| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LNX.2.00.1106101001360.19998@swampdragon.chaosbits.net>
Date: Fri, 10 Jun 2011 10:32:12 +0200 (CEST)
From: Jesper Juhl <jj@...osbits.net>
To: linux-kernel@...r.kernel.org
cc: platform-driver-x86@...r.kernel.org,
Frank Seidel <frank@...eidel.de>, linux-input@...r.kernel.org
Subject: Reproducible general protection fault: 0000 - hdapsd exited with
preempt_count 1 - kernel 2.6.38.8
Hi
I just noticed a GPF during bootup of my laptop :
[ 18.944171] general protection fault: 0000 [#1] PREEMPT SMP
[ 18.944243] last sysfs file: /sys/devices/virtual/input/input13/event13/uevent
[ 18.944295] CPU 0
[ 18.944307] Modules linked in: joydev hdaps uvcvideo btusb bluetooth usbhid hid videodev v4l2_compat_ioctl32 snd_hda_codec_hdmi snd_hda_codec_conexant vboxnetadp vboxnetflt vboxdrv snd_hda_intel snd_hda_codec cpufreq_ondemand snd_hwdep arc4 sg ecb iwlagn msr acpi_cpufreq freq_table mperf i915 tp_smapi thinkpad_ec ehci_hcd thinkpad_acpi drm_kms_helper i2c_i801 snd_pcm iwlcore snd_timer mac80211 e1000e snd_page_alloc drm cfg80211 firewire_ohci i2c_algo_bit snd i2c_core usbcore rfkill pcspkr firewire_core serio_raw sdhci_pci evdev iTCO_wdt sdhci tpm_tis soundcore tpm mmc_core wmi intel_ips intel_agp nvram crc_itu_t iTCO_vendor_support battery intel_gtt tpm_bios ac video psmouse thermal processor button ext4 mbcache jbd2 crc16 sr_mod cdrom sd_mod ahci libahci libata scsi_mod
[ 18.944928]
[ 18.946142] Pid: 978, comm: hdapsd Not tainted 2.6.38-ARCH #1 LENOVO 4384GJG/4384GJG
[ 18.947403] RIP: 0010:[<ffffffffa0724d9d>] [<ffffffffa0724d9d>] hdaps_mousedev_open+0x2d/0x160 [hdaps]
[ 18.948652] RSP: 0018:ffff88011f393b48 EFLAGS: 00010293
[ 18.949879] RAX: ffff88012e194020 RBX: ffff880123e6f800 RCX: 0000000000000001
[ 18.951104] RDX: ffffffffa0724d70 RSI: 2222222222222222 RDI: ffff880123e6f800
[ 18.952328] RBP: ffff88011f393b58 R08: 2222222222222222 R09: 2222222222222222
[ 18.953547] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801247cf008
[ 18.954752] R13: ffff880123e6fa38 R14: ffff88012fe96b40 R15: ffff8801247cf0b8
[ 18.955965] FS: 00007f107b299700(0000) GS:ffff8800bb000000(0000) knlGS:0000000000000000
[ 18.957184] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 18.958408] CR2: 00007fc3b1bf3200 CR3: 000000011f317000 CR4: 00000000000006f0
[ 18.959636] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 18.960885] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 18.962124] Process hdapsd (pid: 978, threadinfo ffff88011f392000, task ffff88012daaeae0)
[ 18.963368] Stack:
[ 18.964616] ffff88011f393b58 ffff880123e6f800 ffff88011f393b98 ffffffff812e7e6a
[ 18.965908] ffff88012fe96b40 ffff8801247cf0b8 ffff88011f393b98 ffff8801247cf000
[ 18.967215] ffff88011e2a2540 0000000000000000 ffff88011f393bf8 ffffffffa01145b5
[ 18.968543] Call Trace:
[ 18.969864] [<ffffffff812e7e6a>] input_open_device+0x8a/0xc0
[ 18.971189] [<ffffffffa01145b5>] evdev_open+0x1c5/0x270 [evdev]
[ 18.972529] [<ffffffff812e8eaa>] input_open_file+0x1ba/0x370
[ 18.973852] [<ffffffff811542c0>] ? exact_match+0x0/0x10
[ 18.975182] [<ffffffff81154e6b>] chrdev_open+0x1bb/0x2d0
[ 18.976512] [<ffffffff8114e9c2>] __dentry_open+0x112/0x370
[ 18.977835] [<ffffffff81154cb0>] ? chrdev_open+0x0/0x2d0
[ 18.979171] [<ffffffff811e93c5>] ? devcgroup_inode_permission+0x135/0x160
[ 18.980494] [<ffffffff8114fef1>] nameidata_to_filp+0x71/0x80
[ 18.981810] [<ffffffff8115f458>] finish_open+0xc8/0x1b0
[ 18.981814] [<ffffffff8115df46>] ? do_path_lookup+0x76/0x130
[ 18.981815] [<ffffffff8115fbde>] do_filp_open+0x29e/0x760
[ 18.981819] [<ffffffff81055d30>] ? default_wake_function+0x0/0x20
[ 18.981826] [<ffffffff812121e7>] ? kobject_put+0x27/0x60
[ 18.981829] [<ffffffff8116c70c>] ? alloc_fd+0xec/0x140
[ 18.981831] [<ffffffff8114ff69>] do_sys_open+0x69/0x110
[ 18.981835] [<ffffffff8100e1f5>] ? math_state_restore+0x45/0x60
[ 18.981837] [<ffffffff81150030>] sys_open+0x20/0x30
[ 18.981839] [<ffffffff8100bf42>] system_call_fastpath+0x16/0x1b
[ 18.981840] Code: 48 8b 04 25 88 cc 00 00 48 89 e5 53 48 83 ec 08 83 80 44 e0 ff ff 01 83 3d f0 0b 00 00 02 0f 84 1c 01 00 00 48 8b 05 3b 0e 00 00 <65> ff 00 0f 1f 44 00 00 bb 01 00 00 00 65 48 8b 04 25 88 cc 00
[ 18.981852] RIP [<ffffffffa0724d9d>] hdaps_mousedev_open+0x2d/0x160 [hdaps]
[ 18.981854] RSP <ffff88011f393b48>
[ 18.981864] ---[ end trace 48368b24e6a5cac2 ]---
[ 18.981866] note: hdapsd[978] exited with preempt_count 1
Complete dmesg output is attached as "dmesg.txt".
I'm quite certain this did not happen with older kernels (2.6.38.6 for
example).
The system is running 64bit Arch Linux using the distro kernel.
Everything seemed fine until I attempted to start hdapsd once more from a
shell. That resulted in a switch to text mode and multiple stack traces
from the kernel dumped on my screen - I managed to get a photo of this
(http://personal.chaosbits.net/crash-photo.jpg) but nothing made it to the
log files.
At this point the machine was still partly alive since I managed to reboot
it with ctrl+alt+del.
The behaviour seems to be completely reproducible.
I don't have time to look into this until later tonight or tomorrow, at
which time I'll try this with a 3.0-rc kernel or up-to-date git snapshot
and report the result.
If you have some good ideas about how to track down the cause or some
specific info you'd like from me, let me know and I'll provide that
later when I'm off work.
--
Jesper Juhl <jj@...osbits.net> http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.
View attachment "dmesg.txt" of type "TEXT/PLAIN" (72652 bytes)
Powered by blists - more mailing lists