lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 16 Oct 2007 21:47:04 -0700
From:	Randy Dunlap <randy.dunlap@...cle.com>
To:	linux-mtd@...ts.infradead.org
Cc:	dwmw2@...radead.org, lkml <linux-kernel@...r.kernel.org>
Subject: mtd: pnc2000 module crashes

2.6.23-git7, on x86_64, no MTD devices:

modprobe pnc2000 crashes like so:

Photron PNC-2000 flash mapping: 400000 at bf000000
Unable to handle kernel paging request at 00000000bf000000 RIP: 
 [<ffffffff8800a0b9>] :map_funcs:simple_map_write+0x54/0x82
PGD 3476f067 PUD 0 
Oops: 0002 [1] SMP 
CPU 0 
Modules linked in: cfi_probe gen_probe pnc2000 mtd chipreg map_funcs hidp l2cap bluetooth snd_via82xx snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_page_alloc snd_mpu401_uart parport_pc ohci1394 parport snd_rawmidi ieee1394 snd_seq_device shpchp snd soundcore pci_hotplug
Pid: 4027, comm: modprobe Not tainted 2.6.23-git7 #11
RIP: 0010:[<ffffffff8800a0b9>]  [<ffffffff8800a0b9>] :map_funcs:simple_map_write+0x54/0x82
RSP: 0018:ffff81002ec9f828  EFLAGS: 00010206
RAX: 00000000f0f0f0f0 RBX: 0000000000000008 RCX: 0000000000000000
RDX: 0000000000000004 RSI: ffff81002ec9f878 RDI: ffff81002ec9f848
RBP: ffff81002ec9f848 R08: 00000000bf000000 R09: ffffffff880e35a0
R10: 0000000000000004 R11: 0000000000000002 R12: 0000000000000000
R13: ffffffff880e35a0 R14: 0000000000000000 R15: ffff81002ec9fd68
FS:  00002ac0707cf6f0(0000) GS:ffffffff806b4000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00000000bf000000 CR3: 000000002f5ea000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process modprobe (pid: 4027, threadinfo ffff81002ec9e000, task ffff81002ec269c0)
Stack:  00000000f0f0f0f0 0000000000000000 0000000000000000 0000000000000000
 ffff81002ec9fd28 ffffffff8810b5ce 00000000f0f0f0f0 0000000000000000
 0000000000000000 0000000000000000 ffff81002ec9f898 0000000000000000
Call Trace:
 [<ffffffff8810b5ce>] :cfi_probe:cfi_probe_chip+0x17f/0x1379
 [<ffffffff8026e3f7>] get_page_from_freelist+0x38b/0x4d4
 [<ffffffff802503c6>] __lock_acquire+0x3ed/0x6af
 [<ffffffff802503c6>] __lock_acquire+0x3ed/0x6af
 [<ffffffff8024f8c1>] lock_release_holdtime+0x45/0x4a
 [<ffffffff8022ca0d>] update_curr+0xf8/0x119
 [<ffffffff8022cf95>] enqueue_entity+0x24a/0x279
 [<ffffffff8024f8c1>] lock_release_holdtime+0x45/0x4a
 [<ffffffff802503c6>] __lock_acquire+0x3ed/0x6af
 [<ffffffff8024f8c1>] lock_release_holdtime+0x45/0x4a
 [<ffffffff8050f046>] kprobe_flush_task+0x63/0xa9
 [<ffffffff80232eec>] __mmdrop+0x87/0x90
 [<ffffffff802503c6>] __lock_acquire+0x3ed/0x6af
 [<ffffffff8024f8c1>] lock_release_holdtime+0x45/0x4a
 [<ffffffff8022e29d>] __wake_up+0x43/0x50
 [<ffffffff80244c75>] request_module+0x14b/0x162
 [<ffffffff80235d98>] vprintk+0x2bd/0x2ff
 [<ffffffff8810114f>] :gen_probe:mtd_do_chip_probe+0x7f/0x35c
 [<ffffffff802503c6>] __lock_acquire+0x3ed/0x6af
 [<ffffffff8024f8c1>] lock_release_holdtime+0x45/0x4a
 [<ffffffff8050b906>] _spin_unlock+0x26/0x2a
 [<ffffffff8810b44d>] :cfi_probe:cfi_probe+0x10/0x12
 [<ffffffff880e0119>] :chipreg:do_map_probe+0x4a/0x66
 [<ffffffff880ff03b>] :pnc2000:init_pnc2000+0x3b/0x6d
 [<ffffffff80258af4>] sys_init_module+0x146c/0x15cd
 [<ffffffff8800a000>] :map_funcs:simple_map_init+0x0/0x4b
 [<ffffffff8020ef44>] syscall_trace_enter+0x95/0x99
 [<ffffffff8020beec>] tracesys+0xdc/0xe1


Code: 41 89 00 eb 24 83 fa 08 75 0d 4d 03 41 18 48 8b 45 e0 49 89 
RIP  [<ffffffff8800a0b9>] :map_funcs:simple_map_write+0x54/0x82
 RSP <ffff81002ec9f828>
CR2: 00000000bf000000


config file is attached.

---
~Randy

Download attachment "config.base_mods5" of type "application/octet-stream" (54984 bytes)

Powered by blists - more mailing lists