lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Tue, 10 Apr 2012 02:05:25 +0000
From:	"Brown, Aaron F" <aaron.f.brown@...el.com>
To:	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Kernel panic with sysfs adding group for pmu device

Hi all,

I'm getting a kernel panic on boot with the the net-next tree on a
number of test systems I work with.  So far this appears on older Intel
Xeon server platforms that have an ESB based chipset with either an x86
or x86_64 kernel.

Here is the panic I am seeing: 
---------------------------------
Starts to boots normally to ...
...
Trying to unpack rootfs image as initramfs...
debug: unmapping init memory f748b000..f77fe000
BUG: unable to handle kernel NULL pointer dereference at   (null)
IP: [<c10d19a0>] internal_create_group+0xdc/0x138
*pde = 00000000
Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
Modules linked in:

Pid: 1, comm: swapper/0 Not tainted 3.4.0-rc1_net-next_igb_2107cad... #2
Intel                                            /SE7525GP2                            
EIP: 0060:[<c10d19a0>] EFLAGS: 00010246 CPU: 0
EIP is at internal_create_group+0xdc/0x138
EAX: 00000001 EBX: f4fc0df8 ECX: 00000000 EDX: 00000000
ESI: 00000000 EDI: 00000000 EBP: f58fbf34 ESP: f58fbf14
 DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
CR0: 8005003b CR2: 00000000 CR3: 014fc000 CR4: 000007d0
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: ffff0ff0 DR7: 00000400
Process swapper/0 (pid: 1, ti=f58fa000 task=f58e9c60 task.ti=f58fa000)
Stack:
 00000000 f4fc2238 00000000 c146b780 f4fc2238 00000001 c146b80c 00000000
 f58fbf3c c10d1a19 f58fbf54 c1188d3f f4fc0df8 f4fc0df0 00000000 00000000
 f58fbf90 c11893a1 c1188d81 00000000 00000000 f4fc0df0 f4fc0df8 c14e5f24
Call Trace:
 [<c10d1a19>] sysfs_create_group+0xc/0xf
 [<c1188d3f>] device_add_groups+0x21/0x4e
 [<c11893a1>] device_add+0x2fa/0x4fb
 [<c1188d81>] ? device_private_init+0x15/0x49
 [<c1188da2>] ? device_private_init+0x36/0x49
 [<c10605bb>] pmu_dev_alloc+0x75/0x8e
 [<c14a8dbc>] perf_event_sysfs_init+0x3f/0x85
 [<c1001159>] do_one_initcall+0x71/0x113
 [<c14a8d7d>] ? utsname_sysctl_init+0x11/0x11
 [<c149727c>] kernel_init+0xd8/0x161
 [<c14971a4>] ? parse_early_options+0x21/0x21
 [<c1339ef6>] kernel_thread_helper+0x6/0xd
Code: d7 66 85 c0 74 21 8b 4d e8 8b 14 b1 b9 02 00 00 00 0b 42 04 0f b7
c0 50 8b 45 e4 e8 01 e1 ff ff 89 c7 59 85 c0 75 0f 46 8b 55 e8 <8b> 04
b2 85 c0 75 a5 31 ff eb 27 8b 4d ec 8b 59 08 eb 0f 8b 08
EIP: [<c10d19a0>] internal_create_group+0xdc/0x138 SS:ESP 0068:f58fbf14
CR2: 0000000000000000
---[ end trace e93713a9d40cd06c ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009
---------------------------------
I tried disabling DEBUG_PAGEALLOC as well as 
different preempt settings, compiled as single proc, etc...  The panic 
continued, but modified "Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC" line
to represent the actual settings.

I ran a series of git bisects and found that the patch that introduced
the panics is:
-------------------------------------------
u1460:[0]/usr/src/kernels/net-next> git bisect good
641cc938815dfd09f8fa1ec72deb814f0938ac33 is first bad commit
commit 641cc938815dfd09f8fa1ec72deb814f0938ac33
Author: Jiri Olsa <jolsa@...hat.com>
Date:   Thu Mar 15 20:09:14 2012 +0100

    perf: Adding sysfs group format attribute for pmu device

    Adding sysfs group 'format' attribute for pmu device that
    contains a syntax description on how to construct raw events.

    The event configuration is described in following
    struct pefr_event_attr attributes:

      config
      config1
      config2

    Each sysfs attribute within the format attribute group,
    describes mapping of name and bitfield definition within
    one of above attributes.

    eg:
      "/sys/...<dev>/format/event" contains "config:0-7"
      "/sys/...<dev>/format/umask" contains "config:8-15"
      "/sys/...<dev>/format/usr"   contains "config:16"

    the attribute value syntax is:

      line:      config ':' bits
      config:    'config' | 'config1' | 'config2"
      bits:      bits ',' bit_term | bit_term
      bit_term:  VALUE '-' VALUE | VALUE

    Adding format attribute definitions for x86 cpu pmus.

    Acked-by: Peter Zijlstra <peterz@...radead.org>
    Signed-off-by: Peter Zijlstra <peterz@...radead.org>
    Signed-off-by: Jiri Olsa <jolsa@...hat.com>
    Link:
http://lkml.kernel.org/n/tip-vhdk5y2hyype9j63prymty36@git.kernel.org
    Signed-off-by: Arnaldo Carvalho de Melo <acme@...hat.com>

:040000 040000 6997376a7fa63ee143dd365babc373cb298148a4
1779179772124f413d1d1b18fdd6bb3bdd9713c0 M      Documentation
:040000 040000 1bbb2bd82a0abee4e9f55c9ccbc0805d4d0040c4
a947cf4cfd048f98904e5fc59b67253258b6f5a3 M      arch
:040000 040000 bd74f46a57eb846a2ee7e3d60813bb1c1af2d71a
d95d819d91a7049d3e7355488436c4305319ceac M      include
u1460:[0]/usr/src/kernels/net-next_igb-queue>
------------------------------------------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ