lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMNxYswaQ8h8oPHzJWa1VX_QcbSY6++=O92rq-zFSx-7twg13w@mail.gmail.com>
Date:	Wed, 17 Aug 2016 14:29:39 +0530
From:	Priyaranjan Das <priyaranjan456789@...il.com>
To:	linux-serial@...r.kernel.org
Cc:	linux-omap@...r.kernel.org, linux-kernel@...r.kernel.org,
	Priyaranjan Das <priyaranjan45678@...il.com>
Subject: tty driver crash in LInux Kernel 3.8

Hello All,

I need help in finding a fix of an issue of TTY LDISC for Kernel 3.8.


I am trying to debug a Linux Kernel Crash related to tty(serial) Ldisc
in Kernel 3.8. I am working on OMAP based embedded platform.

The below is the crash logs :-

15:40:20.6255-04:00 - Unable to handle kernel NULL pointer dereference
at virtual address 00000000
15:40:20.6255-04:00 - pgd = e2bb0000
15:40:20.6255-04:00 - [00000000] *pgd=00000000
15:40:20.6255-04:00 - Internal error: Oops: 5 [#1] PREEMPT SMP ARM
15:40:20.6255-04:00 - Modules linked in: snd_soc_dra7_atl net1080
cdc_subset cdc_ncm cdc_ether usbnet lzo arc4 8021q crc7 crc_ccitt garp
dns_resolver xfrm6_mode_tunnel xfrm6_mode_transport stp sit llc
input_polldev sdio_uart ntfs hfsplus hfs cmemk nls_utf8 usb_storage
bcmdhd g_ffs g_utbridge snd_usb_audio snd_usbmidi_lib snd_rawmidi
snd_hwdep g_zero dwc3 xhci_hcd libcomposite udc_core dwc3_omap
omap_usb3audit: audit_lost=1 audit_rate_limit=20
audit_backlog_limit=64
15:40:20.6265-04:00 - audit: rate limit exceeded
15:40:20.6265-04:00 -  omap_usb2 omap_control_usb snd_harman snd_pcm
traceBuf snd_timer snd_page_alloc snd soundcore lvsd tun mac80211
omaplfb(O) pvrsrvkm(O)
15:40:20.6265-04:00 - CPU: 0    Tainted: G           O  (3.8.13-g6b9a919 #2)
15:40:20.6265-04:00 - PC is at __wake_up_common+0x2c/0xa0
15:40:20.6265-04:00 - LR is at __wake_up+0x48/0x5c
15:40:20.6275-04:00 - pc : [<c0080d14>]    lr : [<c0083034>]    psr: a0000093
15:40:20.6275-04:00 - sp : e2b53e78  ip : 00000000  fp : e2b53eac
15:40:20.6275-04:00 - r10: e2b52000  r9 : 00000003  r8 : 00000000
15:40:20.6275-04:00 - r7 : 00000003  r6 : e422d90c  r5 : 00000013  r4 : e422d908
15:40:20.6275-04:00 - r3 : 00000000  r2 : 00000001  r1 : 00000003  r0 : e422d908
15:40:20.6275-04:00 - Flags: NzCv  IRQs off  FIQs on  Mode SVC_32  ISA
ARM  Segment user
15:40:20.6275-04:00 - Control: 10c5387d  Table: a2bb006a  DAC: 00000015
15:40:20.6275-04:00 -
15:40:20.6275-04:00 - PC: 0xc0080c94:
15:40:20.6275-04:00 - 0c94  e0a33007 e0588002 e0c99003 e1b050a5
e1a04064 e1560008 e0d7c009 e59fc024
15:40:20.6285-04:00 - 0cb4  e18020fc e18040f1 bafffff1 e24bd028
e89daff0 e1a03234 e2484001 e0040394
15:40:20.6285-04:00 - 0cd4  eaffffd2 c05bbe78 00000478 00000418
1dcd6500 e1a0c00d e92ddff0 e24cb004
15:40:20.6285-04:00 - 0cf4  e24dd00c e52de004 e8bd4000 e1a06000
e1a09001 e5b6c004 e50b2030 e156000c
15:40:20.6285-04:00 - 0d14  e59c4000 e1a08003 e244400c e24cc00c
e59b7004 0a000014 e59ca008 e1a0000c
15:40:20.6285-04:00 - 0d34  e1a03007 e1a01009 e1a02008 e59c5000
e12fff3a e1a03004 e1a0c004 e3500000
15:40:20.6285-04:00 - 0d54  0a000005 e3150001 0a000003 e51b2030
e2522001 e50b2030 0a000003 e5b3400c
15:40:20.6295-04:00 - 0d74  e1560003 e244400c 1affffea e24bd028
e89daff0 e1a0c00d e92dd800 e24cb004
15:40:20.6295-04:00 -
15:40:20.6295-04:00 - LR: 0xc0082fb4:
15:40:20.6295-04:00 - 2fb4  ebffc11d e59521f0 e5943014 e5921014
e1530001 03a04001 0a000003 e5924004
15:40:20.6295-04:00 - 2fd4  e0533004 e2734000 e0b44003 ebffc1b9
e1a00004 e89da830 e1a0c00d e92dd9f0
15:40:20.6295-04:00 - 2ff4  e24cb004 e24dd00c e52de004 e8bd4000
e1a08003 e1a04000 e1a07001 e1a06002
15:40:20.6295-04:00 - 3014  eb14ca8e e1a01007 e1a02006 e3a03000
e58d8000 e1a05000 e1a00004 ebfff72c
15:40:20.6295-04:00 - 3034  e1a00004 e1a01005 eb14cb0c e24bd020
e89da9f0 e1a0c00d e92dd9f0 e24cb004
15:40:20.6305-04:00 - 3054  e24dd00c e52de004 e8bd4000 e2504000
e1a05001 e1a07002 e1a06003 0a00000b
15:40:20.6305-04:00 - 3074  eb14ca76 e2973000 e1a01005 e1a02007
e58d6000 13a03001 e1a08000 e1a00004
15:40:20.6305-04:00 - 3094  ebfff713 e1a00004 e1a01008 eb14caf3
e24bd020 e89da9f0 e1a0c00d e92dd800
15:40:20.6305-04:00 -
15:40:20.6305-04:00 - SP: 0xe2b53df8:
15:40:20.6305-04:00 - 3df8  00000000 e2b52010 e2b53ea4 c0080d14
a0000093 c0080d14 a0000093 ffffffff
15:40:20.6305-04:00 - 3e18  e2b53e64 00000000 e2b53eac e2b53e30
c00141e4 c0008334 e422d908 00000003
15:40:20.6305-04:00 - 3e38  00000001 00000000 e422d908 00000013
e422d90c 00000003 00000000 00000003
15:40:20.6315-04:00 - 3e58  e2b52000 e2b53eac 00000000 e2b53e78
c0083034 c0080d14 a0000093 ffffffff
15:40:20.6315-04:00 - 3e78  c0086044 00000001 00000000 e422d908
00000013 00000001 00000003 00000000
15:40:20.6315-04:00 - 3e98  e2b52000 e2b52000 e2b53edc e2b53eb0
c0083034 c0080cf4 00000000 e3fab800
15:40:20.6315-04:00 - 3eb8  e2b53edc e422d900 a0000013 e3fab800
00000023 e563f180 e2b53ef4 e2b53ee0
15:40:20.6315-04:00 - 3ed8  c02f2c9c c0082ff8 e5a4b198 00000000
e2b53f04 e2b53ef8 c02f2d1c c02f2c20
15:40:20.6315-04:00 -
15:40:20.6315-04:00 - FP: 0xe2b53e2c:
15:40:20.6325-04:00 - 3e2c  c0008334 e422d908 00000003 00000001
00000000 e422d908 00000013 e422d90c
15:40:20.6325-04:00 - 3e4c  00000003 00000000 00000003 e2b52000
e2b53eac 00000000 e2b53e78 c0083034
15:40:20.6325-04:00 - 3e6c  c0080d14 a0000093 ffffffff c0086044
00000001 00000000 e422d908 00000013
15:40:20.6325-04:00 - 3e8c  00000001 00000003 00000000 e2b52000
e2b52000 e2b53edc e2b53eb0 c0083034
15:40:20.6325-04:00 - 3eac  c0080cf4 00000000 e3fab800 e2b53edc
e422d900 a0000013 e3fab800 00000023
15:40:20.6325-04:00 - 3ecc  e563f180 e2b53ef4 e2b53ee0 c02f2c9c
c0082ff8 e5a4b198 00000000 e2b53f04
15:40:20.6335-04:00 - 3eec  e2b53ef8 c02f2d1c c02f2c20 e2b53f44
e2b53f08 c02ec1c0 c02f2d10 00000023
15:40:20.6335-04:00 - 3f0c  e422d900 c02eed58 00000400 c0069480
e563f180 b643a304 e2b52008 e2b53f78
15:40:20.6335-04:00 -
15:40:20.6335-04:00 - R0: 0xe422d888:
15:40:20.6335-04:00 - d888  00000000 b4b2cb40 00000000 00000000
00000000 00000000 f8d9b11f 09f10078
15:40:20.7805-04:00 - d8a8  3c015440 800ef000 e8bdb00a f8d985e0
20e6e14c 1c0247f0 000000d1 000000d1
15:40:20.7805-04:00 - d8c8  000000ed 00000001 00000000 00000000
00000000 00000000 00028cc9 00000020
15:40:20.7805-04:00 - d8e8  00008060 00000000 0000004c 5c00f5bd
c000f8dc 4060e92d 0000002c 00000185
15:40:20.7805-04:00 - d908  00010000 00000000 00000000 00000000
e99c10a0 e99c10a0 f8502c10 f8d0000c
15:40:20.7815-04:00 - d928  47f0e02c f0003c01 b0058003 8060e8bd
e230f8d9 e7f847f0 7379732f 72656b2f
15:40:20.7815-04:00 - d948  2f6c656e 75626564 00000067 00000000
00000000 00000000 c000f8dc 40e0e92d
15:40:20.7815-04:00 - d968  1c07b084 1c0d9000 68c01c38 f8d01c29
f8d00140 47f0e02c 00000128 00000003
15:40:20.7815-04:00 -
15:40:20.7815-04:00 - R4: 0xe422d888:
15:40:20.7815-04:00 - d888  00000000 b4b2cb40 00000000 00000000
00000000 00000000 f8d9b11f 09f10078
15:40:20.7815-04:00 - d8a8  3c015440 800ef000 e8bdb00a f8d985e0
20e6e14c 1c0247f0 000000d1 000000d1
15:40:20.7815-04:00 - d8c8  000000ed 00000001 00000000 00000000
00000000 00000000 00028cc9 00000020
15:40:20.7825-04:00 - d8e8  00008060 00000000 0000004c 5c00f5bd
c000f8dc 4060e92d 0000002c 00000185
15:40:20.7825-04:00 - d908  00010000 00000000 00000000 00000000
e99c10a0 e99c10a0 f8502c10 f8d0000c
15:40:20.7825-04:00 - d928  47f0e02c f0003c01 b0058003 8060e8bd
e230f8d9 e7f847f0 7379732f 72656b2f
15:40:20.7825-04:00 - d948  2f6c656e 75626564 00000067 00000000
00000000 00000000 c000f8dc 40e0e92d
15:40:20.7825-04:00 - d968  1c07b084 1c0d9000 68c01c38 f8d01c29
f8d00140 47f0e02c 00000128 00000003
15:40:20.7825-04:00 -
15:40:20.7825-04:00 - R6: 0xe422d88c:
15:40:20.7825-04:00 - d88c  b4b2cb40 00000000 00000000 00000000
00000000 f8d9b11f 09f10078 3c015440
15:40:20.7835-04:00 - d8ac  800ef000 e8bdb00a f8d985e0 20e6e14c
1c0247f0 000000d1 000000d1 000000ed
15:40:20.7835-04:00 - d8cc  00000001 00000000 00000000 00000000
00000000 00028cc9 00000020 00008060
15:40:20.7835-04:00 - d8ec  00000000 0000004c 5c00f5bd c000f8dc
4060e92d 0000002c 00000185 00010000
15:40:20.7835-04:00 - d90c  00000000 00000000 00000000 e99c10a0
e99c10a0 f8502c10 f8d0000c 47f0e02c
15:40:20.7835-04:00 - d92c  f0003c01 b0058003 8060e8bd e230f8d9
e7f847f0 7379732f 72656b2f 2f6c656e
15:40:20.7835-04:00 - d94c  75626564 00000067 00000000 00000000
00000000 c000f8dc 40e0e92d 1c07b084
15:40:20.7845-04:00 - d96c  1c0d9000 68c01c38 f8d01c29 f8d00140
47f0e02c 00000128 00000003 0000000f
15:40:20.7845-04:00 -
15:40:20.7845-04:00 - R10: 0xe2b51f80:
15:40:20.7845-04:00 - 1f80  af4950f0 af495120 af4950c0 00000036
c00149c8 e2b50000 00000000 e2b51fa8
15:40:20.7845-04:00 - 1fa0  c0014740 c0134b20 af4950f0 af495120
00000005 c0186201 a4ca7cd0 a4ca7cc8
15:40:20.7845-04:00 - 1fc0  af4950f0 af495120 af4950c0 00000036
00000001 b4903e88 b6df4fd9 a4ca7db0
15:40:20.7845-04:00 - 1fe0  b4878ca0 a4ca7cb8 b6e306f1 b6e198d8
600f0010 00000005 00000000 00000000
15:40:20.7855-04:00 - 2000  00000003 00000002 00000000 e40ca940
c08e78bc 00000000 00000015 e2b90e40
15:40:20.7855-04:00 - 2020  00000000 e2b52010 c088a900 e40ca940
c1987900 e88b4dc0 e2b53ea4 e2b53e10
15:40:20.7855-04:00 - 2040  c05b43c8 00000000 00000000 00000000
00000000 00000000 01010000 00000000
15:40:20.7855-04:00 - 2060  b6face30 00000000 00000000 00000000
00000000 00000000 00000000 00000000
15:40:20.7855-04:00 - Process sh (pid: 5559, stack limit = 0xe2b52240)
15:40:20.7855-04:00 - Stack: (0xe2b53e78 to 0xe2b54000)
15:40:20.7855-04:00 - 3e60:
           c0086044 00000001
15:40:20.7865-04:00 - 3e80: 00000000 e422d908 00000013 00000001
00000003 00000000 e2b52000 e2b52000
15:40:20.7865-04:00 - 3ea0: e2b53edc e2b53eb0 c0083034 c0080cf4
00000000 e3fab800 e2b53edc e422d900
15:40:20.7865-04:00 - 3ec0: a0000013 e3fab800 00000023 e563f180
e2b53ef4 e2b53ee0 c02f2c9c c0082ff8
15:40:20.7865-04:00 - 3ee0: e5a4b198 00000000 e2b53f04 e2b53ef8
c02f2d1c c02f2c20 e2b53f44 e2b53f08
15:40:20.7865-04:00 - 3f00: c02ec1c0 c02f2d10 00000023 e422d900
c02eed58 00000400 c0069480 e563f180
15:40:20.7865-04:00 - 3f20: b643a304 e2b52008 e2b53f78 00000000
00000023 00000000 e2b53f74 e2b53f48
15:40:20.7875-04:00 - 3f40: c0123ac8 c02ec008 00000043 c00149c8
00000000 00000000 e563f180 b643a304
15:40:20.7875-04:00 - 3f60: 00000000 00000023 e2b53fa4 e2b53f78
c0123c78 c0123a28 00000000 00000000
15:40:20.7875-04:00 - 3f80: b6fd5f6c 00000000 00000023 00000004
c00149c8 e2b52000 00000000 e2b53fa8
15:40:20.7875-04:00 - 3fa0: c0014740 c0123c38 b6fd5f6c 00000000
00000002 b643a304 00000023 00000002
15:40:20.7875-04:00 - 3fc0: b6fd5f6c 00000000 00000023 00000004
00000000 00000000 00000000 00000000
15:40:20.7875-04:00 - 3fe0: b643a304 be9ad7e0 b6fca04b b6f5b2ac
200f0010 00000002 a9781821 a9781c21
15:40:20.7885-04:00 - [<c0080d14>] (__wake_up_common+0x2c/0xa0) from
[<c0083034>] (__wake_up+0x48/0x5c)
15:40:20.7885-04:00 - [<c0083034>] (__wake_up+0x48/0x5c) from
[<c02f2c9c>] (put_ldisc+0x88/0xf0)
15:40:20.7885-04:00 - [<c02f2c9c>] (put_ldisc+0x88/0xf0) from
[<c02f2d1c>] (tty_ldisc_deref+0x18/0x1c)
15:40:20.7885-04:00 - [<c02f2d1c>] (tty_ldisc_deref+0x18/0x1c) from
[<c02ec1c0>] (tty_write+0x1c4/0x274)
15:40:20.7885-04:00 - [<c02ec1c0>] (tty_write+0x1c4/0x274) from
[<c0123ac8>] (vfs_write+0xac/0x188)
15:40:20.8215-04:00 - [<c0123ac8>] (vfs_write+0xac/0x188) from
[<c0123c78>] (sys_write+0x4c/0x88)
15:40:20.8225-04:00 - [<c0123c78>] (sys_write+0x4c/0x88) from
[<c0014740>] (ret_fast_syscall+0x0/0x48)
15:40:20.8225-04:00 - Code: e1a09001 e5b6c004 e50b2030 e156000c (e59c4000)


As per my understanding the tty serial driver crashes during the
put_ldisc as can be seen from the stack above.

We have back ported a latest patch (as below)  to resolve the Kernel
Bug - 'Bad Scheduling while Atomic'  w.r.t drivers/tty/tty_ldisc.c

commit bd5d7ce9afdd0cddc5ab65e20d1134ccad824418

Author: Ivo Sieben <meltedpianoman@...il.com>

Date:   Tue Dec 18 15:48:50 2012 +0100



    tty: Only wakeup the line discipline idle queue when queue is active


However the above issue was reproduced even after the patch was
applied. Can anyone help me?

I observed that there were multiple of patches submitted after 3.8 for
race conditions/crashes on TTY LDISC in Kerbel 3.14. But As I am not
migrating the whole kernel now, I am facing the above problem.


Regards,
Priyaranjan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ