lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 13 Nov 2017 18:24:06 +0100
From:   Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>
To:     Tony Lindgren <tony@...mide.com>
Cc:     Kees Cook <keescook@...omium.org>,
        Tomi Valkeinen <tomi.valkeinen@...com>,
        Daniel Vetter <daniel.vetter@...ll.ch>,
        Stephen Rothwell <sfr@...b.auug.org.au>,
        linux-kernel@...r.kernel.org, dri-devel@...ts.freedesktop.org
Subject: Re: Regression in Linux next-20171113 with fbdev timer conversion


On Monday, November 13, 2017 09:07:14 AM Tony Lindgren wrote:
> Hi,

Hi Tony,

> Looks like next-20171113 now has a NULL pointe dereference with commit
> 6c78935777d1 ("video: fbdev: Convert timers to use timer_setup()").
> 
> See the error below, any ideas?

Should be fixed by:

https://marc.info/?l=linux-fbdev&m=151056635200583&w=2

> Regards,
> 
> Tony
> 
> 8< ------------------
> Unable to handle kernel NULL pointer dereference at virtual address 00000214
> pgd = edfe4000
> [00000214] *pgd=00000000
> Internal error: Oops: 5 [#1] SMP ARM
> ...
> CPU: 1 PID: 920 Comm: openrc-run.sh Not tainted 4.14.0-next-20171113+ #1911
> Hardware name: Generic OMAP4 (Flattened Device Tree)
> task: ed922000 task.stack: edc20000
> PC is at _test_and_set_bit+0x20/0x48
> LR is at queue_work_on+0x28/0x74
> pc : [<c086f270>]    lr : [<c0155b78>]    psr: 60000193
> sp : edc21e38  ip : 00000000  fp : c0d09168
> r10: edb686bc  r9 : 00000001  r8 : c0544e4c
> r7 : ee80f000  r6 : 00000002  r5 : 00000214  r4 : 20000113
> r3 : 00000001  r2 : 00000001  r1 : 00000214  r0 : 00000000
> Flags: nZCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none
> Control: 10c5387d  Table: adfe404a  DAC: 00000051
> Process openrc-run.sh (pid: 920, stack limit = 0xedc20218)
> Stack: (0xedc21e38 to 0xedc22000)
> 1e20:                                                       edb686bc edb686bc
> 1e40: c0dc8588 00000100 c0544e4c c0544e6c c0dc7239 c01cc78c 00000001 00000000
> 1e60: c01cc6d0 00000000 00000000 00000000 00000001 c1505b74 c124c5f8 00000000
> 1e80: c0adfb54 00000000 c0544e4c edb686bc c0544e4c ef6b3700 edc20000 edc21ed8
> 1ea0: c0dc8588 c0d09168 edb686bc c01ccbbc ffff8fee 00000001 edc21ed8 c0d05d00
> 1ec0: ef6b3700 c0d0957c 00000100 c0dc8128 00000282 c01ccd94 00000000 c0d4675c
> 1ee0: 60000113 c0dc7132 c0d09168 c019f718 ffffe000 ffffffff c0d03084 edc20000
> 1f00: 00000001 c0dc7132 c0d09168 c0101714 c0d8821c c0dc720a 00000002 0000000a
> 1f20: ffff8fee 00400000 00000001 00000002 00000000 ffffe000 00000000 c0d0957c
> 1f40: 00000000 00000001 ee80d400 fa240100 c0d09854 c013fa6c c0c79160 c01adf54
> 1f60: fa24010c 000003eb 000003ff 00000000 edc21fb0 c0d88738 fa240100 c0101574
> 1f80: 00000006 fa241100 edc20000 b6f2e9bc 20000010 ffffffff 10c5387d 10c5387d
> 1fa0: 005169a0 00517240 005169a0 c088d6b4 005280ea 005280eb 00000000 0000005f
> 1fc0: 005280e4 004f9511 00517830 00000000 00000000 005169a0 00517240 005169a0
> 1fe0: 00000001 bed595c0 bed595e0 b6f2e9bc 20000010 ffffffff 00000000 00000000
> [<c086f270>] (_test_and_set_bit) from [<c0155b78>] (queue_work_on+0x28/0x74)
> [<c0155b78>] (queue_work_on) from [<c0544e6c>] (cursor_timer_handler+0x20/0x44)
> [<c0544e6c>] (cursor_timer_handler) from [<c01cc78c>] (call_timer_fn+0xbc/0x408)
> [<c01cc78c>] (call_timer_fn) from [<c01ccbbc>] (expire_timers+0xe4/0x220)
> [<c01ccbbc>] (expire_timers) from [<c01ccd94>] (run_timer_softirq+0x9c/0x1a4)
> [<c01ccd94>] (run_timer_softirq) from [<c0101714>] (__do_softirq+0x13c/0x5b8)
> [<c0101714>] (__do_softirq) from [<c013fa6c>] (irq_exit+0x14c/0x1a8)
> [<c013fa6c>] (irq_exit) from [<c01adf54>] (__handle_domain_irq+0x6c/0xe0)
> [<c01adf54>] (__handle_domain_irq) from [<c0101574>] (gic_handle_irq+0x58/0xb8)
> [<c0101574>] (gic_handle_irq) from [<c088d6b4>] (__irq_usr+0x54/0x80)
> Exception stack(0xedc21fb0 to 0xedc21ff8)
> 1fa0:                                     005280ea 005280eb 00000000 0000005f
> 1fc0: 005280e4 004f9511 00517830 00000000 00000000 005169a0 00517240 005169a0
> 1fe0: 00000001 bed595c0 bed595e0 b6f2e9bc 20000010 ffffffff
> Code: e1a002a0 e0811100 e1a03312 ee070fba (e1912f9f)

Best regards,
--
Bartlomiej Zolnierkiewicz
Samsung R&D Institute Poland
Samsung Electronics

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ