lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 15 Jul 2013 01:54:55 +0200
From:	Mihai Moldovan <ionic@...ic.de>
To:	LKML <linux-kernel@...r.kernel.org>
Subject: Oops (NULL ptr deref) while loading some module

Hi all,

I'm seeing following oopses when booting up my kernel:

[    3.173479] BUG: unable to handle kernel NULL pointer dereference
at           (null)
[    3.173602] IP: [<ffffffff810d2f54>] futex_wake+0x74/0x130
[    3.173679] PGD 231d65067 PUD 231d64067 PMD 0
[    3.173783] Oops: 0000 [#1] SMP
[    3.173870] Modules linked in:
[    3.173936] CPU 0
[    3.173959] Pid: 615, comm: modprobe Not tainted 3.9.6-OSS4.2-dirty
#34                  /DQ45CB
[    3.174091] RIP: 0010:[<ffffffff810d2f54>]  [<ffffffff810d2f54>]
futex_wake+0x74/0x130
[    3.174195] RSP: 0018:ffff8802311dbda8  EFLAGS: 00010246
[    3.174249] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000007f125139
[    3.174306] RDX: 0000000000000000 RSI: 000000003c28288f RDI: ffffffff8222ee70
[    3.174363] RBP: ffff8802311dbe08 R08: 00000000efa13b63 R09: 0000000000000000
[    3.174420] R10: 0000000000000000 R11: 0000000000000202 R12: ffffffff8222ee70
[    3.174477] R13: 00000000ffffffff R14: ffffffff8222ee78 R15: 0000000000000000
[    3.174535] FS:  00007ff44c2a3700(0000) GS:ffff88023bc00000(0000)
knlGS:0000000000000000
[    3.174620] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    3.174676] CR2: 0000000000000000 CR3: 0000000231d61000 CR4: 00000000000407f0
[    3.174734] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[    3.174791] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[    3.174849] Process modprobe (pid: 615, threadinfo ffff8802311da000, task
ffff880231e272c0)
[    3.174935] Stack:
[    3.174984]  ffff880231d62a10 0000000100000001 00000000000007f8 00007fff78d0a000
[    3.175139]  ffff8802311e8000 000000000000091c ffff8802311dbdf8 0000000000000000
[    3.175293]  0000000000000000 0000000000000001 00007fff78d0a91c 0000000000000001
[    3.175447] Call Trace:
[    3.175499]  [<ffffffff810d4d40>] do_futex+0x100/0xab0
[    3.175555]  [<ffffffff819772d4>] ? __do_page_fault+0x244/0x4e0
[    3.175611]  [<ffffffff811806f1>] ? mntput+0x21/0x30
[    3.175666]  [<ffffffff81164c7b>] ? __fput+0x16b/0x240
[    3.175721]  [<ffffffff810d5778>] sys_futex+0x88/0x180
[    3.175775]  [<ffffffff81977579>] ? do_page_fault+0x9/0x10
[    3.175830]  [<ffffffff8197a252>] system_call_fastpath+0x16/0x1b
[    3.175886] Code: ff ff 85 c0 41 89 c7 0f 85 b0 00 00 00 48 8d 7d b8 e8 61 f9
ff ff 49 89 c4 48 89 c7 e8 46 0d 8a 00 49 8b 44 24 08 4d 8d 74 24 08 <48> 8b 18
48 8d 78 e8 48 83 eb 18 49 39 c6 75 23 eb 6a 66 2e 0f
[    3.176678] RIP  [<ffffffff810d2f54>] futex_wake+0x74/0x130
[    3.176678]  RSP <ffff8802311dbda8>
[    3.176678] CR2: 0000000000000000
[    3.177366] ---[ end trace 7213d911e494c10b ]---
[    3.177823] BUG: unable to handle kernel NULL pointer dereference
at           (null)
[    3.177944] IP: [<ffffffff810d2f54>] futex_wake+0x74/0x130
[    3.178017] PGD 2311f4067 PUD 2311f5067 PMD 0
[    3.178122] Oops: 0000 [#2] SMP
[    3.178207] Modules linked in:
[    3.178274] CPU 0
[    3.178296] Pid: 617, comm: modprobe Tainted: G      D     
3.9.6-OSS4.2-dirty #34                  /DQ45CB
[    3.178428] RIP: 0010:[<ffffffff810d2f54>]  [<ffffffff810d2f54>]
futex_wake+0x74/0x130
[    3.178531] RSP: 0018:ffff880231213da8  EFLAGS: 00010246
[    3.178585] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000006a3b48
[    3.178643] RDX: 0000000000000000 RSI: 000000001d796f0a RDI: ffffffff8222ec60
[    3.178700] RBP: ffff880231213e08 R08: 00000000cbc14f19 R09: 0000000000000000
[    3.178758] R10: 0000000000000000 R11: 0000000000000202 R12: ffffffff8222ec60
[    3.178816] R13: 00000000ffffffff R14: ffffffff8222ec68 R15: 0000000000000000
[    3.178873] FS:  00007f5baf639700(0000) GS:ffff88023bc00000(0000)
knlGS:0000000000000000
[    3.178958] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    3.179013] CR2: 0000000000000000 CR3: 00000002311f7000 CR4: 00000000000407f0
[    3.179071] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[    3.179128] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[    3.179185] Process modprobe (pid: 617, threadinfo ffff880231212000, task
ffff880231e26540)
[    3.179270] Stack:
[    3.179318]  ffff8802311f3a10 0000000100000001 00000000000007f0 00007fff80ed6000
[    3.179472]  ffff8802311e8340 000000000000082c ffff880231213df8 0000000000000000
[    3.179626]  0000000000000000 0000000000000001 00007fff80ed682c 0000000000000001
[    3.179780] Call Trace:
[    3.179829]  [<ffffffff810d4d40>] do_futex+0x100/0xab0
[    3.179884]  [<ffffffff819772d4>] ? __do_page_fault+0x244/0x4e0
[    3.179940]  [<ffffffff811806f1>] ? mntput+0x21/0x30
[    3.179994]  [<ffffffff81164c7b>] ? __fput+0x16b/0x240
[    3.180071]  [<ffffffff810d5778>] sys_futex+0x88/0x180
[    3.180126]  [<ffffffff81977579>] ? do_page_fault+0x9/0x10
[    3.180183]  [<ffffffff8197a252>] system_call_fastpath+0x16/0x1b
[    3.180238] Code: ff ff 85 c0 41 89 c7 0f 85 b0 00 00 00 48 8d 7d b8 e8 61 f9
ff ff 49 89 c4 48 89 c7 e8 46 0d 8a 00 49 8b 44 24 08 4d 8d 74 24 08 <48> 8b 18
48 8d 78 e8 48 83 eb 18 49 39 c6 75 23 eb 6a 66 2e 0f
[    3.180892] RIP  [<ffffffff810d2f54>] futex_wake+0x74/0x130
[    3.180892]  RSP <ffff880231213da8>
[    3.180892] CR2: 0000000000000000
[    3.181699] ---[ end trace 7213d911e494c10c ]---

This is obviously happening while booting and udev is loading *some* module, but
I have no idea which module is affected as such.

Luckily, my module list is quite concise:
Module                  Size  Used by
xt_conntrack            3129  7
xt_dscp                 1627  12
ath9k                 158146  0
ath9k_common            1928  1 ath9k
ath9k_hw              415466  2 ath9k_common,ath9k
ath                    15622  3 ath9k_common,ath9k,ath9k_hw
mac80211              309142  1 ath9k
kvm_intel             120679  0
cfg80211              195508  3 ath,ath9k,mac80211
i915                  516965  2
rfkill                 15045  2 cfg80211
kvm                   263860  1 kvm_intel
cp210x                 14910  2
drm_kms_helper         27953  1 i915
e1000e                222638  0
ptp                     7996  1 e1000e
pps_core                8569  1 ptp
video                  11025  1 i915
backlight               4688  1 video

I guess I can rule out ath9k, ath9k_common, ath9k_hw, ath, mac80211, cfg80211,
rfkill, kvm_intel and cp210x. Unloading and reloading them again are not causing
any oopses, so that's that. xt_conntrack and xt_dscp can't be unloaded, unless I
remove all iptables rules...  but I don't think those are the root cause either.

Anyway, I'd be happy to try to test more, but first of all, what are the oopses
telling me, anyway? The kernel is not oopsing *in* a module, so... hum...
Also, it's oopsing two times at boot time, but all modules are being loaded just
fine afterwards, I'm not missing any module and I'm not having defunct modprobe
proccesses. I'm a little bit puzzled.

Anyone care to shed some light on that?


Best regards,



Mihai


Download attachment "smime.p7s" of type "application/pkcs7-signature" (4506 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ