New => Invalid
** Changed in: linux-intel-5.13 (Ubuntu Focal)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-intel-5.13 in Ubuntu.
https://bugs.launchpad.net/bugs/1942498
Title:
can_bcm01 from can in ubuntu_ltp_stable crash system on F-OEM-5.13
Status in ubuntu-kernel-tests:
New
Status in linux-intel-5.13 package in Ubuntu:
Invalid
Status in linux-signed-oem-5.13 package in Ubuntu:
Invalid
Status in linux-intel-5.13 source package in Focal:
Confirmed
Status in linux-signed-oem-5.13 source package in Focal:
Fix Committed
Bug description:
It looks like this is a test case for CVE-2021-3609
This issue does not exist in the last cycle for OEM 5.13.0-1010 as
this test case does not exist back then.
can_bcm01 test in ubuntu_ltp_stable/can will trigger the following error on
5.13.0-1011-oem and crash the system:
Sep 3 04:30:20 spitfire kernel: [ 324.458389] LTP: starting can_bcm01
Sep 3 04:30:20 spitfire kernel: [ 324.474313] vcan: Virtual CAN interface
driver
Sep 3 04:30:20 spitfire systemd-networkd[1967]: ltp_vcan0: Link UP
Sep 3 04:30:20 spitfire networkd-dispatcher[2025]: WARNING:Unknown index 4
seen, reloading interface list
Sep 3 04:30:20 spitfire systemd-networkd[1967]: ltp_vcan0: Gained carrier
Sep 3 04:30:20 spitfire systemd-udevd[4596]: ethtool: autonegotiation is
unset or enabled, the speed and duplex are not writable.
Sep 3 04:30:20 spitfire systemd-udevd[4596]: Using default interface naming
scheme 'v245'.
Sep 3 04:30:20 spitfire kernel: [ 324.483778] can: controller area network
core
Sep 3 04:30:20 spitfire kernel: [ 324.483819] NET: Registered protocol
family 29
Sep 3 04:30:20 spitfire kernel: [ 324.491947] can: broadcast manager
protocol
Sep 3 04:30:20 spitfire kernel: [ 324.515859] ------------[ cut here
]------------
Sep 3 04:30:20 spitfire kernel: [ 324.515863] WARNING: CPU: 7 PID: 4591 at
lib/timerqueue.c:55 timerqueue_del+0x43/0x50
Sep 3 04:30:20 spitfire kernel: [ 324.515877] Modules linked in: can_bcm
can vcan nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua
intel_rapl_msr intel_rapl_common i10nm_edac nfit x86_pkg_temp_thermal
intel_powerclamp coretemp kvm_intel kvm ipmi_ssif rapl joydev input_leds
efi_pstore isst_if_mbox_pci isst_if_mmio isst_if_common mei_me
intel_pch_thermal mei ioatdma acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler
acpi_power_meter acpi_pad mac_hid sch_fq_codel msr ip_tables x_tables autofs4
btrfs blake2b_generic zstd_compress raid10 raid456 async_raid6_recov
async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0
multipath linear hid_generic usbhid hid crct10dif_pclmul ast crc32_pclmul
drm_vram_helper i2c_algo_bit drm_ttm_helper ttm ghash_clmulni_intel
drm_kms_helper aesni_intel syscopyarea ixgbe sysfillrect sysimgblt fb_sys_fops
crypto_simd cec xfrm_algo rc_core cryptd dca drm mdio ahci i2c_i801 xhci_pci
i2c_smbus xhci_pci_renesas intel_pmt libahci wmi
Sep 3 04:30:20 spitfire kernel: [ 324.515953] CPU: 7 PID: 4591 Comm:
can_bcm01 Not tainted 5.13.0-1011-oem #15-Ubuntu
Sep 3 04:30:20 spitfire kernel: [ 324.515957] Hardware name: Intel
Corporation M50CYP2SB2U/M50CYP2SB2U, BIOS SE5C6200.86B.0021.D40.2101090208
01/09/2021
Sep 3 04:30:20 spitfire kernel: [ 324.515959] RIP:
0010:timerqueue_del+0x43/0x50
Sep 3 04:30:20 spitfire kernel: [ 324.515965] Code: 48 89 df e8 ef c5 ff ff
49 89 44 24 08 4c 89 e6 48 89 df e8 9f be ff ff 48 89 1b 49 8b 04 24 5b 41 5c
48 85 c0 5d 0f 95 c0 c3 <0f> 0b eb cb cc cc cc cc cc cc cc cc cc 48 8b 07 45 31
c0 48 83 c0
Sep 3 04:30:20 spitfire kernel: [ 324.515968] RSP: 0018:ff46f753c8917d40
EFLAGS: 00010046
Sep 3 04:30:20 spitfire kernel: [ 324.515972] RAX: 0000000000000001 RBX:
ff3a23c5110cae50 RCX: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.515974] RDX: 0000000000000000 RSI:
ff3a23c5110cae50 RDI: ff3a23cc5f85f260
Sep 3 04:30:20 spitfire kernel: [ 324.515975] RBP: ff46f753c8917d50 R08:
ffffffffa3ce6048 R09: ff3a23c51bc84e40
Sep 3 04:30:20 spitfire kernel: [ 324.515977] R10: 0000000000000008 R11:
ff3a23c54ea21a10 R12: ff3a23cc5f85f260
Sep 3 04:30:20 spitfire kernel: [ 324.515979] R13: 0000000000000000 R14:
ff3a23cc5f85f100 R15: ff3a23c54ea2df10
Sep 3 04:30:20 spitfire kernel: [ 324.515980] FS: 00007f196de15740(0000)
GS:ff3a23cc5f3c0000(0000) knlGS:0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.515983] CS: 0010 DS: 0000 ES: 0000
CR0: 0000000080050033
Sep 3 04:30:20 spitfire kernel: [ 324.515984] CR2: 00007f196e008fec CR3:
000000010ea66003 CR4: 0000000000771ee0
Sep 3 04:30:20 spitfire kernel: [ 324.515986] DR0: 0000000000000000 DR1:
0000000000000000 DR2: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.515988] DR3: 0000000000000000 DR6:
00000000fffe0ff0 DR7: 0000000000000400
Sep 3 04:30:20 spitfire kernel: [ 324.515990] PKRU: 55555554
Sep 3 04:30:20 spitfire kernel: [ 324.515992] Call Trace:
Sep 3 04:30:20 spitfire kernel: [ 324.515997] __remove_hrtimer+0x3c/0x90
Sep 3 04:30:20 spitfire kernel: [ 324.516007]
hrtimer_try_to_cancel+0xb7/0xf0
Sep 3 04:30:20 spitfire kernel: [ 324.516011] hrtimer_cancel+0x15/0x20
Sep 3 04:30:20 spitfire kernel: [ 324.516015] bcm_remove_op+0x17/0x70
[can_bcm]
Sep 3 04:30:20 spitfire kernel: [ 324.516020] bcm_release+0x13c/0x250
[can_bcm]
Sep 3 04:30:20 spitfire kernel: [ 324.516024] __sock_release+0x42/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.516033] sock_close+0x15/0x20
Sep 3 04:30:20 spitfire kernel: [ 324.516036] __fput+0x9c/0x250
Sep 3 04:30:20 spitfire kernel: [ 324.516042] ____fput+0xe/0x10
Sep 3 04:30:20 spitfire kernel: [ 324.516044] task_work_run+0x70/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.516052]
exit_to_user_mode_prepare+0x1c8/0x1d0
Sep 3 04:30:20 spitfire kernel: [ 324.516059]
syscall_exit_to_user_mode+0x27/0x50
Sep 3 04:30:20 spitfire kernel: [ 324.516069] ? __x64_sys_close+0x12/0x40
Sep 3 04:30:20 spitfire kernel: [ 324.516075] do_syscall_64+0x4d/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.516080]
entry_SYSCALL_64_after_hwframe+0x44/0xae
Sep 3 04:30:20 spitfire kernel: [ 324.516085] RIP: 0033:0x7f196e01e3fb
Sep 3 04:30:20 spitfire kernel: [ 324.516087] Code: 03 00 00 00 0f 05 48 3d
00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 f3 fb ff ff 8b 7c 24 0c 41 89
c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 2f 44 89 c7 89 44 24 0c e8 31 fc
ff ff 8b 44
Sep 3 04:30:20 spitfire kernel: [ 324.516091] RSP: 002b:00007ffc668ceb30
EFLAGS: 00000293 ORIG_RAX: 0000000000000003
Sep 3 04:30:20 spitfire kernel: [ 324.516094] RAX: 0000000000000000 RBX:
0000000000000004 RCX: 00007f196e01e3fb
Sep 3 04:30:20 spitfire kernel: [ 324.516095] RDX: 0000000000000000 RSI:
0000000000000072 RDI: 0000000000000004
Sep 3 04:30:20 spitfire kernel: [ 324.516097] RBP: 000056437d62e065 R08:
0000000000000000 R09: 0000000000000144
Sep 3 04:30:20 spitfire kernel: [ 324.516099] R10: 00007ffc669ab1b0 R11:
0000000000000293 R12: 00007ffc668cee18
Sep 3 04:30:20 spitfire kernel: [ 324.516100] R13: 0000000000000000 R14:
0000000000000072 R15: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516103] ---[ end trace
388c8dba4a6fb81b ]---
Sep 3 04:30:20 spitfire kernel: [ 324.516481] ------------[ cut here
]------------
Sep 3 04:30:20 spitfire kernel: [ 324.516485] WARNING: CPU: 25 PID: 4602 at
arch/x86/include/asm/kfence.h:44 kfence_protect_page+0x33/0xc0
Sep 3 04:30:20 spitfire kernel: [ 324.516498] Modules linked in: can_bcm
can vcan nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua
intel_rapl_msr intel_rapl_common i10nm_edac nfit x86_pkg_temp_thermal
intel_powerclamp coretemp kvm_intel kvm ipmi_ssif rapl joydev input_leds
efi_pstore isst_if_mbox_pci isst_if_mmio isst_if_common mei_me
intel_pch_thermal mei ioatdma acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler
acpi_power_meter acpi_pad mac_hid sch_fq_codel msr ip_tables x_tables autofs4
btrfs blake2b_generic zstd_compress raid10 raid456 async_raid6_recov
async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0
multipath linear hid_generic usbhid hid crct10dif_pclmul ast crc32_pclmul
drm_vram_helper i2c_algo_bit drm_ttm_helper ttm ghash_clmulni_intel
drm_kms_helper aesni_intel syscopyarea ixgbe sysfillrect sysimgblt fb_sys_fops
crypto_simd cec xfrm_algo rc_core cryptd dca drm mdio ahci i2c_i801 xhci_pci
i2c_smbus xhci_pci_renesas intel_pmt libahci wmi
Sep 3 04:30:20 spitfire kernel: [ 324.516582] CPU: 25 PID: 4602 Comm:
can_bcm01 Tainted: G W 5.13.0-1011-oem #15-Ubuntu
Sep 3 04:30:20 spitfire kernel: [ 324.516587] Hardware name: Intel
Corporation M50CYP2SB2U/M50CYP2SB2U, BIOS SE5C6200.86B.0021.D40.2101090208
01/09/2021
Sep 3 04:30:20 spitfire kernel: [ 324.516589] RIP:
0010:kfence_protect_page+0x33/0xc0
Sep 3 04:30:20 spitfire kernel: [ 324.516594] Code: 53 89 f3 48 8d 75 e4 48
83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 45 e8 31 c0 e8 98 1f da ff 48 85 c0
74 06 83 7d e4 01 74 06 <0f> 0b 31 c0 eb 39 48 8b 38 48 89 c2 84 db 75 47 48 89
f8 0f 1f 40
Sep 3 04:30:20 spitfire kernel: [ 324.516598] RSP: 0018:ff46f753c6ff0ae8
EFLAGS: 00010046
Sep 3 04:30:20 spitfire kernel: [ 324.516602] RAX: 0000000000000000 RBX:
0000000000000000 RCX: ffffffffa3a10000
Sep 3 04:30:20 spitfire kernel: [ 324.516604] RDX: ff46f753c6ff0aec RSI:
0000000000000000 RDI: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516606] RBP: ff46f753c6ff0b08 R08:
0000000000000000 R09: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516608] R10: 0000000000000000 R11:
0000000000000000 R12: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516610] R13: 0000000000000000 R14:
ff46f753c6ff0c58 R15: ff3a23c50a37fb40
Sep 3 04:30:20 spitfire kernel: [ 324.516612] FS: 00007f196de14700(0000)
GS:ff3a23cc5f840000(0000) knlGS:0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516615] CS: 0010 DS: 0000 ES: 0000
CR0: 0000000080050033
Sep 3 04:30:20 spitfire kernel: [ 324.516617] CR2: 0000000000000008 CR3:
000000010ea66006 CR4: 0000000000771ee0
Sep 3 04:30:20 spitfire kernel: [ 324.516619] DR0: 0000000000000000 DR1:
0000000000000000 DR2: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516621] DR3: 0000000000000000 DR6:
00000000fffe0ff0 DR7: 0000000000000400
Sep 3 04:30:20 spitfire kernel: [ 324.516622] PKRU: 55555554
Sep 3 04:30:20 spitfire kernel: [ 324.516624] Call Trace:
Sep 3 04:30:20 spitfire kernel: [ 324.516626] <IRQ>
Sep 3 04:30:20 spitfire kernel: [ 324.516630] kfence_unprotect+0x17/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.516635]
kfence_handle_page_fault+0x97/0x250
Sep 3 04:30:20 spitfire kernel: [ 324.516641] page_fault_oops+0xa0/0x2a0
Sep 3 04:30:20 spitfire kernel: [ 324.516647] ? scheduler_tick+0xf8/0x260
Sep 3 04:30:20 spitfire kernel: [ 324.516654]
do_user_addr_fault+0x2f4/0x640
Sep 3 04:30:20 spitfire kernel: [ 324.516658] exc_page_fault+0x7d/0x170
Sep 3 04:30:20 spitfire kernel: [ 324.516666] asm_exc_page_fault+0x1e/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.516671] RIP:
0010:rb_insert_color+0x14/0x120
Sep 3 04:30:20 spitfire kernel: [ 324.516678] Code: c0 75 eb 4c 89 c0 c3 45
31 c0 eb f7 66 2e 0f 1f 84 00 00 00 00 00 48 8b 07 48 85 c0 0f 84 b0 00 00 00
48 8b 10 f6 c2 01 75 5b <48> 8b 4a 08 48 39 c1 74 53 48 85 c9 74 05 f6 01 01 74
72 48 8b 48
Sep 3 04:30:20 spitfire kernel: [ 324.516681] RSP: 0018:ff46f753c6ff0d08
EFLAGS: 00010046
Sep 3 04:30:20 spitfire kernel: [ 324.516684] RAX: ff3a23c5110cae50 RBX:
ff3a23cc5f85f240 RCX: ff3a23c5110cae58
Sep 3 04:30:20 spitfire kernel: [ 324.516687] RDX: 0000000000000000 RSI:
ff3a23cc5f85f260 RDI: ff3a23c5110cd450
Sep 3 04:30:20 spitfire kernel: [ 324.516688] RBP: ff46f753c6ff0d20 R08:
000000000001f100 R09: ff3a23c516032800
Sep 3 04:30:20 spitfire kernel: [ 324.516691] R10: ff3a23c518b18090 R11:
ff3a23c5209d3cd4 R12: ff3a23c5110cd450
Sep 3 04:30:20 spitfire kernel: [ 324.516692] R13: 0000000000000000 R14:
0000000000000005 R15: ff3a23cc5f85f240
Sep 3 04:30:20 spitfire kernel: [ 324.516697] ? timerqueue_add+0x6e/0xc0
Sep 3 04:30:20 spitfire kernel: [ 324.516702] enqueue_hrtimer+0x39/0x70
Sep 3 04:30:20 spitfire kernel: [ 324.516708]
hrtimer_start_range_ns+0x196/0x2f0
Sep 3 04:30:20 spitfire kernel: [ 324.516714] bcm_rx_handler+0x112/0x160
[can_bcm]
Sep 3 04:30:20 spitfire kernel: [ 324.516721] can_rcv_filter+0x10d/0x1d0
[can]
Sep 3 04:30:20 spitfire kernel: [ 324.516726] can_receive+0x71/0xd0 [can]
Sep 3 04:30:20 spitfire kernel: [ 324.516731] can_rcv+0x35/0x70 [can]
Sep 3 04:30:20 spitfire kernel: [ 324.516736]
__netif_receive_skb_one_core+0x8c/0xa0
Sep 3 04:30:20 spitfire kernel: [ 324.516745] __netif_receive_skb+0x18/0x60
Sep 3 04:30:20 spitfire kernel: [ 324.516749] process_backlog+0xa9/0x160
Sep 3 04:30:20 spitfire kernel: [ 324.516754] __napi_poll+0x2e/0x140
Sep 3 04:30:20 spitfire kernel: [ 324.516758] net_rx_action+0x23f/0x290
Sep 3 04:30:20 spitfire kernel: [ 324.516762] __do_softirq+0xdd/0x29b
Sep 3 04:30:20 spitfire kernel: [ 324.516768] do_softirq+0x66/0x80
Sep 3 04:30:20 spitfire kernel: [ 324.516775] </IRQ>
Sep 3 04:30:20 spitfire kernel: [ 324.516777] netif_rx_ni+0x9b/0xa0
Sep 3 04:30:20 spitfire kernel: [ 324.516781] can_send+0x151/0x240 [can]
Sep 3 04:30:20 spitfire kernel: [ 324.516786] bcm_sendmsg+0x466/0x554
[can_bcm]
Sep 3 04:30:20 spitfire kernel: [ 324.516791] sock_sendmsg+0x65/0x70
Sep 3 04:30:20 spitfire kernel: [ 324.516797] ____sys_sendmsg+0x218/0x290
Sep 3 04:30:20 spitfire kernel: [ 324.516801] ?
copy_msghdr_from_user+0x5c/0x90
Sep 3 04:30:20 spitfire kernel: [ 324.516806] ? do_set_pte+0xc8/0x140
Sep 3 04:30:20 spitfire kernel: [ 324.516814] ?
__unlock_page_memcg+0x25/0x60
Sep 3 04:30:20 spitfire kernel: [ 324.516822] ___sys_sendmsg+0x81/0xc0
Sep 3 04:30:20 spitfire kernel: [ 324.516826] ?
trigger_load_balance+0x15f/0x2f0
Sep 3 04:30:20 spitfire kernel: [ 324.516832] ? scheduler_tick+0xf8/0x260
Sep 3 04:30:20 spitfire kernel: [ 324.516835] ? rcu_advance_cbs+0x21/0x50
Sep 3 04:30:20 spitfire kernel: [ 324.516842] ?
__note_gp_changes+0x133/0x140
Sep 3 04:30:20 spitfire kernel: [ 324.516846] ? __fget_files+0x56/0x80
Sep 3 04:30:20 spitfire kernel: [ 324.516853] ? __fget_light+0x62/0x80
Sep 3 04:30:20 spitfire kernel: [ 324.516857] __sys_sendmsg+0x62/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.516862] ?
exit_to_user_mode_prepare+0x41/0x1d0
Sep 3 04:30:20 spitfire kernel: [ 324.516867] __x64_sys_sendmsg+0x1f/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.516872] do_syscall_64+0x40/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.516877]
entry_SYSCALL_64_after_hwframe+0x44/0xae
Sep 3 04:30:20 spitfire kernel: [ 324.516880] RIP: 0033:0x7f196e01f12d
Sep 3 04:30:20 spitfire kernel: [ 324.516883] Code: 28 89 54 24 1c 48 89 74
24 10 89 7c 24 08 e8 ca ee ff ff 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24
08 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 2f 44 89 c7 48 89 44 24 08 e8 fe
ee ff ff 48
Sep 3 04:30:20 spitfire kernel: [ 324.516886] RSP: 002b:00007f196de13dc0
EFLAGS: 00000246 ORIG_RAX: 000000000000002e
Sep 3 04:30:20 spitfire kernel: [ 324.516889] RAX: ffffffffffffffda RBX:
0000000000000003 RCX: 00007f196e01f12d
Sep 3 04:30:20 spitfire kernel: [ 324.516891] RDX: 0000000000000000 RSI:
00007f196de13e60 RDI: 0000000000000003
Sep 3 04:30:20 spitfire kernel: [ 324.516892] RBP: 00007f196de13e60 R08:
0000000000000002 R09: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516894] R10: 00007ffc669ab1b0 R11:
0000000000000246 R12: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516895] R13: 0000000000000048 R14:
000056437d62e065 R15: 0000000000000052
Sep 3 04:30:20 spitfire kernel: [ 324.516899] ---[ end trace
388c8dba4a6fb81c ]---
Sep 3 04:30:20 spitfire kernel: [ 324.516905] ------------[ cut here
]------------
Sep 3 04:30:20 spitfire kernel: [ 324.516906] WARNING: CPU: 25 PID: 4602 at
mm/kfence/core.c:135 kfence_unprotect+0x1d/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.516912] Modules linked in: can_bcm
can vcan nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua
intel_rapl_msr intel_rapl_common i10nm_edac nfit x86_pkg_temp_thermal
intel_powerclamp coretemp kvm_intel kvm ipmi_ssif rapl joydev input_leds
efi_pstore isst_if_mbox_pci isst_if_mmio isst_if_common mei_me
intel_pch_thermal mei ioatdma acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler
acpi_power_meter acpi_pad mac_hid sch_fq_codel msr ip_tables x_tables autofs4
btrfs blake2b_generic zstd_compress raid10 raid456 async_raid6_recov
async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0
multipath linear hid_generic usbhid hid crct10dif_pclmul ast crc32_pclmul
drm_vram_helper i2c_algo_bit drm_ttm_helper ttm ghash_clmulni_intel
drm_kms_helper aesni_intel syscopyarea ixgbe sysfillrect sysimgblt fb_sys_fops
crypto_simd cec xfrm_algo rc_core cryptd dca drm mdio ahci i2c_i801 xhci_pci
i2c_smbus xhci_pci_renesas intel_pmt libahci wmi
Sep 3 04:30:20 spitfire kernel: [ 324.516981] CPU: 25 PID: 4602 Comm:
can_bcm01 Tainted: G W 5.13.0-1011-oem #15-Ubuntu
Sep 3 04:30:20 spitfire kernel: [ 324.516983] Hardware name: Intel
Corporation M50CYP2SB2U/M50CYP2SB2U, BIOS SE5C6200.86B.0021.D40.2101090208
01/09/2021
Sep 3 04:30:20 spitfire kernel: [ 324.516985] RIP:
0010:kfence_unprotect+0x1d/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.516989] Code: e8 08 fd ff ff 5d c3 66
0f 1f 44 00 00 0f 1f 44 00 00 55 48 81 e7 00 f0 ff ff 31 f6 48 89 e5 e8 f9 fb
ff ff 84 c0 74 02 5d c3 <0f> 0b c6 05 aa 7d 67 01 00 5d c3 0f 1f 84 00 00 00 00
00 0f 1f 44
Sep 3 04:30:20 spitfire kernel: [ 324.516992] RSP: 0018:ff46f753c6ff0b18
EFLAGS: 00010046
Sep 3 04:30:20 spitfire kernel: [ 324.516994] RAX: 0000000000000000 RBX:
0000000000000000 RCX: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516995] RDX: ff46f753c6ff0aec RSI:
0000000000000000 RDI: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516997] RBP: ff46f753c6ff0b18 R08:
0000000000000000 R09: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.516998] R10: 0000000000000000 R11:
0000000000000000 R12: 0000000000000008
Sep 3 04:30:20 spitfire kernel: [ 324.517000] R13: 0000000000000000 R14:
ff46f753c6ff0c58 R15: ff3a23c50a37fb40
Sep 3 04:30:20 spitfire kernel: [ 324.517001] FS: 00007f196de14700(0000)
GS:ff3a23cc5f840000(0000) knlGS:0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.517003] CS: 0010 DS: 0000 ES: 0000
CR0: 0000000080050033
Sep 3 04:30:20 spitfire kernel: [ 324.517005] CR2: 0000000000000008 CR3:
000000010ea66006 CR4: 0000000000771ee0
Sep 3 04:30:20 spitfire kernel: [ 324.517007] DR0: 0000000000000000 DR1:
0000000000000000 DR2: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.517009] DR3: 0000000000000000 DR6:
00000000fffe0ff0 DR7: 0000000000000400
Sep 3 04:30:20 spitfire kernel: [ 324.517011] PKRU: 55555554
Sep 3 04:30:20 spitfire kernel: [ 324.517012] Call Trace:
Sep 3 04:30:20 spitfire kernel: [ 324.517013] <IRQ>
Sep 3 04:30:20 spitfire kernel: [ 324.517015]
kfence_handle_page_fault+0x97/0x250
Sep 3 04:30:20 spitfire kernel: [ 324.517020] page_fault_oops+0xa0/0x2a0
Sep 3 04:30:20 spitfire kernel: [ 324.517023] ? scheduler_tick+0xf8/0x260
Sep 3 04:30:20 spitfire kernel: [ 324.517026]
do_user_addr_fault+0x2f4/0x640
Sep 3 04:30:20 spitfire kernel: [ 324.517029] exc_page_fault+0x7d/0x170
Sep 3 04:30:20 spitfire kernel: [ 324.517034] asm_exc_page_fault+0x1e/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.517037] RIP:
0010:rb_insert_color+0x14/0x120
Sep 3 04:30:20 spitfire kernel: [ 324.517042] Code: c0 75 eb 4c 89 c0 c3 45
31 c0 eb f7 66 2e 0f 1f 84 00 00 00 00 00 48 8b 07 48 85 c0 0f 84 b0 00 00 00
48 8b 10 f6 c2 01 75 5b <48> 8b 4a 08 48 39 c1 74 53 48 85 c9 74 05 f6 01 01 74
72 48 8b 48
Sep 3 04:30:20 spitfire kernel: [ 324.517044] RSP: 0018:ff46f753c6ff0d08
EFLAGS: 00010046
Sep 3 04:30:20 spitfire kernel: [ 324.517047] RAX: ff3a23c5110cae50 RBX:
ff3a23cc5f85f240 RCX: ff3a23c5110cae58
Sep 3 04:30:20 spitfire kernel: [ 324.517049] RDX: 0000000000000000 RSI:
ff3a23cc5f85f260 RDI: ff3a23c5110cd450
Sep 3 04:30:20 spitfire kernel: [ 324.517051] RBP: ff46f753c6ff0d20 R08:
000000000001f100 R09: ff3a23c516032800
Sep 3 04:30:20 spitfire kernel: [ 324.517053] R10: ff3a23c518b18090 R11:
ff3a23c5209d3cd4 R12: ff3a23c5110cd450
Sep 3 04:30:20 spitfire kernel: [ 324.517055] R13: 0000000000000000 R14:
0000000000000005 R15: ff3a23cc5f85f240
Sep 3 04:30:20 spitfire kernel: [ 324.517058] ? timerqueue_add+0x6e/0xc0
Sep 3 04:30:20 spitfire kernel: [ 324.517063] enqueue_hrtimer+0x39/0x70
Sep 3 04:30:20 spitfire kernel: [ 324.517067]
hrtimer_start_range_ns+0x196/0x2f0
Sep 3 04:30:20 spitfire kernel: [ 324.517071] bcm_rx_handler+0x112/0x160
[can_bcm]
Sep 3 04:30:20 spitfire kernel: [ 324.517076] can_rcv_filter+0x10d/0x1d0
[can]
Sep 3 04:30:20 spitfire kernel: [ 324.517080] can_receive+0x71/0xd0 [can]
Sep 3 04:30:20 spitfire kernel: [ 324.517085] can_rcv+0x35/0x70 [can]
Sep 3 04:30:20 spitfire kernel: [ 324.517089]
__netif_receive_skb_one_core+0x8c/0xa0
Sep 3 04:30:20 spitfire kernel: [ 324.517094] __netif_receive_skb+0x18/0x60
Sep 3 04:30:20 spitfire kernel: [ 324.517097] process_backlog+0xa9/0x160
Sep 3 04:30:20 spitfire kernel: [ 324.517102] __napi_poll+0x2e/0x140
Sep 3 04:30:20 spitfire kernel: [ 324.517106] net_rx_action+0x23f/0x290
Sep 3 04:30:20 spitfire kernel: [ 324.517111] __do_softirq+0xdd/0x29b
Sep 3 04:30:20 spitfire kernel: [ 324.517116] do_softirq+0x66/0x80
Sep 3 04:30:20 spitfire kernel: [ 324.517119] </IRQ>
Sep 3 04:30:20 spitfire kernel: [ 324.517120] netif_rx_ni+0x9b/0xa0
Sep 3 04:30:20 spitfire kernel: [ 324.517124] can_send+0x151/0x240 [can]
Sep 3 04:30:20 spitfire kernel: [ 324.517127] bcm_sendmsg+0x466/0x554
[can_bcm]
Sep 3 04:30:20 spitfire kernel: [ 324.517132] sock_sendmsg+0x65/0x70
Sep 3 04:30:20 spitfire kernel: [ 324.517136] ____sys_sendmsg+0x218/0x290
Sep 3 04:30:20 spitfire kernel: [ 324.517140] ?
copy_msghdr_from_user+0x5c/0x90
Sep 3 04:30:20 spitfire kernel: [ 324.517144] ? do_set_pte+0xc8/0x140
Sep 3 04:30:20 spitfire kernel: [ 324.517148] ?
__unlock_page_memcg+0x25/0x60
Sep 3 04:30:20 spitfire kernel: [ 324.517153] ___sys_sendmsg+0x81/0xc0
Sep 3 04:30:20 spitfire kernel: [ 324.517157] ?
trigger_load_balance+0x15f/0x2f0
Sep 3 04:30:20 spitfire kernel: [ 324.517160] ? scheduler_tick+0xf8/0x260
Sep 3 04:30:20 spitfire kernel: [ 324.517163] ? rcu_advance_cbs+0x21/0x50
Sep 3 04:30:20 spitfire kernel: [ 324.517167] ?
__note_gp_changes+0x133/0x140
Sep 3 04:30:20 spitfire kernel: [ 324.517171] ? __fget_files+0x56/0x80
Sep 3 04:30:20 spitfire kernel: [ 324.517175] ? __fget_light+0x62/0x80
Sep 3 04:30:20 spitfire kernel: [ 324.517178] __sys_sendmsg+0x62/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.517183] ?
exit_to_user_mode_prepare+0x41/0x1d0
Sep 3 04:30:20 spitfire kernel: [ 324.517187] __x64_sys_sendmsg+0x1f/0x30
Sep 3 04:30:20 spitfire kernel: [ 324.517191] do_syscall_64+0x40/0xb0
Sep 3 04:30:20 spitfire kernel: [ 324.517195]
entry_SYSCALL_64_after_hwframe+0x44/0xae
Sep 3 04:30:20 spitfire kernel: [ 324.517197] RIP: 0033:0x7f196e01f12d
Sep 3 04:30:20 spitfire kernel: [ 324.517199] Code: 28 89 54 24 1c 48 89 74
24 10 89 7c 24 08 e8 ca ee ff ff 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24
08 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 2f 44 89 c7 48 89 44 24 08 e8 fe
ee ff ff 48
Sep 3 04:30:20 spitfire kernel: [ 324.517201] RSP: 002b:00007f196de13dc0
EFLAGS: 00000246 ORIG_RAX: 000000000000002e
Sep 3 04:30:20 spitfire kernel: [ 324.517204] RAX: ffffffffffffffda RBX:
0000000000000003 RCX: 00007f196e01f12d
Sep 3 04:30:20 spitfire kernel: [ 324.517206] RDX: 0000000000000000 RSI:
00007f196de13e60 RDI: 0000000000000003
Sep 3 04:30:20 spitfire kernel: [ 324.517207] RBP: 00007f196de13e60 R08:
0000000000000002 R09: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.517208] R10: 00007ffc669ab1b0 R11:
0000000000000246 R12: 0000000000000000
Sep 3 04:30:20 spitfire kernel: [ 324.517210] R13: 0000000000000048 R14:
000056437d62e065 R15: 0000000000000052
Sep 3 04:30:20 spitfire kernel: [ 324.517213] ---[ end trace
388c8dba4a6fb81d ]---
Sep 3 04:30:20 spitfire kernel: [ 324.517216] BUG: kernel NULL pointer
dereference, address: 0000000000000008
Sep 3 04:30:20 spitfire kernel: [ 324.517266] #PF: supervisor read access
in kernel mode
Sep 3 04:30:20 spitfire kernel: [ 324.517293] #PF: error_code(0x0000) -
not-present page
Sep 3 04:30:20 spitfire kernel: [ 324.517319] PGD 11c6ea067 P4D 0
Sep 3 04:30:20 spitfire kernel: [ 324.517338] Oops: 0000 [#1] SMP NOPTI
Sep 3 04:30:20 spitfire kernel: [ 324.517360] CPU: 25 PID: 4602 Comm:
can_bcm01 Tainted: G W 5.13.0-1011-oem #15-Ubuntu
Sep 3 04:30:20 spitfire kernel: [ 324.517406] Hardware name: Intel
Corporation M50CYP2SB2U/M50CYP2SB2U, BIOS SE5C6200.86B.0021.D40.2101090208
01/09/2021
Sep 3 04:30:20 spitfire kernel: [ 324.517457] RIP:
0010:rb_insert_color+0x14/0x120
Sep 3 04:30:20 spitfire kernel: [ 324.517483] Code: c0 75 eb 4c 89 c0 c3 45
31 c0 eb f7 66 2e 0f 1f 84 00 00 00 00 00 48 8b 07 48 85 c0 0f 84 b0 00 00 00
48 8b 10 f6 c2 01 75 5b <48> 8b 4a 08 48 39 c1 74 53 48 85 c9 74 05 f6 01 01 74
72 48 8b 48
Test case: https://github.com/linux-test-
project/ltp/blob/master/testcases/network/can/cve/can_bcm01.c
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: linux-image-5.13.0-1011-oem 5.13.0-1011.15
ProcVersionSignature: User Name 5.13.0-1011.15-oem 5.13.1
Uname: Linux 5.13.0-1011-oem x86_64
ApportVersion: 2.20.11-0ubuntu27.18
Architecture: amd64
CasperMD5CheckResult: skip
Date: Fri Sep 3 04:28:35 2021
SourcePackage: linux-signed-oem-5.13
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1942498/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
