lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 5 Aug 2012 10:59:38 +0800
From:	Fengguang Wu <fengguang.wu@...el.com>
To:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:	Alan Stern <stern@...land.harvard.edu>,
	Oliver Neukum <oneukum@...e.de>,
	Bjørn Mork <bjorn@...k.no>,
	Sarah Sharp <sarah.a.sharp@...ux.intel.com>,
	linux-kernel@...r.kernel.org,
	"linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>
Subject: BUG: unable to handle kernel paging request in usb_match_id()

Hi all,

This line triggers an oops in kvm boot test:

usb_match_id():
==>      748         for (; id->idVendor || id->idProduct || id->bDeviceClass ||
         749                id->bInterfaceClass || id->driver_info; id++) {
         750                 if (usb_match_one_id(interface, id))
         751                         return id;
         752         }

It's an old bug and happens also in linux 3.0. It's very reproducible
for the attached config. I can send the initrd (yocto-minimal-i386.cgz)
on your request in private email.

[    4.365871]  gadget: notify speed 425984000
/bin/sh: /proc/self/fd/9: No such file or directory
[    4.365871] BUG: unable to handle kernel paging request at c1f91ca2
[    4.365871] IP: [<c14be7c3>] usb_match_id+0x5b/0xcd
[    4.365871] *pde = 023dc067 *pte = 01f91162 
[    4.365871] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
[    4.365871] Pid: 17, comm: khubd Not tainted 3.6.0-rc1-00011-gf8cdda8 #1  
[    4.365871] EIP: 0060:[<c14be7c3>] EFLAGS: 00010246 CPU: 1
[    4.365871] EIP is at usb_match_id+0x5b/0xcd
[    4.365871] EAX: c6a0c800 EBX: c1f91ca0 ECX: c14be835 EDX: c1f91ca0
[    4.365871] ESI: c6a0c800 EDI: 00000000 EBP: cd4bfd6c ESP: cd4bfd64
[    4.365871]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[    4.365871] CR0: 8005003b CR2: c1f91ca2 CR3: 069f1000 CR4: 00000690
[    4.365871] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[    4.365871] DR6: ffff0ff0 DR7: 00000400
[    4.365871] Process khubd (pid: 17, ti=cd4be000 task=cd4c8000 task.ti=cd4be000)
[    4.365871] Stack:
[    4.365871]  c1d42710 c6a0c800 cd4bfd7c c14be8b7 c6a0c81c c6a0c81c cd4bfd88 c13bc374
[    4.365871]  c1d42710 cd4bfd98 c13bd4b9 cd4bfda0 c6a0c81c cd4bfdb4 c13baa17 cd48976c
[    4.365871]  c695e1b8 c6a0c81c c1d36234 c6a0c81c cd4bfdc8 c13bcb4a c13bd49d c6a0c81c
[    4.365871] Call Trace:
[    4.365871]  [<c14be8b7>] usb_device_match+0x82/0xd7
[    4.365871]  [<c13bc374>] driver_match_device+0x32/0x4a
[    4.365871]  [<c13bd4b9>] __device_attach+0x1c/0x5b
[    4.365871]  [<c13baa17>] bus_for_each_drv+0x82/0x11e
[    4.365871]  [<c13bcb4a>] device_attach+0xb4/0xf8
[    4.365871]  [<c13bd49d>] ? __driver_attach+0xed/0xed
[    4.365871]  [<c13bad5d>] bus_probe_device+0x50/0x116
[    4.365871]  [<c13b858e>] device_add+0x849/0xaf9
[    4.365871]  [<c19e343f>] ? mutex_lock+0x39/0x6e
[    4.365871]  [<c14bd8f9>] usb_set_configuration+0xa07/0xa91
[    4.365871]  [<c14c9b41>] generic_probe+0xaa/0x109
[    4.365871]  [<c14bdc54>] usb_probe_device+0x1a/0x2a
[    4.365871]  [<c13bd16f>] driver_probe_device+0x180/0x3c1
[    4.365871]  [<c13bd4e2>] __device_attach+0x45/0x5b
[    4.365871]  [<c13baa17>] bus_for_each_drv+0x82/0x11e
[    4.365871]  [<c13bcb4a>] device_attach+0xb4/0xf8
[    4.365871]  [<c13bd49d>] ? __driver_attach+0xed/0xed
[    4.365871]  [<c13bad5d>] bus_probe_device+0x50/0x116
[    4.365871]  [<c13b858e>] device_add+0x849/0xaf9
[    4.365871]  [<c13917a3>] ? add_device_randomness+0xa1/0xb5
[    4.365871]  [<c14b0c21>] usb_new_device+0x329/0x488
[    4.365871]  [<c14b43cd>] hub_thread+0x1239/0x196e
[    4.365871]  [<c19e6546>] ? _raw_spin_unlock_irqrestore+0x66/0xab
[    4.365871]  [<c10c8d53>] ? abort_exclusive_wait+0xd6/0xd6
[    4.365871]  [<c10c7d81>] kthread+0xa2/0xb5
[    4.365871]  [<c14b3194>] ? usb_reset_device+0x217/0x217
[    4.365871]  [<c10c7cdf>] ? list_del_init+0x2f/0x2f
[    4.365871]  [<c19e7af6>] kernel_thread_helper+0x6/0xd
[    4.365871] Code: da 89 f0 e8 78 fe ff ff 83 05 18 14 1f c2 01 83 15 1c 14 1f c2 00 85 c0 75 7d 83 c3 18 83 05 20 14 1f c2 01 83 15 24 14 1f c2 00 <66> 83 7b 02 00 75 cd 83 05 28 14 1f c2 01 83 15 2c 14 1f c2 00
[    4.365871] EIP: [<c14be7c3>] usb_match_id+0x5b/0xcd SS:ESP 0068:cd4bfd64
[    4.365871] CR2: 00000000c1f91ca2

Thanks,
Fengguang

View attachment "dmesg-kvm-ironlake-audio-3097-2012-08-04-20-44-03" of type "text/plain" (51928 bytes)

View attachment "config-3.6.0-rc1-00011-gf8cdda8" of type "text/plain" (67209 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ