| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Oct 2016 20:43:38 +0800
From: Fengguang Wu <fengguang.wu@...el.com>
To: Rob Herring <robh@...nel.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, LKP <lkp@...org>
Subject: [driver core] bea5b158ff: BUG: unable to handle kernel NULL pointer
dereference at 00000000000002ac
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
commit bea5b158ff0da9c7246ff391f754f5f38e34577a
Author: Rob Herring <robh@...nel.org>
AuthorDate: Thu Aug 11 10:20:58 2016 -0500
Commit: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CommitDate: Wed Aug 31 15:13:55 2016 +0200
driver core: add test of driver remove calls during probe
In recent discussions on ksummit-discuss[1], it was suggested to do a
sequence of probe, remove, probe for testing driver remove paths. This
adds a kconfig option for said test.
[1] https://lists.linuxfoundation.org/pipermail/ksummit-discuss/2016-August/003459.html
Suggested-by: Arnd Bergmann <arnd@...db.de>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Signed-off-by: Rob Herring <robh@...nel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
+-----------------------------------------------------------+------------+------------+------------+
| | cebf8fd169 | bea5b158ff | 08aeb48a4d |
+-----------------------------------------------------------+------------+------------+------------+
| boot_successes | 50 | 0 | 0 |
| boot_failures | 124 | 44 | 13 |
| BUG:kernel_reboot-without-warning_in_test_stage | 5 | | |
| invoked_oom-killer:gfp_mask=0x | 2 | | |
| Mem-Info | 2 | | |
| Kernel_panic-not_syncing:Attempted_to_kill_init!exitcode= | 117 | | |
| BUG:unable_to_handle_kernel | 0 | 44 | 13 |
| Oops | 0 | 44 | 13 |
| RIP:__mutex_lock_slowpath | 0 | 44 | 13 |
| calltrace:bochs_init | 0 | 44 | 13 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 44 | 13 |
+-----------------------------------------------------------+------------+------------+------------+
[ 3.380251] [TTM] Initializing pool allocator
[ 3.380872] [TTM] Initializing DMA pool allocator
[ 3.381602] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 1
[ 3.382674] BUG: unable to handle kernel NULL pointer dereference at 00000000000002ac
[ 3.383768] IP: [<ffffffff860b1a61>] __mutex_lock_slowpath+0x91/0x2d0
[ 3.384651] PGD 0
[ 3.384956] Oops: 0002 [#1] SMP DEBUG_PAGEALLOC
[ 3.385566] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.8.0-rc4-00003-gbea5b15 #1
[ 3.386566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[ 3.387744] task: ffff88001f562040 task.stack: ffff88001f564000
[ 3.388542] RIP: 0010:[<ffffffff860b1a61>] [<ffffffff860b1a61>] __mutex_lock_slowpath+0x91/0x2d0
[ 3.389753] RSP: 0000:ffff88001f567be8 EFLAGS: 00010046
[ 3.390473] RAX: 0000000000000000 RBX: 00000000000002a8 RCX: 0000000000000000
[ 3.391431] RDX: 0000000000000001 RSI: 0000000000000061 RDI: 00000000000002a8
[ 3.392383] RBP: ffff88001f567c38 R08: 0000000000000000 R09: 0000000000000000
[ 3.393339] R10: ffff88001df09978 R11: 0000000000000007 R12: 00000000000002ac
[ 3.394289] R13: 0000000000000000 R14: ffff88001f562040 R15: 0000000000000246
[ 3.395248] FS: 0000000000000000(0000) GS:ffff88001f800000(0000) knlGS:0000000000000000
[ 3.396329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3.397104] CR2: 00000000000002ac CR3: 0000000018a07000 CR4: 00000000001406f0
[ 3.398057] Stack:
[ 3.398338] ffffffff00000000 ffff88001f567bf0 ffff88001f567bf0 0000000000000246
[ 3.399399] ffffffff8668c040 00000000000002a8 ffff88001de9ef00 0000000000000000
[ 3.400458] ffffffff868a0aa8 0000000000000000 ffff88001f567c50 ffffffff860b1cc3
[ 3.401525] Call Trace:
[ 3.401873] [<ffffffff860b1cc3>] mutex_lock+0x23/0x40
[ 3.402566] [<ffffffff8585689e>] drm_mode_object_unregister+0x1e/0x50
[ 3.403442] [<ffffffff858571e5>] drm_framebuffer_unregister_private+0x15/0x20
[ 3.404404] [<ffffffff8598b7cc>] bochs_fbdev_fini+0x5c/0x70
[ 3.405170] [<ffffffff8598a5e6>] bochs_unload+0x16/0x50
[ 3.405887] [<ffffffff85852bda>] drm_dev_unregister+0x3a/0xc0
[ 3.406674] [<ffffffff85852ca3>] drm_put_dev+0x43/0x50
[ 3.407389] [<ffffffff8598a5c0>] bochs_pci_remove+0x10/0x20
[ 3.408150] [<ffffffff8570d508>] pci_device_remove+0x28/0x60
[ 3.408924] [<ffffffff85998145>] really_probe+0x135/0x2b0
[ 3.409662] [<ffffffff85998332>] __driver_attach+0x72/0xa0
[ 3.410419] [<ffffffff859982c0>] ? really_probe+0x2b0/0x2b0
[ 3.411181] [<ffffffff8599673f>] bus_for_each_dev+0x4f/0x90
[ 3.411943] [<ffffffff859986a9>] driver_attach+0x19/0x20
[ 3.412664] [<ffffffff85997094>] bus_add_driver+0xe4/0x200
[ 3.413413] [<ffffffff86a3298c>] ? qxl_init+0x36/0x36
[ 3.414106] [<ffffffff85998b47>] driver_register+0x87/0xc0
[ 3.414855] [<ffffffff86a3298c>] ? qxl_init+0x36/0x36
[ 3.415542] [<ffffffff8570d657>] __pci_register_driver+0x47/0x50
[ 3.416359] [<ffffffff858540ce>] drm_pci_init+0x4e/0xf0
[ 3.417076] [<ffffffff85852b96>] ? drm_dev_register+0xb6/0xc0
[ 3.417858] [<ffffffff86a3298c>] ? qxl_init+0x36/0x36
[ 3.418543] [<ffffffff86a329a3>] bochs_init+0x17/0x19
[ 3.419234] [<ffffffff869f92e4>] do_one_initcall+0x9a/0x14b
[ 3.419996] [<ffffffff854b56b8>] ? parse_args+0x208/0x320
[ 3.420728] [<ffffffff869f94fe>] kernel_init_freeable+0x169/0x1f6
[ 3.421550] [<ffffffff869f8896>] ? do_early_param+0x8a/0x8a
[ 3.422310] [<ffffffff860a6cf9>] kernel_init+0x9/0x100
[ 3.423016] [<ffffffff860b419f>] ret_from_fork+0x1f/0x40
[ 3.423737] [<ffffffff860a6cf0>] ? rest_init+0x80/0x80
[ 3.424444] Code: 00 48 c7 c7 40 c0 68 86 31 c0 e8 7b ac 3e ff 9c 58 0f 1f 44 00 00 49 89 c7 fa 66 0f 1f 44 00 00 31 c0 4c 8d 63 04 ba 01 00 00 00 <3e> 0f b1 53 04 85 c0 74 0a 89 c6 4c 89 e7 e8 2c 43 42 ff 8b 3d
[ 3.428124] RIP [<ffffffff860b1a61>] __mutex_lock_slowpath+0x91/0x2d0
[ 3.429019] RSP <ffff88001f567be8>
[ 3.429490] CR2: 00000000000002ac
[ 3.429948] ---[ end trace 869b459196f674a6 ]---
[ 3.430567] Kernel panic - not syncing: Fatal exception
git bisect start 1001354ca34179f3db924eb66672442a173147dc v4.8 --
git bisect bad 513a4befae06c4469abfb836e8f71977de58c636 # 21:18 0- 9 Merge branch 'for-4.9/block' of git://git.kernel.dk/linux-block
git bisect bad a3443cda5588985a2724d6d0f4a5f04e625be6eb # 21:41 0- 1 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
git bisect good 5e1b834b27fb2c27cde33a0752425f11d10c0b2d # 22:06 42+ 24 Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad 808c2b0583f010d3993ae534980af55c43c1adba # 22:26 0- 3 Merge tag 'regmap-v4.9' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap
git bisect bad e6dce825fba05f447bd22c865e27233182ab3d79 # 22:41 0- 9 Merge tag 'tty-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
git bisect good 597f03f9d133e9837d00965016170271d4f87dcf # 23:02 40+ 27 Merge branch 'smp-hotplug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect good 7a53eea1f7b527fd3b6d7ca992914840981afe99 # 23:31 43+ 21 Merge tag 'char-misc-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
git bisect bad 9929780e86854833e649b39b290b5fe921eb1701 # 00:05 0- 1 Merge tag 'driver-core-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
git bisect bad 775115c06091fcfa1189a50aca488fa596839617 # 00:16 0- 3 drivers/base dmam_declare_coherent_memory leaks
git bisect bad 426bc8e789f8ac84270b196191904d347586032f # 00:30 0- 3 base: soc: make it explicitly non-modular
git bisect bad bea5b158ff0da9c7246ff391f754f5f38e34577a # 00:45 0- 29 driver core: add test of driver remove calls during probe
git bisect good cebf8fd16900fdfd58c0028617944f808f97fe50 # 00:59 44+ 24 driver core: fix race between creating/querying glue dir and its cleanup
# first bad commit: [bea5b158ff0da9c7246ff391f754f5f38e34577a] driver core: add test of driver remove calls during probe
git bisect good cebf8fd16900fdfd58c0028617944f808f97fe50 # 01:06 126+ 124 driver core: fix race between creating/querying glue dir and its cleanup
# extra tests with CONFIG_DEBUG_INFO_REDUCED
git bisect bad bea5b158ff0da9c7246ff391f754f5f38e34577a # 01:17 0- 3 driver core: add test of driver remove calls during probe
# extra tests on HEAD of linux-devel/devel-spot-201610182014
git bisect bad 08aeb48a4d69aa5f87790bddda3f8a25b0002804 # 01:17 0- 13 0day head guard for 'devel-spot-201610182014'
# extra tests on tree/branch linus/master
git bisect bad 14155cafeadda946376260e2ad5d39a0528a332f # 01:37 0- 19 btrfs: assign error values to the correct bio structs
# extra tests with first bad commit reverted
git bisect bad fdc229d9ba3d5addc1309ee307d1500c69032911 # 01:53 16- 17 Revert "driver core: add test of driver remove calls during probe"
# extra tests on tree/branch linus/master
git bisect bad 08328814256d888634ff15ba8fb67e2ae4340b64 # 02:04 0- 5 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
# extra tests on tree/branch linux-next/master
git bisect bad 406b05876c202a8f0ac5dc3805d13d7a80e6f9c9 # 02:27 0- 5 Add linux-next specific files for 20161018
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation
Download attachment "dmesg-yocto-ivb41-137:20161018164457:x86_64-randconfig-n0-10182032:4.8.0-rc4-00003-gbea5b15:1.gz" of type "application/gzip" (10071 bytes)
Download attachment "dmesg-quantal-ivb41-45:20161018165702:x86_64-randconfig-n0-10182032:4.8.0-rc4-00002-gcebf8fd:2.gz" of type "application/gzip" (18896 bytes)
View attachment "config-4.8.0-rc4-00003-gbea5b15" of type "text/plain" (100381 bytes)
Powered by blists - more mailing lists