| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170226094334.z4sz7yk3loxagi7z@wfg-t540p.sh.intel.com>
Date: Sun, 26 Feb 2017 17:43:34 +0800
From: Fengguang Wu <fengguang.wu@...el.com>
To: Alexander Aring <aar@...gutronix.de>,
Marcel Holtmann <marcel@...tmann.org>
Cc: Rob Herring <robh@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, LKP <lkp@...org>
Subject: [ieee802154_unregister_hw] bea5b158ff BUG: scheduling while atomic:
swapper/1/0x00000002
Greetings,
FYI, this debug patch discloses an old-but-still-active bug in
ieee802154/fakelb. The attached reproduce-* script may help debug it.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
commit bea5b158ff0da9c7246ff391f754f5f38e34577a
Author: Rob Herring <robh@...nel.org>
AuthorDate: Thu Aug 11 10:20:58 2016 -0500
Commit: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CommitDate: Wed Aug 31 15:13:55 2016 +0200
driver core: add test of driver remove calls during probe
In recent discussions on ksummit-discuss[1], it was suggested to do a
sequence of probe, remove, probe for testing driver remove paths. This
adds a kconfig option for said test.
[1] https://lists.linuxfoundation.org/pipermail/ksummit-discuss/2016-August/003459.html
Suggested-by: Arnd Bergmann <arnd@...db.de>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Signed-off-by: Rob Herring <robh@...nel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
cebf8fd169 driver core: fix race between creating/querying glue dir and its cleanup
bea5b158ff driver core: add test of driver remove calls during probe
+------------------------------------------------------------+------------+------------+
| | cebf8fd169 | bea5b158ff |
+------------------------------------------------------------+------------+------------+
| boot_successes | 0 | 0 |
| boot_failures | 1136 | 22 |
| RIP:__asan_load8 | 578 | |
| calltrace:mark_rodata_ro | 1136 | |
| Kernel_panic-not_syncing:softlockup:hung_tasks | 1136 | |
| RIP:note_page | 348 | |
| RIP:__fentry | 19 | |
| RIP:ptdump_walk_pgd_level_core | 126 | |
| RIP:__asan_load4 | 65 | |
| BUG:scheduling_while_atomic | 0 | 22 |
| calltrace:fakelb_init_module | 0 | 22 |
| WARNING:at_kernel/locking/mutex.c:#__mutex_unlock_slowpath | 0 | 22 |
| INFO:lockdep_is_turned_off | 0 | 22 |
| calltrace:init | 0 | 22 |
| BUG:KASAN:use-after-free_in | 0 | 22 |
| calltrace:eth_driver_init | 0 | 22 |
| BUG:unable_to_handle_kernel | 0 | 3 |
| Oops | 0 | 3 |
| RIP:qlist_move_cache | 0 | 2 |
| calltrace:rxe_module_init | 0 | 2 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 3 |
| RIP:quarantine_reduce | 0 | 1 |
| calltrace:lm#_led_driver_init | 0 | 1 |
+------------------------------------------------------------+------------+------------+
[ 305.954338] plip0: Parallel port at 0x378, using IRQ 7.
[ 305.955492] hdlc: HDLC support module revision 1.22
[ 305.956940] DLCI driver v0.35, 4 Jan 1997, mike.mclagan@...ux.org.
[ 305.968519] usbcore: registered new interface driver i2400m_usb
[ 306.022243] ieee802154fakelb ieee802154fakelb: added ieee802154 hardware
[ 306.037868] BUG: scheduling while atomic: swapper/1/0x00000002
[ 306.038701] 3 locks held by swapper/1:
[ 306.039254] #0: (&dev->mutex){......}, at: [<ffffffff81efc83f>] device_lock+0xf/0x11
[ 306.044562] #1: (&dev->mutex){......}, at: [<ffffffff81efc83f>] device_lock+0xf/0x11
[ 306.045783] #2: (fakelb_phys_lock){+.+.+.}, at: [<ffffffff82450574>] fakelb_remove+0x18/0x91
[ 306.047098] CPU: 0 PID: 1 Comm: swapper Not tainted 4.8.0-rc4-00003-gbea5b15 #1
[ 306.056218] 0000000000000000 ffff880019faf688 ffffffff81a6e9e1 ffff880019faf6a8
[ 306.057333] ffffffff81185732 0000000000000001 ffff880019fa8000 ffff880019faf700
[ 306.058425] ffffffff82edf672 0000000000000000 0000004849cea2fd ffff88001ffd101d
[ 306.059544] Call Trace:
[ 306.059897] [<ffffffff81a6e9e1>] dump_stack+0x19/0x1b
[ 306.060635] [<ffffffff81185732>] __schedule_bug+0xa3/0xb4
[ 306.061397] [<ffffffff82edf672>] __schedule+0xc2/0xb1a
[ 306.062114] [<ffffffff82ee01f5>] schedule+0xcf/0x105
[ 306.062840] [<ffffffff82ee514b>] schedule_timeout+0x88/0x191
[ 306.067725] [<ffffffff82ee50c3>] ? console_conditional_schedule+0x2c/0x2c
[ 306.068677] [<ffffffff8119b5b7>] ? mark_lock+0x3a/0x2a8
[ 306.069438] [<ffffffff8119b89d>] ? mark_held_locks+0x78/0x92
[ 306.070235] [<ffffffff82ee62c7>] ? _raw_spin_unlock_irq+0x2c/0x3a
[ 306.071090] [<ffffffff8119bd78>] ? trace_hardirqs_on_caller+0x271/0x2ba
[ 306.076981] [<ffffffff82ee100e>] __wait_for_common+0x23c/0x299
[ 306.077831] [<ffffffff82ee100e>] ? __wait_for_common+0x23c/0x299
[ 306.080855] [<ffffffff8119d25d>] ? debug_check_no_locks_freed+0x166/0x192
[ 306.081988] [<ffffffff82ee50c3>] ? console_conditional_schedule+0x2c/0x2c
[ 306.083145] [<ffffffff82ee0dd2>] ? bit_wait_io_timeout+0x68/0x68
[ 306.088230] [<ffffffff81187807>] ? scheduler_tick+0x71/0x71
[ 306.089201] [<ffffffff82ee108f>] wait_for_completion+0x24/0x26
[ 306.090218] [<ffffffff811b9e4a>] __wait_rcu_gp+0xe8/0x12d
[ 306.091125] [<ffffffff82a59733>] rcu_barrier_sched+0x8c/0xaa
[ 306.096137] [<ffffffff82a596a7>] ? __netdev_adjacent_dev_link+0x24/0x24
[ 306.097245] [<ffffffff811bf074>] ? synchronize_sched+0x86/0x86
[ 306.100133] [<ffffffff82ee14be>] ? __mutex_unlock_slowpath+0x226/0x252
[ 306.101231] [<ffffffff82ee1298>] ? __ww_mutex_lock_check_stamp+0xf3/0xf3
[ 306.102440] [<ffffffff811b9221>] ? trace_raw_output_rcu_barrier+0xb8/0xb8
[ 306.103585] [<ffffffff82ee0e75>] ? __wait_for_common+0xa3/0x299
[ 306.108651] [<ffffffff82ee14f8>] ? mutex_unlock+0xe/0x10
[ 306.109599] [<ffffffff82a7a684>] ? __rtnl_unlock+0x33/0x6b
[ 306.110576] [<ffffffff82a64a8b>] netdev_run_todo+0xc9/0x4c2
[ 306.111534] [<ffffffff82ee1298>] ? __ww_mutex_lock_check_stamp+0xf3/0xf3
[ 306.116740] [<ffffffff81aab365>] ? __list_add+0x188/0x197
[ 306.117658] [<ffffffff82a649c2>] ? netdev_refcnt_read+0x2d/0x2d
[ 306.118650] [<ffffffff82a7a992>] rtnl_unlock+0xe/0x10
[ 306.119540] [<ffffffff82e23274>] ieee802154_unregister_hw+0x48/0x73
[ 306.124668] [<ffffffff824505a7>] fakelb_remove+0x4b/0x91
[ 306.125576] [<ffffffff81eff6e6>] platform_drv_remove+0x44/0x61
[ 306.126627] [<ffffffff81efd689>] ? driver_probe_device+0x2df/0x6a5
[ 306.127660] [<ffffffff81efd698>] driver_probe_device+0x2ee/0x6a5
[ 306.132754] [<ffffffff81efda4f>] ? driver_probe_device+0x6a5/0x6a5
[ 306.133802] [<ffffffff81efdaf7>] __driver_attach+0xa8/0x10f
[ 306.134739] [<ffffffff81efa301>] ? next_device+0x22/0x2b
[ 306.135637] [<ffffffff81efa89e>] bus_for_each_dev+0xd9/0x121
[ 306.140667] [<ffffffff81efa7c5>] ? bus_remove_file+0x4a/0x4a
[ 306.141632] [<ffffffff811a3889>] ? do_raw_spin_unlock+0x12b/0x13a
[ 306.142680] [<ffffffff81efdea6>] driver_attach+0x2b/0x2e
[ 306.143572] [<ffffffff81efb717>] bus_add_driver+0x1a6/0x34a
[ 306.148614] [<ffffffff8530f837>] ? do_early_param+0xb5/0xb5
[ 306.149623] [<ffffffff81efe62c>] driver_register+0x12d/0x178
[ 306.150583] [<ffffffff81f00558>] __platform_driver_register+0x6c/0x71
[ 306.151658] [<ffffffff8538be19>] fakelb_init_module+0x99/0xb1
[ 306.156711] [<ffffffff8538bd80>] ? i2400mu_driver_init+0x27/0x27
[ 306.157737] [<ffffffff8538bd59>] ? i2400m_driver_init+0x1e/0x1e
[ 306.158729] [<ffffffff8538bd80>] ? i2400mu_driver_init+0x27/0x27
[ 306.159758] [<ffffffff8538bd80>] ? i2400mu_driver_init+0x27/0x27
[ 306.164856] [<ffffffff85310400>] do_one_initcall+0xf0/0x1d7
[ 306.165830] [<ffffffff85310310>] ? start_kernel+0x548/0x548
[ 306.166796] [<ffffffff8117b482>] ? parse_args+0x34d/0x43c
[ 306.167718] [<ffffffff8530f837>] ? do_early_param+0xb5/0xb5
[ 306.172735] [<ffffffff8531065c>] kernel_init_freeable+0x175/0x224
[ 306.173770] [<ffffffff82eda2cc>] kernel_init+0x11/0x100
[ 306.174652] [<ffffffff82ee6c4f>] ret_from_fork+0x1f/0x40
[ 306.175565] [<ffffffff82eda2bb>] ? rest_init+0x142/0x142
[ 306.317350] ------------[ cut here ]------------
[ 306.318139] WARNING: CPU: 0 PID: 1 at kernel/locking/mutex.c:739 __mutex_unlock_slowpath+0xf6/0x252
[ 306.319942] DEBUG_LOCKS_WARN_ON(in_interrupt())
[ 306.320690] CPU: 0 PID: 1 Comm: swapper Tainted: G W 4.8.0-rc4-00003-gbea5b15 #1
[ 306.322145] 0000000000000000 ffff880019faf8c0 ffffffff81a6e9e1 ffff880019faf900
[ 306.344589] ffffffff811514a4 000002e300000009 ffffed00033f5f22 ffff880019faf9e8
[ 306.345930] 00000000001fff00 ffff8800173f1bcc ffff8800173f1c60 ffff880019faf9b0
[ 306.347243] Call Trace:
[ 306.347668] [<ffffffff81a6e9e1>] dump_stack+0x19/0x1b
[ 306.348560] [<ffffffff811514a4>] __warn+0xee/0x109
[ 306.349404] [<ffffffff81151554>] warn_slowpath_fmt+0x95/0xae
[ 306.350356] [<ffffffff811514bf>] ? __warn+0x109/0x109
[ 306.351210] [<ffffffff81198310>] ? match_held_lock+0x32/0x110
[ 306.352185] [<ffffffff81224d94>] ? ftrace_likely_update+0x220/0x233
[ 306.353266] [<ffffffff82ee138e>] __mutex_unlock_slowpath+0xf6/0x252
[ 306.364421] [<ffffffff82ee1298>] ? __ww_mutex_lock_check_stamp+0xf3/0xf3
[ 306.365563] [<ffffffff81198427>] ? __lock_is_held+0x39/0x63
[ 306.366549] [<ffffffff81224d85>] ? ftrace_likely_update+0x211/0x233
[ 306.367599] [<ffffffff81224d85>] ? ftrace_likely_update+0x211/0x233
[ 306.368654] [<ffffffff82ee14f8>] mutex_unlock+0xe/0x10
[ 306.369576] [<ffffffff8138755a>] __kernfs_remove+0x253/0x4d8
[ 306.370533] [<ffffffff811982fb>] ? match_held_lock+0x1d/0x110
[ 306.371499] [<ffffffff81387307>] ? kernfs_dop_release+0x28/0x28
[ 306.372527] [<ffffffff81a7b714>] ? strlen+0x1a/0x2a
[ 306.373359] [<ffffffff81a7b56c>] ? strcmp+0x27/0x4a
[ 306.374186] [<ffffffff81386079>] ? kernfs_find_ns+0x14b/0x185
[ 306.375153] [<ffffffff81388950>] kernfs_remove_by_name_ns+0x6b/0x86
[ 306.389115] [<ffffffff8138bc56>] sysfs_remove_link+0x43/0x48
[ 306.390083] [<ffffffff81efc99b>] driver_sysfs_remove+0x50/0x66
[ 306.391068] [<ffffffff81efd6a8>] driver_probe_device+0x2fe/0x6a5
[ 306.392082] [<ffffffff81efda4f>] ? driver_probe_device+0x6a5/0x6a5
[ 306.393151] [<ffffffff81efdaf7>] __driver_attach+0xa8/0x10f
[ 306.394102] [<ffffffff81efa301>] ? next_device+0x22/0x2b
[ 306.394989] [<ffffffff81efa89e>] bus_for_each_dev+0xd9/0x121
[ 306.395980] [<ffffffff81efa7c5>] ? bus_remove_file+0x4a/0x4a
[ 306.407086] [<ffffffff811a3889>] ? do_raw_spin_unlock+0x12b/0x13a
[ 306.408117] [<ffffffff81efdea6>] driver_attach+0x2b/0x2e
[ 306.409016] [<ffffffff81efb717>] bus_add_driver+0x1a6/0x34a
[ 306.409975] [<ffffffff8530f837>] ? do_early_param+0xb5/0xb5
[ 306.410929] [<ffffffff81efe62c>] driver_register+0x12d/0x178
[ 306.411944] [<ffffffff81f00558>] __platform_driver_register+0x6c/0x71
[ 306.413081] [<ffffffff8538be19>] fakelb_init_module+0x99/0xb1
[ 306.414057] [<ffffffff8538bd80>] ? i2400mu_driver_init+0x27/0x27
[ 306.415070] [<ffffffff8538bd59>] ? i2400m_driver_init+0x1e/0x1e
[ 306.416103] [<ffffffff8538bd80>] ? i2400mu_driver_init+0x27/0x27
[ 306.417111] [<ffffffff8538bd80>] ? i2400mu_driver_init+0x27/0x27
[ 306.428228] [<ffffffff85310400>] do_one_initcall+0xf0/0x1d7
[ 306.429208] [<ffffffff85310310>] ? start_kernel+0x548/0x548
[ 306.430145] [<ffffffff8117b482>] ? parse_args+0x34d/0x43c
[ 306.431051] [<ffffffff8530f837>] ? do_early_param+0xb5/0xb5
[ 306.431991] [<ffffffff8531065c>] kernel_init_freeable+0x175/0x224
[ 306.433069] [<ffffffff82eda2cc>] kernel_init+0x11/0x100
[ 306.433966] [<ffffffff82ee6c4f>] ret_from_fork+0x1f/0x40
[ 306.434880] [<ffffffff82eda2bb>] ? rest_init+0x142/0x142
[ 306.435815] ---[ end trace 2dc98eba2702d909 ]---
[ 306.448492] BUG: scheduling while atomic: swapper/1/0x00000000
git bisect start 905dd4184e0732de41d6ee3c7b06e0cfdd9f0aad v4.8 --
git bisect bad 9e58c5dc4be31f8cf3ff62d96f91c97af6f9d58e # 22:01 5- 49 Merge branch 'MTU-core-range-checking-more'
git bisect bad b4f33f6ddd0c218e12454e1379de3aaa73f2e8dc # 22:20 4- 119 Merge tag 'armsoc-arm64' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
git bisect bad 07021b43597f506cc525d139ed1a94e79cf184f2 # 22:57 10- 19 Merge tag 'powerpc-4.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
git bisect good 4b978934a440c1aafce986353001b03289eaa040 # 00:21 88+ 181 Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect good 6aebe7f9e8697531a11b007d1e8126ba1b6e0a53 # 01:21 83+ 83 Merge branch 'x86-timers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad 77b0a4aa0732f1856aef85b8db085864e5971a14 # 02:02 1- 2 Merge tag 'hwmon-for-linus-v4.9' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
git bisect good 597f03f9d133e9837d00965016170271d4f87dcf # 11:01 80+ 266 Merge branch 'smp-hotplug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad e6dce825fba05f447bd22c865e27233182ab3d79 # 11:01 0- 165 Merge tag 'tty-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
git bisect good 7a53eea1f7b527fd3b6d7ca992914840981afe99 # 12:15 87+ 153 Merge tag 'char-misc-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
git bisect bad 9929780e86854833e649b39b290b5fe921eb1701 # 12:15 0- 93 Merge tag 'driver-core-4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
git bisect bad 775115c06091fcfa1189a50aca488fa596839617 # 12:52 8- 11 drivers/base dmam_declare_coherent_memory leaks
git bisect bad 426bc8e789f8ac84270b196191904d347586032f # 13:19 11- 12 base: soc: make it explicitly non-modular
git bisect bad bea5b158ff0da9c7246ff391f754f5f38e34577a # 13:19 0- 22 driver core: add test of driver remove calls during probe
git bisect good cebf8fd16900fdfd58c0028617944f808f97fe50 # 11:50 140+ 505 driver core: fix race between creating/querying glue dir and its cleanup
# first bad commit: [bea5b158ff0da9c7246ff391f754f5f38e34577a] driver core: add test of driver remove calls during probe
git bisect good cebf8fd16900fdfd58c0028617944f808f97fe50 # 16:21 390+ 1088 driver core: fix race between creating/querying glue dir and its cleanup
# extra tests with CONFIG_DEBUG_INFO_REDUCED
git bisect bad bea5b158ff0da9c7246ff391f754f5f38e34577a # 17:19 20- 26 driver core: add test of driver remove calls during probe
# extra tests on HEAD of linus/master
git bisect bad f1ef09fde17f9b77ca1435a5b53a28b203afb81c # 17:20 0- 1022 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
# extra tests on tree/branch linus/master
git bisect bad c4f3f22eddc982d247ffe2a6690c3e4a5c46dd09 # 17:20 0- 61 Merge tag 'linux-kselftest-4.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest
# extra tests on tree/branch linux-next/master
git bisect bad 3e7350242c6f3d41d28e03418bd781cc1b7bad5f # 17:22 0- 565 Add linux-next specific files for 20170224
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation
Download attachment "dmesg-yocto-intel12-27:20170225113447:x86_64-randconfig-s3-02231621:4.8.0-rc4-00003-gbea5b15:1.gz" of type "application/gzip" (57581 bytes)
View attachment "reproduce-yocto-intel12-27:20170225113447:x86_64-randconfig-s3-02231621:4.8.0-rc4-00003-gbea5b15:1" of type "text/plain" (907 bytes)
View attachment "config-4.8.0-rc4-00003-gbea5b15" of type "text/plain" (108213 bytes)
Powered by blists - more mailing lists