lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sat, 22 Sep 2012 10:57:21 +0100
From:	Jonathan Cameron <jic23@...nel.org>
To:	Lars-Peter Clausen <lars@...afoo.de>
CC:	Peter Hüwe <PeterHuewe@....de>,
	Jonathan Cameron <jic23@....ac.uk>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	linux-iio@...r.kernel.org, devel@...verdev.osuosl.org,
	linux-kernel@...r.kernel.org
Subject: Re: OOPS/panic in iio_dummy (v3.6-rc6-176-gabef3bd)

On 09/22/2012 09:10 AM, Lars-Peter Clausen wrote:
> On 09/22/2012 04:13 AM, Peter Hüwe wrote:
>> Hi,
>>
>> loading iio_dummy results in kernel panic as the call to 
>> iio_buffer_register in iio_dummy_probe is performed with indio_dev->buffer == 
>> NULL and thus the access to indio_dev->buffer->attrs results in this 
>> oops/panic.
>>
>> Thanks,
>> Peter
>>
> 
> Hi,
> 
> I sent a patch or this a couple of days ago. See
> http://comments.gmane.org/gmane.linux.kernel.iio/5550
> 
> - Lars

Sorry, I'd completely forgotten that was queued up in my fixes branch.
As it's only in the dummy driver I've changed my mind and pulled it into
the togreg branch which will merge for 3.7. It's late in the cycle and
we are afterall talking about a fix for 'fake' hardware.

> 
> 
>> Steps to reproduce:
>>
>> #modprobe iio_dummy
>> iio_dummy: module is from the staging directory, the quality is unknown, you 
>> have been warned.
>>
>> Modules linked in: iio_dummy(C+) industrialio
>> Pid: 615, comm: modprobe Tainted: G         C   3.6.0-rc6-00180-g68d0383-dirty
>> RIP: 0033:[<00000000a089d846>]
>> RSP: 000000009f4ffd30  EFLAGS: 00010206
>> RAX: 0000000000000004 RBX: 00000000a08be6a0 RCX: 0000000000000000
>> RDX: 000000006036a320 RSI: 0000000000000008 RDI: 0000000000000000
>> RBP: 000000009f4ffda0 R08: 000000009f4ff900 R09: 0000000060406da8
>> R10: 000000000000004a R11: 0000000000000246 R12: 00000000602a58bc
>> R13: 0000000000000005 R14: 000000006005f170 R15: 000000009f6b0400
>> Call Trace: 
>> 603675d8:  [<6001d53d>] segv+0x1bd/0x340
>> 603675f8:  [<6008b8ab>] handle_irq_event_percpu+0xab/0x1b0
>> 60367620:  [<6008b9b0>] handle_irq_event+0x0/0x40
>> 60367630:  [<6002e09c>] os_waiting_for_events+0x0/0xc5
>> 60367658:  [<6008fccf>] rcu_irq_exit+0x5f/0xb0
>> 603676a8:  [<6001d713>] segv_handler+0x53/0xb0
>> 603676c8:  [<60019b5c>] sigio_handler+0xac/0xc0
>> 603676f8:  [<6002ff5a>] sig_handler_common+0xa4/0xb9
>> 60367708:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367718:  [<602a58bc>] printk+0x0/0xa8
>> 60367780:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 60367818:  [<60016c34>] _einittext+0x2572/0x38f6
>> 60367828:  [<60016728>] _einittext+0x2066/0x38f6
>> 60367908:  [<60016c34>] _einittext+0x2572/0x38f6
>> 603679a8:  [<60019b70>] to_irq_stack+0x0/0xe0
>> 60367a28:  [<60019b70>] to_irq_stack+0x0/0xe0
>> 60367a38:  [<600300b5>] sig_handler+0x4a/0x5d
>> 60367a58:  [<6002fb81>] hard_handler+0x89/0xd8
>> 60367a90:  [<602a58bc>] printk+0x0/0xa8
>> 60367aa0:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367b08:  [<602a58bc>] printk+0x0/0xa8
>> 60367b18:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367b68:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>>
>> Kernel panic - not syncing: Kernel mode fault at addr 0x68, ip 0xa089d846
>> Call Trace: 
>> 603674b0:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 603674c8:  [<602a5751>] panic+0x146/0x2b1
>> 60367500:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 60367508:  [<602a560b>] panic+0x0/0x2b1
>> 60367520:  [<6007a4d4>] __module_text_address+0x14/0x70
>> 60367538:  [<6007ec20>] is_module_text_address+0x10/0x20
>> 60367548:  [<600582c7>] __kernel_text_address+0x87/0xc0
>> 60367568:  [<6001bc1f>] show_trace+0x7f/0xf0
>> 60367598:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 603675c0:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 603675d8:  [<6001d55b>] segv+0x1db/0x340
>> 603675f8:  [<6008b8ab>] handle_irq_event_percpu+0xab/0x1b0
>> 60367620:  [<6008b9b0>] handle_irq_event+0x0/0x40
>> 60367630:  [<6002e09c>] os_waiting_for_events+0x0/0xc5
>> 60367658:  [<6008fccf>] rcu_irq_exit+0x5f/0xb0
>> 603676a8:  [<6001d713>] segv_handler+0x53/0xb0
>> 603676c8:  [<60019b5c>] sigio_handler+0xac/0xc0
>> 603676f8:  [<6002ff5a>] sig_handler_common+0xa4/0xb9
>> 60367708:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367718:  [<602a58bc>] printk+0x0/0xa8
>> 60367780:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 60367818:  [<60016c34>] _einittext+0x2572/0x38f6
>> 60367828:  [<60016728>] _einittext+0x2066/0x38f6
>> 60367908:  [<60016c34>] _einittext+0x2572/0x38f6
>> 603679a8:  [<60019b70>] to_irq_stack+0x0/0xe0
>> 60367a28:  [<60019b70>] to_irq_stack+0x0/0xe0
>> 60367a38:  [<600300b5>] sig_handler+0x4a/0x5d
>> 60367a58:  [<6002fb81>] hard_handler+0x89/0xd8
>> 60367a90:  [<602a58bc>] printk+0x0/0xa8
>> 60367aa0:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367b08:  [<602a58bc>] printk+0x0/0xa8
>> 60367b18:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367b68:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>>
>>
>> Modules linked in: iio_dummy(C+) industrialio
>> Pid: 615, comm: modprobe Tainted: G         C   3.6.0-rc6-00180-g68d0383-dirty
>> RIP: 0033:[<00000000402eff9a>]
>> RSP: 0000007fbfbf6798  EFLAGS: 00000246
>> RAX: ffffffffffffffda RBX: 0000000000000000 RCX: ffffffffffffffff
>> RDX: 000000000060e110 RSI: 00000000000148c9 RDI: 0000000040024000
>> RBP: 0000000000611b70 R08: 000000000060e100 R09: 0000000000000000
>> R10: 0000000000000000 R11: 0000000000000246 R12: 000000000060e110
>> R13: 0000000000000000 R14: 000000000060e010 R15: 0000000000611b88
>> Call Trace: 
>> 60367448:  [<6001db1e>] panic_exit+0x3e/0x60
>> 60367478:  [<600616ad>] notifier_call_chain+0x4d/0x70
>> 603674a0:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 603674b8:  [<60061708>] atomic_notifier_call_chain+0x18/0x20
>> 603674c8:  [<602a5784>] panic+0x179/0x2b1
>> 60367500:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 60367508:  [<602a560b>] panic+0x0/0x2b1
>> 60367520:  [<6007a4d4>] __module_text_address+0x14/0x70
>> 60367538:  [<6007ec20>] is_module_text_address+0x10/0x20
>> 60367548:  [<600582c7>] __kernel_text_address+0x87/0xc0
>> 60367568:  [<6001bc1f>] show_trace+0x7f/0xf0
>> 60367598:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 603675c0:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 603675d8:  [<6001d55b>] segv+0x1db/0x340
>> 603675f8:  [<6008b8ab>] handle_irq_event_percpu+0xab/0x1b0
>> 60367620:  [<6008b9b0>] handle_irq_event+0x0/0x40
>> 60367630:  [<6002e09c>] os_waiting_for_events+0x0/0xc5
>> 60367658:  [<6008fccf>] rcu_irq_exit+0x5f/0xb0
>> 603676a8:  [<6001d713>] segv_handler+0x53/0xb0
>> 603676c8:  [<60019b5c>] sigio_handler+0xac/0xc0
>> 603676f8:  [<6002ff5a>] sig_handler_common+0xa4/0xb9
>> 60367708:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367718:  [<602a58bc>] printk+0x0/0xa8
>> 60367780:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>> 60367818:  [<60016c34>] _einittext+0x2572/0x38f6
>> 60367828:  [<60016728>] _einittext+0x2066/0x38f6
>> 60367908:  [<60016c34>] _einittext+0x2572/0x38f6
>> 603679a8:  [<60019b70>] to_irq_stack+0x0/0xe0
>> 60367a28:  [<60019b70>] to_irq_stack+0x0/0xe0
>> 60367a38:  [<600300b5>] sig_handler+0x4a/0x5d
>> 60367a58:  [<6002fb81>] hard_handler+0x89/0xd8
>> 60367a90:  [<602a58bc>] printk+0x0/0xa8
>> 60367aa0:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367b08:  [<602a58bc>] printk+0x0/0xa8
>> 60367b18:  [<6005f170>] __mutex_init+0x0/0x20
>> 60367b68:  [<a089d846>] iio_buffer_register+0x46/0x610 [industrialio]
>>
>>
>> Tested on recent linus' tree (v3.6-rc6-176-gabef3bd)
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>> the body of a message to majordomo@...r.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>> Please read the FAQ at  http://www.tux.org/lkml/
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-iio" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ