lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 05 Feb 2015 21:56:03 +0100
From:	Alban Browaeys <alban.browaeys@...il.com>
To:	Stephen Boyd <sboyd@...eaurora.org>
Cc:	Tomeu Vizoso <tomeu.vizoso@...labora.com>,
	Mike Turquette <mturquette@...aro.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] clk: Fix OOPS calling hlist_del on an already
 poisoned hlist.

Le jeudi 05 février 2015 à 11:33 -0800, Stephen Boyd a écrit :
> On 02/05/15 10:24, Alban Browaeys wrote:
> > Put is called more than once, thus hlist_del ends up on a poisoned
> > list.
> 
> Why is clk_put() called more than once on the same clk pointer? Where
> does this happe
> 

With only patch 1 from this set applied I get another oops: 


[    7.346612] Unable to handle kernel paging request at virtual address 00200200
[    7.353686] pgd = ebbf4000
[    7.355939] [00200200] *pgd=00000000
[    7.359444] Internal error: Oops: 805 [#1] PREEMPT SMP ARM
[    7.364914] Modules linked in: exynosdrm(+) drm_kms_helper phy_exynos_usb2 fuse
[    7.372201] CPU: 3 PID: 102 Comm: systemd-modules Not tainted 3.19.0-rc7-next-20150204-00053-g17e4521 #93
[    7.381764] Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
[    7.387832] task: eb0a8f00 ti: ebbfe000 task.ti: ebbfe000
[    7.393213] PC is at __clk_put+0x64/0xdc
[    7.397111] LR is at clk_prepare_lock+0x20/0x100
[    7.401712] pc : [<c055616c>]    lr : [<c0552bfc>]    psr: 200f0053
[    7.401712] sp : ebbffbb8  ip : ebbffba0  fp : ebbffbcc
[    7.413185] r10: ee0ff600  r9 : 00000001  r8 : 00000000
[    7.413188] r7 : ebbffbf8  r6 : 00000000  r5 : ee5c7d80  r4 : ee0ff600
[    7.413195] r3 : 00100100  r2 : 00200200  r1 : 080007ff  r0 : 00000001
[    7.413200] Flags: nzCv  IRQs on  FIQs off  Mode SVC_32  ISA ARM  Segment user
[    7.413204] Control: 10c5387d  Table: 6bbf404a  DAC: 00000015
[    7.413208] Process systemd-modules (pid: 102, stack limit = 0xebbfe218)
[    7.413211] Stack: (0xebbffbb8 to 0xebc00000)
[    7.413215] fba0:                                                       00000000 ee106400
[    7.413222] fbc0: ebbffbdc ebbffbd0 c055222c c0556114 ebbffc6c ebbffbe0 c0558604 c0552220
[    7.413228] fbe0: ebbffbf8 c01cc560 ebbbc310 ee2b5200 ebbffc14 c01ced00 ee5e0d3c 00000001
[    7.413234] fc00: 00000181 ee2b5200 ebbffc34 ebbbc100 00000000 c08c5790 ee2b5200 ebbbc300
[    7.413239] fc20: 00000001 00000006 ebbffc5c ebbffc38 c01ced00 c01cb2d0 ed834850 00000000
[    7.413245] fc40: ed834858 ed834850 ed834850 bf06c0b4 c0aa82b8 00000000 bf06c0b4 00000006
[    7.413251] fc60: ebbffc8c ebbffc70 c044213c c055846c ed834850 c0b61248 c0b61254 c0aa82b8
[    7.413257] fc80: ebbffcc4 ebbffc90 c043ff34 c0442120 ed834850 bf06c0b4 ed834884 ed834850
[    7.413263] fca0: bf06c0b4 ed834884 00000000 bf0631f0 eb3cfc00 c0a4f40c ebbffce4 ebbffcc8
[    7.413269] fcc0: c044020c c043fdc8 00000000 00000000 bf06c0b4 c0440194 ebbffd0c ebbffce8
[    7.413275] fce0: c043ded8 c04401a0 ee284e38 ed830900 c06f5720 bf06c0b4 eb329cc0 c0a87448
[    7.413280] fd00: ebbffd1c ebbffd10 c043fa14 c043de88 ebbffd44 ebbffd20 c043f460 c043f9f4
[    7.413286] fd20: bf069280 ebbffd30 bf06c0b4 00000000 bf0631e8 bf06c388 ebbffd5c ebbffd48
[    7.413292] fd40: c0440bfc c043f370 00000001 00000000 ebbffd6c ebbffd60 c0442094 c0440b50
[    7.413298] fd60: ebbffdbc ebbffd70 bf04ca08 c044203c 00000000 bf065090 ffffffff 00000000
[    7.413303] fd80: 00000000 00000000 00000000 00000000 00000000 00000000 c0a53b20 bf06c208
[    7.413309] fda0: c0a53b20 bf04c950 00000000 c0a53b20 ebbffe4c ebbffdc0 c0008b28 bf04c95c
[    7.413315] fdc0: 0010000f 00000000 ebbffdec ebbffdd8 c00504f4 c006dde0 ebbfe000 00000000
[    7.413321] fde0: ee002140 000000d0 c06ed168 0000000c c0a50600 00000001 ebbffe4c ebbffe08
[    7.413327] fe00: c01541d8 c0153934 ebbfe008 ebbffe08 00000001 ebbfe008 ee002140 dc8cb100
[    7.413333] fe20: 00000001 bf06c208 00000001 eb3cfd00 eb3cf000 00000001 14c3101c eb3cf008
[    7.413339] fe40: ebbffe74 ebbffe50 c06ed1a4 c00089ec ebbffe74 ebbffe60 c014496c ebbfff48
[    7.413345] fe60: 00000001 bf06c208 ebbfff3c ebbffe78 c00af61c c06ed140 bf06c214 00007fff
[    7.413350] fe80: c00ac6a8 ebbfff48 ebbffeb4 f0473db8 00000780 00000777 f0473e84 bf06c214
[    7.413356] fea0: bf06c378 b6dc99f8 bf06c250 c0a4f40c c00ad024 c0169924 00000000 00000000
[    7.413362] fec0: bf063194 00000009 00000000 00000000 6e72656b 00006c65 00000000 00000000
[    7.413367] fee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[    7.413373] ff00: 00000000 00000000 00000000 dc8cb100 ebbfff2c 00000000 00000006 b6dc99f8
[    7.413379] ff20: 0000017b c000fb64 ebbfe000 00000000 ebbfffa4 ebbfff40 c00afdec c00ada4c
[    7.413385] ff40: c0180738 00000000 f0454000 002bb414 f070ec6c f066643f f066dd80 00020390
[    7.413390] ff60: 00026450 bf06c1f0 00000001 00000000 0000002f 00000030 0000001a 00000000
[    7.413396] ff80: 00000008 00000000 00000000 b6dca7d4 00028948 e1c5e100 00000000 ebbfffa8
[    7.413402] ffa0: c000f9c0 c00afd54 b6dca7d4 00028948 00000006 b6dc99f8 00000000 b6dca31c
[    7.413408] ffc0: b6dca7d4 00028948 e1c5e100 0000017b 00020000 00015964 00015f34 0002e640
[    7.413414] ffe0: bedc0268 bedc0258 b6dc3c4b b6e6cd42 600d0070 00000006 6f7fd821 6f7fdc21
[    7.413427] [<c055616c>] (__clk_put) from [<c055222c>] (clk_put+0x18/0x1c)
[    7.413438] [<c055222c>] (clk_put) from [<c0558604>] (of_clk_set_defaults+0x1a4/0x2ec)
[    7.413448] [<c0558604>] (of_clk_set_defaults) from [<c044213c>] (platform_drv_probe+0x28/0xb0)
[    7.413462] [<c044213c>] (platform_drv_probe) from [<c043ff34>] (driver_probe_device+0x178/0x384)
[    7.413470] [<c043ff34>] (driver_probe_device) from [<c044020c>] (__driver_attach+0x78/0x9c)
[    7.413478] [<c044020c>] (__driver_attach) from [<c043ded8>] (bus_for_each_dev+0x5c/0xb4)
[    7.413485] [<c043ded8>] (bus_for_each_dev) from [<c043fa14>] (driver_attach+0x2c/0x30)
[    7.413492] [<c043fa14>] (driver_attach) from [<c043f460>] (bus_add_driver+0xfc/0x228)
[    7.413500] [<c043f460>] (bus_add_driver) from [<c0440bfc>] (driver_register+0xb8/0xf8)
[    7.413509] [<c0440bfc>] (driver_register) from [<c0442094>] (__platform_driver_register+0x64/0x6c)
[    7.413597] [<c0442094>] (__platform_driver_register) from [<bf04ca08>] (exynos_drm_init+0xb8/0x1d0 [exynosdrm])
[    7.413631] [<bf04ca08>] (exynos_drm_init [exynosdrm]) from [<c0008b28>] (do_one_initcall+0x148/0x224)
[    7.413644] [<c0008b28>] (do_one_initcall) from [<c06ed1a4>] (do_init_module+0x70/0x1bc)
[    7.413657] [<c06ed1a4>] (do_init_module) from [<c00af61c>] (load_module+0x1bdc/0x21f0)
[    7.413665] [<c00af61c>] (load_module) from [<c00afdec>] (SyS_finit_module+0xa4/0xb4)
[    7.413675] [<c00afdec>] (SyS_finit_module) from [<c000f9c0>] (ret_fast_syscall+0x0/0x34)
[    7.413681] Code: ebfff29e e5943014 e5942018 e3530000 (e582300


from the patch 1 debugging I concluded that in __set_clk_parents, the parent clk of
 the fimc devices was the same thus clk_put was called for each of the four of them 
(but oops at the second one).

This indeed would deserve a debug run of itself. I only deduced the second oops behaviour
from the analysis of the first oops as both happens in the same loop . This is weak. Will do
the detailed testing for this one too .




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ