| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170218051047.pglsr4vwelqtrz6z@wfg-t540p.sh.intel.com>
Date: Sat, 18 Feb 2017 13:10:47 +0800
From: Fengguang Wu <fengguang.wu@...el.com>
To: dri-devel@...ts.freedesktop.org, Rob Herring <robh@...nel.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, LKP <lkp@...org>
Subject: [drm] bea5b158ff BUG: unable to handle kernel NULL pointer
dereference at 0000000000000748
Greetings,
FYI, this debug patch triggers BUG in DRM subsystem.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
commit bea5b158ff0da9c7246ff391f754f5f38e34577a
Author: Rob Herring <robh@...nel.org>
AuthorDate: Thu Aug 11 10:20:58 2016 -0500
Commit: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CommitDate: Wed Aug 31 15:13:55 2016 +0200
driver core: add test of driver remove calls during probe
In recent discussions on ksummit-discuss[1], it was suggested to do a
sequence of probe, remove, probe for testing driver remove paths. This
adds a kconfig option for said test.
[1] https://lists.linuxfoundation.org/pipermail/ksummit-discuss/2016-August/003459.html
Suggested-by: Arnd Bergmann <arnd@...db.de>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Signed-off-by: Rob Herring <robh@...nel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
+------------------------------------------+------------+------------+------------+
| | cebf8fd169 | bea5b158ff | b1ac883759 |
+------------------------------------------+------------+------------+------------+
| boot_successes | 62 | 0 | 0 |
| boot_failures | 0 | 22 | 25 |
| BUG:unable_to_handle_kernel | 0 | 22 | 25 |
| Oops:#[##] | 0 | 22 | 25 |
| RIP:__lock_acquire | 0 | 22 | |
| calltrace:bochs_init | 0 | 22 | |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 22 | 25 |
+------------------------------------------+------------+------------+------------+
[ 11.709231] [TTM] Initializing pool allocator
[ 11.710232] [TTM] Initializing DMA pool allocator
[ 11.711503] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 1
[ 11.713363] BUG: unable to handle kernel NULL pointer dereference at 0000000000000748
[ 11.715123] IP: [<ffffffff810e3db3>] __lock_acquire+0x93/0x9a0
[ 11.716586] PGD 0
[ 11.717058] Oops: 0000 [#1]
[ 11.717665] CPU: 0 PID: 1 Comm: swapper Not tainted 4.8.0-rc4-00003-gbea5b15 #1
[ 11.719302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[ 11.721518] task: ffff88001d468000 task.stack: ffff88001d470000
[ 11.722839] RIP: 0010:[<ffffffff810e3db3>] [<ffffffff810e3db3>] __lock_acquire+0x93/0x9a0
[ 11.724845] RSP: 0000:ffff88001d473b60 EFLAGS: 00010097
[ 11.726009] RAX: 0000000000000000 RBX: 0000000000000246 RCX: 0000000000000000
[ 11.727563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 11.729170] RBP: ffff88001d473b90 R08: 0000000000000000 R09: 0000000000000000
[ 11.730717] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[ 11.732328] R13: 0000000000000000 R14: 0000000000000740 R15: ffff88001d468000
[ 11.733869] FS: 0000000000000000(0000) GS:ffffffff8202f000(0000) knlGS:0000000000000000
[ 11.735624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 11.736923] CR2: 0000000000000748 CR3: 000000000200c000 CR4: 00000000000006b0
[ 11.738498] Stack:
[ 11.738970] ffff88001d473c08 0000000000000246 ffff88001d468000 ffff880018bb3668
[ 11.740679] ffffffff82267208 00000000000006d0 ffff88001d473bc8 ffffffff810e4a98
[ 11.742424] ffffffff813a2a60 ffffffff00000000 0000000000000000 ffff88001d468000
[ 11.744238] Call Trace:
[ 11.744830] [<ffffffff810e4a98>] lock_acquire+0x68/0x90
[ 11.746051] [<ffffffff813a2a60>] ? drm_mode_object_unregister+0x20/0x50
[ 11.747511] [<ffffffff8190f04a>] mutex_lock_nested+0x6a/0x300
[ 11.748820] [<ffffffff813a2a60>] ? drm_mode_object_unregister+0x20/0x50
[ 11.750276] [<ffffffff813a2a60>] ? drm_mode_object_unregister+0x20/0x50
[ 11.751795] [<ffffffff810f540e>] ? srcu_barrier+0xe/0x10
[ 11.753061] [<ffffffff813a2a60>] drm_mode_object_unregister+0x20/0x50
[ 11.754555] [<ffffffff813a3315>] drm_framebuffer_unregister_private+0x15/0x20
[ 11.756244] [<ffffffff815ef2aa>] bochs_fbdev_fini+0x5a/0x70
[ 11.757528] [<ffffffff815ee146>] bochs_unload+0x16/0x50
[ 11.758755] [<ffffffff8139eeaa>] drm_dev_unregister+0x3a/0xc0
[ 11.760100] [<ffffffff8139ef6f>] drm_put_dev+0x3f/0x50
[ 11.761260] [<ffffffff815ee090>] bochs_pci_remove+0x10/0x20
[ 11.762557] [<ffffffff812896c6>] pci_device_remove+0x46/0xb0
[ 11.763909] [<ffffffff815ff970>] driver_probe_device+0x150/0x300
[ 11.765290] [<ffffffff815ffb8d>] __driver_attach+0x6d/0x90
[ 11.766551] [<ffffffff815ffb20>] ? driver_probe_device+0x300/0x300
[ 11.767952] [<ffffffff815fdb44>] bus_for_each_dev+0x54/0x90
[ 11.769194] [<ffffffff815ffc89>] driver_attach+0x19/0x20
[ 11.770414] [<ffffffff815fe576>] bus_add_driver+0xe6/0x200
[ 11.771730] [<ffffffff81600103>] driver_register+0x83/0xc0
[ 11.773043] [<ffffffff8128987b>] __pci_register_driver+0x5b/0x60
[ 11.774427] [<ffffffff823425c3>] ? nouveau_drm_init+0x1cf/0x1cf
[ 11.775757] [<ffffffff813a029c>] drm_pci_init+0x4c/0xf0
[ 11.776940] [<ffffffff8139ee58>] ? drm_dev_register+0xb8/0xd0
[ 11.778203] [<ffffffff823425c3>] ? nouveau_drm_init+0x1cf/0x1cf
[ 11.779537] [<ffffffff8231370b>] ? do_early_param+0x8f/0x8f
[ 11.780849] [<ffffffff823425da>] bochs_init+0x17/0x19
[ 11.781978] [<ffffffff82314052>] do_one_initcall+0x89/0x11a
[ 11.783233] [<ffffffff8231370b>] ? do_early_param+0x8f/0x8f
[ 11.784497] [<ffffffff82314262>] kernel_init_freeable+0x17f/0x215
[ 11.785866] [<ffffffff8190cac9>] kernel_init+0x9/0xf0
[ 11.786990] [<ffffffff8191351f>] ret_from_fork+0x1f/0x40
[ 11.788216] [<ffffffff8190cac0>] ? rest_init+0xc0/0xc0
[ 11.789367] Code: 85 93 07 00 00 48 c7 c1 5a 44 d7 81 48 c7 c2 2e 10 d7 81 be 92 0c 00 00 48 c7 c7 20 84 d7 81 e8 94 0f fd ff e9 f1 08 00 00 89 f0 <49> 8b 44 c6 08 48 85 c0 75 21 31 d2 4c 89 f7 44 89 45 d0 89 4d
[ 11.794799] RIP [<ffffffff810e3db3>] __lock_acquire+0x93/0x9a0
[ 11.796299] RSP <ffff88001d473b60>
[ 11.797093] CR2: 0000000000000748
[ 11.797859] ---[ end trace 103f598e68dbf79f ]---
[ 11.798934] Kernel panic - not syncing: Fatal exception
git bisect start v4.9 v4.8 --
git bisect bad 9fe68cad6e74967b88d0c6aeca7d9cd6b6e91942 # 05:25 0- 1 Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
git bisect bad 5fa0eb0b4d4780fbd6d8a09850cc4fd539e9fe65 # 05:35 0- 4 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad d8ea757b25ec82687c497fc90aa83f9bcea24b5b # 05:50 0- 1 Merge tag 'xtensa-20161005' of git://github.com/jcmvbkbc/linux-xtensa
git bisect bad e6445f52d9c8b0e6557a45fa7d0e8e088d430a8c # 06:14 0- 1 Merge tag 'usb-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
git bisect good 1a4a2bc460721bc8f91e4c1294d39b38e5af132f # 06:45 20+ 0 Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect good 49deffe0b0e4c2030696c7a6fd680bacf4761069 # 07:35 20+ 0 Merge tag 'arc-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc
git bisect good 597f03f9d133e9837d00965016170271d4f87dcf # 08:15 20+ 0 Merge branch 'smp-hotplug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad 9929780e86854833e649b39b290b5fe921eb1701 # 08:43 0- 1 Merge tag 'driver-core-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
git bisect good 7a53eea1f7b527fd3b6d7ca992914840981afe99 # 08:57 21+ 1 Merge tag 'char-misc-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
git bisect bad 775115c06091fcfa1189a50aca488fa596839617 # 09:29 0- 2 drivers/base dmam_declare_coherent_memory leaks
git bisect bad 426bc8e789f8ac84270b196191904d347586032f # 09:40 0- 3 base: soc: make it explicitly non-modular
git bisect bad bea5b158ff0da9c7246ff391f754f5f38e34577a # 09:53 0- 2 driver core: add test of driver remove calls during probe
git bisect good cebf8fd16900fdfd58c0028617944f808f97fe50 # 10:04 21+ 0 driver core: fix race between creating/querying glue dir and its cleanup
# first bad commit: [bea5b158ff0da9c7246ff391f754f5f38e34577a] driver core: add test of driver remove calls during probe
git bisect good cebf8fd16900fdfd58c0028617944f808f97fe50 # 10:13 60+ 0 driver core: fix race between creating/querying glue dir and its cleanup
# extra tests with CONFIG_DEBUG_INFO_REDUCED
git bisect bad bea5b158ff0da9c7246ff391f754f5f38e34577a # 10:25 0- 12 driver core: add test of driver remove calls during probe
# extra tests on HEAD of linux-devel/devel-spot-201702160837
git bisect bad b1ac88375913cf81c56dbf5a2c9b64863f188ee2 # 10:25 0- 25 0day head guard for 'devel-spot-201702160837'
# extra tests on tree/branch linus/master
git bisect bad 6dc39c50e4aeb769c8ae06edf2b1a732f3490913 # 10:43 0- 1 Merge branch 'for-linus' of git://git.kernel.dk/linux-block
# extra tests on tree/branch linus/master
git bisect bad 6dc39c50e4aeb769c8ae06edf2b1a732f3490913 # 10:43 0- 2 Merge branch 'for-linus' of git://git.kernel.dk/linux-block
# extra tests on tree/branch linux-next/master
git bisect bad 4ce4a759a3e221b5265ebd03c2f8888b69a7cf3e # 11:07 0- 1 Add linux-next specific files for 20170217
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation
Download attachment "dmesg-quantal-vp-95:20170218095527:x86_64-randconfig-ne0-02160954:4.8.0-rc4-00003-gbea5b15:1.gz" of type "application/gzip" (11351 bytes)
View attachment "config-4.8.0-rc4-00003-gbea5b15" of type "text/plain" (78302 bytes)
Powered by blists - more mailing lists