| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Mar 2015 18:37:48 +0800
From: Fengguang Wu <fengguang.wu@...el.com>
To: Takashi Iwai <tiwai@...e.de>
Cc: fengguang.wu@...el.com, LKP <lkp@...org>,
alsa-devel@...a-project.org, linux-kernel@...r.kernel.org
Subject: [ALSA/seq] BUG: unable to handle kernel NULL pointer dereference at
00000050
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
commit 7c37ae5c625aaa4836466cfaea829a3199dfc571
Author: Takashi Iwai <tiwai@...e.de>
AuthorDate: Thu Feb 12 10:51:59 2015 +0100
Commit: Takashi Iwai <tiwai@...e.de>
CommitDate: Thu Feb 12 11:35:11 2015 +0100
ALSA: seq: Rewrite sequencer device binding with standard bus
We've used the old house-made code for binding the sequencer device
and driver. This can be far better implemented with the standard
bus nowadays.
This patch refactors the whole sequencer binding code with the bus
/sys/bus/snd_seq. The devices appear as id-card-device on this bus
and are bound with the drivers corresponding to the given id like the
former implementation. The module autoload is also kept like before.
There is no change in API functions by this patch, and almost all
transitions are kept inside seq_device.c. The proc file output will
change slightly but kept compatible as much as possible.
Further integration works will follow in later patches.
Signed-off-by: Takashi Iwai <tiwai@...e.de>
+------------------------------------------+------------+------------+-----------------+
| | 72496edcf8 | 7c37ae5c62 | v4.0-rc3_031010 |
+------------------------------------------+------------+------------+-----------------+
| boot_successes | 79 | 0 | 0 |
| boot_failures | 1 | 20 | 14 |
| BUG:kernel_boot_crashed | 1 | | |
| BUG:unable_to_handle_kernel | 0 | 20 | 14 |
| Oops | 0 | 20 | 14 |
| EIP_is_at_bus_add_device | 0 | 20 | 14 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 20 | 14 |
| backtrace:usb_composite_probe | 0 | 20 | 14 |
| backtrace:midi_driver_init | 0 | 20 | 14 |
| backtrace:kernel_init_freeable | 0 | 20 | 14 |
+------------------------------------------+------------+------------+-----------------+
[ 1.178531] udc dummy_udc.0: registering UDC driver [MIDI Gadget]
[ 1.179260] MIDI Gadget gadget: adding config #1 'MIDI Gadget'/c1f006c0
[ 1.184102] MIDI Gadget gadget: adding 'gmidi function'/d1fab310 to config 'MIDI Gadget'/c1f006c0
[ 1.186606] BUG: unable to handle kernel NULL pointer dereference at 00000050
[ 1.187008] IP: [<c1590786>] bus_add_device+0xd6/0x160
[ 1.187008] *pde = 00000000
[ 1.187008] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 1.187008] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 3.19.0-03415-g7c37ae5 #24
[ 1.187008] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 1.187008] task: d3480000 ti: d346a000 task.ti: d346a000
[ 1.187008] EIP: 0060:[<c1590786>] EFLAGS: 00010246 CPU: 0
[ 1.187008] EIP is at bus_add_device+0xd6/0x160
[ 1.187008] EAX: 00000000 EBX: 00000000 ECX: d1fb7cc0 EDX: d1fa90bc
[ 1.187008] ESI: d1fa90bc EDI: c1f4f800 EBP: d346bb44 ESP: d346bb30
[ 1.187008] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[ 1.187008] CR0: 80050033 CR2: 00000050 CR3: 02023000 CR4: 000406d0
[ 1.187008] Stack:
[ 1.187008] c1291226 d1fa90b4 d1fa90bc d1f78c7c 00000000 d346bb84 c158e80a d1fa90bc
[ 1.187008] d1f78c84 00000000 00000002 00000000 00000000 d1fa90b4 d1fa9048 2e056fb7
[ 1.187008] 00000002 ffffffff d1fb6dd0 00000000 d238b024 d346bb8c c18c26f0 d346bb98
[ 1.187008] Call Trace:
[ 1.187008] [<c1291226>] ? acpi_platform_notify+0x19/0x78
[ 1.187008] [<c158e80a>] device_add+0x33a/0x530
[ 1.187008] [<c18c26f0>] snd_seq_device_dev_register+0x10/0x20
[ 1.187008] [<c18a13b6>] snd_device_register+0x46/0x80
[ 1.187008] [<c18b181d>] snd_rawmidi_dev_register+0x1cd/0x2d0
[ 1.187008] [<c189e70a>] ? snd_ctl_dev_register+0x2a/0x30
[ 1.187008] [<c18a1432>] snd_device_register_all+0x42/0x70
[ 1.187008] [<c189e10d>] snd_card_register+0x3d/0x150
[ 1.187008] [<c16c284a>] f_midi_bind+0x16a/0x6c0
[ 1.187008] [<c104de70>] ? irq_exit+0x30/0x60
[ 1.187008] [<c10881ef>] ? console_unlock+0x38f/0x520
[ 1.187008] [<c108860a>] ? vprintk_emit+0x28a/0x5f0
[ 1.187008] [<c158f8df>] ? dev_vprintk_emit+0x14f/0x280
[ 1.187008] [<c1109c9b>] ? alloc_debug_processing+0xcb/0x150
[ 1.187008] [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
[ 1.187008] [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
[ 1.187008] [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
[ 1.187008] [<c1faabc0>] ? midi_bind+0xd2/0xd2
[ 1.187008] [<c158fa2a>] ? dev_printk_emit+0x1a/0x20
[ 1.187008] [<c158fa76>] ? __dev_printk+0x46/0x90
[ 1.187008] [<c158fae6>] ? dev_printk+0x26/0x30
[ 1.187008] [<c16971b9>] usb_add_function+0x79/0x140
[ 1.187008] [<c1faabc0>] ? midi_bind+0xd2/0xd2
[ 1.187008] [<c1faabe5>] midi_bind_config+0x25/0x3c
[ 1.187008] [<c169753c>] usb_add_config+0x9c/0x240
[ 1.187008] [<c1a1ee48>] ? mutex_unlock+0x8/0x10
[ 1.187008] [<c1faab86>] midi_bind+0x98/0xd2
[ 1.187008] [<c1697d28>] composite_bind+0x88/0x1a0
[ 1.187008] [<c169a92f>] udc_bind_to_driver+0x4f/0xf0
[ 1.187008] [<c169b15d>] usb_gadget_probe_driver+0x6d/0xb0
[ 1.187008] [<c1f7cb5e>] ? do_one_initcall+0x77/0x151
[ 1.187008] [<c1697eb8>] usb_composite_probe+0x78/0xa0
[ 1.187008] [<c1faaadf>] ? midimod_init+0xf/0xf
[ 1.187008] [<c1faaaec>] midi_driver_init+0xd/0xf
[ 1.187008] [<c1f7cbb4>] do_one_initcall+0xcd/0x151
[ 1.187008] [<c1f7c424>] ? do_early_param+0x73/0x73
[ 1.187008] [<c1060c00>] ? parse_args+0x1f0/0x430
[ 1.187008] [<c1f7cd1b>] kernel_init_freeable+0xe3/0x15b
[ 1.187008] [<c1a1411b>] kernel_init+0xb/0xe0
[ 1.187008] [<c1a22201>] ret_from_kernel_thread+0x21/0x30
[ 1.187008] [<c1a14110>] ? rest_init+0xb0/0xb0
[ 1.187008] Code: b6 00 00 00 00 8b 57 14 8b 45 f0 e8 25 d9 ff ff 85 c0 89 c3 75 69 8b 45 f0 8b 48 2c 85 c9 74 6c 8b 45 f0 8d 70 08 8b 47 48 89 f2 <8b> 40 50 83 c0 28 e8 6f 34 bc ff 85 c0 89 c3 74 0d 8b 55 f0 8d
[ 1.187008] EIP: [<c1590786>] bus_add_device+0xd6/0x160 SS:ESP 0068:d346bb30
[ 1.187008] CR2: 0000000000000050
[ 1.187008] ---[ end trace 7c40b21b66beeff8 ]---
[ 1.187008] Kernel panic - not syncing: Fatal exception
git bisect start c4a6459ce570f25e000a43786e1759b0bb43efd5 9eccca0843205f87c00404b663188b88eb248051 --
git bisect bad 9e12b75d2b6c773b3233263bf51293f19f70935f # 15:48 0- 20 Merge 'dma-mapping/dma-mapping-next' into devel-hourly-2015031010
git bisect bad 9b63cef2bf6e266a37bb84be206cd07c0fcb21f4 # 15:51 0- 8 Merge 'sound/for-next' into devel-hourly-2015031010
git bisect good 6b02e27004487655117b494db70f1adeb34df0ed # 15:54 20+ 0 Merge 'pinctrl/fixes' into devel-hourly-2015031010
git bisect good 712656265550299ca4e67adffd94159150c9be77 # 15:58 20+ 0 Merge 'slave-dma/next' into devel-hourly-2015031010
git bisect good 71b92c8a38813ac674bdf98d6efd5e615f6d0783 # 16:02 20+ 0 Merge 'tip/x86/cpu' into devel-hourly-2015031010
git bisect good c63d42b0d5c53aafc60d5dd402f5508fce5c28ed # 16:08 20+ 0 Merge 'tty/tty-testing' into devel-hourly-2015031010
git bisect good b8f28d53641f13902790904ab15028ff8ecd0882 # 16:36 20+ 0 ALSA: hda - Drop azx_mixer_create()
git bisect bad 056622053b8ae02978678ac1321b5bd956e7c812 # 16:43 1- 20 ALSA: seq: Define driver object in each driver
git bisect good 72496edcf85e048b4c5373d518e4f27938d9594e # 16:49 20+ 1 ALSA: seq: Don't compile snd_seq_device_load_drivers() for built-in
git bisect bad 7c37ae5c625aaa4836466cfaea829a3199dfc571 # 16:53 0- 20 ALSA: seq: Rewrite sequencer device binding with standard bus
# first bad commit: [7c37ae5c625aaa4836466cfaea829a3199dfc571] ALSA: seq: Rewrite sequencer device binding with standard bus
git bisect good 72496edcf85e048b4c5373d518e4f27938d9594e # 16:56 60+ 1 ALSA: seq: Don't compile snd_seq_device_load_drivers() for built-in
# extra tests with DEBUG_INFO
git bisect good 7c37ae5c625aaa4836466cfaea829a3199dfc571 # 17:01 60+ 0 ALSA: seq: Rewrite sequencer device binding with standard bus
# extra tests on HEAD of linux-devel/devel-hourly-2015031010
git bisect bad c4a6459ce570f25e000a43786e1759b0bb43efd5 # 17:01 0- 14 0day head guard for 'devel-hourly-2015031010'
# extra tests on tree/branch next/master
git bisect bad d4b69f04aca12360873199bedc1ae2a21b3c3ea2 # 17:02 0- 2 Add linux-next specific files for 20150310
# extra tests on tree/branch linus/master
git bisect good affb8172de395a6e1db52ed9790ca0456d8c29a9 # 17:05 60+ 0 Merge git://git.kernel.org/pub/scm/virt/kvm/kvm
# extra tests on tree/branch next/master
git bisect bad d4b69f04aca12360873199bedc1ae2a21b3c3ea2 # 17:05 0- 2 Add linux-next specific files for 20150310
This script may reproduce the error.
----------------------------------------------------------------------------
#!/bin/bash
kernel=$1
initrd=yocto-minimal-i386.cgz
wget --no-clobber https://github.com/fengguang/reproduce-kernel-bug/raw/master/initrd/$initrd
kvm=(
qemu-system-x86_64
-enable-kvm
-cpu Haswell,+smep,+smap
-kernel $kernel
-initrd $initrd
-m 320
-smp 1
-net nic,vlan=1,model=e1000
-net user,vlan=1
-boot order=nc
-no-reboot
-watchdog i6300esb
-rtc base=localtime
-serial stdio
-display none
-monitor null
)
append=(
hung_task_panic=1
earlyprintk=ttyS0,115200
rd.udev.log-priority=err
systemd.log_target=journal
systemd.log_level=warning
debug
apic=debug
sysrq_always_enabled
rcupdate.rcu_cpu_stall_timeout=100
panic=-1
softlockup_panic=1
nmi_watchdog=panic
oops=panic
load_ramdisk=2
prompt_ramdisk=0
console=ttyS0,115200
console=tty0
vga=normal
root=/dev/ram0
rw
drbd.minor_count=8
)
"${kvm[@]}" --append "${append[*]}"
----------------------------------------------------------------------------
Thanks,
Fengguang
View attachment "dmesg-yocto-kbuild-16:20150310165123:i386-randconfig-ib0-03101524:3.19.0-03415-g7c37ae5:24" of type "text/plain" (33867 bytes)
View attachment "config-3.19.0-03415-g7c37ae5" of type "text/plain" (83928 bytes)
Powered by blists - more mailing lists