lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 31 Aug 2008 15:00:40 +0200
From:	"xerces8" <xerces8@...n.net>
To:	"Marcin Slusarz" <marcin.slusarz@...il.com>
CC:	linux-kernel@...r.kernel.org
Subject: Re: oops during reboot in device_shutdown()

Marcin Slusarz wrote:

> On Sat, Aug 30, 2008 at 11:52:33PM +0200, xerces8 wrote:
> > Hi!
> > 
> > While running RIPLinux* 6.3, I got the below oops.
> > 
> > What I did was boot up riplinux from USB key, start X, the run "reboot -f" on VT2.
> > 
> > * - http://www.tux.org/pub/people/kent-robotti/looplinux/rip/
> > 
> > After the oops I run "reboot" again and got the same oops again.
> > Note: I am not sure if I ran the 32 or 64 bit kernel.
> 
> They are from 32 bit kernel.

Yes they are. I reproduced the problem.


> > For kernel config and (3 smallish) patches see:
> > http://www.tux.org/pub/people/kent-robotti/looplinux/rip/docs/kernel.txt
> > (or http://www.tux.org/pub/people/kent-robotti/looplinux/rip/docs/kernel64.txt)
> > 
> > 
> > HW: Asus P5K-E WiFi maonboard, BIOS version 1013
> > (Intel P35/ICH9R), CPU: Intel Core2 Q6600
> > 
> > The oops (both):
> > 
> > md: stopping all md devices.
> > BUG: unable to handle kernel NULL pointer dereference at 00000004
> > IP: [<c030b110>] device_shutdown+0x39/0x4c
> > *pde = 00000000 
> > Oops: 0000 [#1] 
> > Modules linked in: snd_mixer_oss snd_hda_intel snd_pcm snd_timer snd_page_alloc snd_hwdep snd
> > soundcore rtl8187 eeprom_93cx6
> > 
> > Pid: 1982, comm: reboot Not tainted (2.6.26 #8)
> > EIP: 0060:[<c030b110>] EFLAGS: 00010246 CPU: 0
> > EIP is at device_shutdown+0x39/0x4c
> > EAX: 00000000 EBX: ffffff90 ECX: 00000000 EDX: ffffff90
> > ESI: 28121969 EDI: b7fb2ff4 EBP: f7d0c000 ESP: f7d0de98
> >  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
> > Process reboot (pid: 1982, ti=f7d0c000 task=f3052740 task.ti=f7d0c000)
> > Stack: 00000000 c011e1bd c011e2ad 01234567 c011e3ec f7d0df14 f7d0df3c 0000002b 
> >        f28d552c c0149ba1 f28d55c8 c0150d11 ffffff9c ffffff9c 00000401 ffffff9c 
> >        f28d552c c0949308 00000001 f30528a4 f3052768 c0111cc7 c0111bc9 f30d6ac8 
> > Call Trace:
> >  [<c011e1bd>] kernel_restart_prepare+0x20/0x25
> >  [<c011e2ad>] kernel_restart+0x8/0x2e
> >  [<c011e3ec>] sys_reboot+0x112/0x14f
> >  [<c0149ba1>] put_filp+0x14/0x31
> >  [<c0150d11>] __path_lookup_intent_open+0x6a/0x72
> >  [<c0111cc7>] dequeue_entity+0xf/0x8d
> >  [<c0111bc9>] __dequeue_entity+0x1f/0x71
> >  [<c0111c2c>] set_next_entity+0x11/0x38
> >  [<c065eb56>] schedule+0x22e/0x24a
> >  [<c01241d1>] hrtimer_cancel+0xa/0x14
> >  [<c065f085>] do_nanosleep+0x4e/0x7b
> >  [<c01244ba>] hrtimer_nanosleep+0x50/0xab
> >  [<c012412a>] hrtimer_wakeup+0x0/0x18
> >  [<c0124556>] sys_nanosleep+0x41/0x51
> >  [<c01036f2>] syscall_call+0x7/0xb
> >  =======================
> > Code: 74 eb 2b 8b 82 b4 00 00 00 85 c0 74 07 8b 48 20 85 c9 75 11 8b 82 b8 00 00 00 85 c0 74 0b
> 8b
> > 48 18 85 c9 74 04 89 d0 ff d1 89 da <8b> 5b 74 83 eb 70 8d 42 70 3b 05 a4 bc 96 c0 75 c7 5b c3
> 55 89 
> > EIP: [<c030b110>] device_shutdown+0x39/0x4c SS:ESP 0068:f7d0de98
> > ---[ end trace e0383ca117e3155e ]---
> 
> Try to rmmod all modules and see whether reboot works, if it is try to
> unload only half of them, etc... (And tell us which module blocks your reboot)
> 
> If it will be hard to reproduce or procedure above won't work, please
> enable "Kernel debugging" (CONFIG_DEBUG_KERNEL), "Driver Core verbose
> debug messages" (CONFIG_DEBUG_DRIVER) and copy messages from dmesg which
> happen before oops.

I managed to reproduce the problem. But it is not "exact science".
What I did was:
 - boot RIPLinux 6.3 USB stick
 - in boot menu select first option (boot 32 bit kernel)
 - when asked opt for keyboard selection
 - select "Slovene"
 - login as root on VT1
 - enter startx
 - in X right click and select XTerm in menu
 - in same menu select Setup/<fist option> (for wired network)
 - wait for the DHCP dialog to appear and click OK
 - from right click menu select Firefox/Start
 - ctrl-alt-f2 to VT2
 - login as root
 - enter: reboot -f

It gives the oops in 75% of cases.
The steps above do not load any modules that are not loaded by default anyway.

I attach the full dmesg output.

Regards,
David

Download attachment "crash_dmesg" of type "application/octet-stream" (15463 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ