| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Dec 2013 19:02:28 +0400 From: Eugene Shatokhin <eugene.shatokhin@...alab.ru> To: Alan Stern <stern@...land.harvard.edu> CC: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, linux-usb@...r.kernel.org, LKML <linux-kernel@...r.kernel.org> Subject: uhci_hcd: Possible corruption of DMA pool uhci->td_pool Hi, On ROSA Linux with kernel 3.10.21 with DMA debug options enabled, the kernel sometimes issues a warning about DMA pool corruption (see the log below). That happens sometimes, when the system boots or resumes from hibernation with Samson C01U USB microphone attached. The affected DMA pool is 'uhci->td_pool', uhci_alloc_td() from drivers/usb/host/uhci-hcd.c makes the relevant dma_pool_alloc() calls. Any ideas about how to find what causes this and how to fix it? Here is the relevant part of the system log: ---------------------------- [ 22.264332] usb 2-1: new full-speed USB device number 2 using uhci_hcd [ 22.450609] usb 2-1: New USB device found, idVendor=17a0, idProduct=0001 [ 22.450626] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0 [ 22.450639] usb 2-1: Product: Samson C01U [ 22.450649] usb 2-1: Manufacturer: Samson Technologies <...> [ 280.703483] retire_capture_urb: 4494 callbacks suppressed [ 284.961087] uhci_hcd 0000:00:1d.1: dma_pool_alloc uhci_td, efb7b060 (corruped) [ 284.961087] 00000000: 00 06 00 00 af 00 00 03 a7 a7 a7 a7 a7 a7 a7 a7 ................ [ 284.961087] 00000010: a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 ................ [ 284.961087] 00000020: a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 ................ [ 284.961087] retire_capture_urb: 4343 callbacks suppressed [ 284.961087] uhci_hcd 0000:00:1d.1: dma_pool_alloc uhci_td, efb7b5d0 (corruped) [ 284.961087] 00000000: 00 06 00 00 af 00 00 03 a7 a7 a7 a7 a7 a7 a7 a7 ................ [ 284.961087] 00000010: a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 ................ [ 284.961087] 00000020: a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 a7 ................ [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) [ 284.961087] cannot submit urb (err = -27) ---------------------------- 0xa7 is POOL_POISON_FREED. The memory pages to be allocated from the pool should be filled with such bytes. Each time I observed this problem, the first 8 bytes of the listed memory area were overwritten, with different data each time. Regards, Eugene -- Eugene Shatokhin, ROSA Laboratory. www.rosalab.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists