lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <43c65825-a272-9e4f-7b63-5693f44c5db3@gmail.com>
Date:   Sat, 6 Mar 2021 13:50:58 -0800
From:   Robert Gadsdon <rhgadsdon@...il.com>
To:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: 5.12-rc1 and -rc2 - BUG/crash after KVM/USB connect/disconnect.

HP Z220 (xeon).  Fedora 33  GCC 10.2.1

Boot system, connect via KVM (DVI/USB) and disconnect, then:

.........................

usb 1-1.1.1: USB disconnect, device number 6
usb 1-1.1.1.2: USB disconnect, device number 8
usb 1-1.1.1.4: USB disconnect, device number 9
usb 1-1.1.1.5: clear tt 5 (90d4) error -71
usb 1-1.1.1.5: USB disconnect, device number 11
usb 1-1.1.1.5.4: USB disconnect, device number 12
cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
BUG: kernel NULL pointer dereference, address: 0000000000000278
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] SMP NOPTI
CPU: 0 PID: 2899 Comm: kworker/0:0 Not tainted 5.12.0-rc2 #1
Hardware name: Hewlett-Packard HP Z220 CMT Workstation/1790, BIOS K51 
v01.87 06/10/2019
Workqueue: usb_hub_wq hub_event
RIP: 0010:gpiodevice_release+0xc/0x70
Code: c0 0f b6 c0 5b c3 85 c0 5b 0f 95 c0 0f b6 c0 c3 0f 0b eb b1 b8 fb 
ff ff ff 5b c3 0f 1f 00 55 48 8b 6f 78 48 c7 c7 d0 24 13 b7 <48> 8b 95 
78 02 00 00 48 8b 85 80 02 00 00 48 89 42 08 48 89 10 8b
RSP: 0018:ffffb7b600a3bb10 EFLAGS: 00010286
RAX: ffffffffb6414650 RBX: 00000000ffffffff RCX: 0000000000000282
RDX: ffff8a255a8d6598 RSI: 0000000000000282 RDI: ffffffffb71324d0
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000282
R10: 0000000000000001 R11: ffffffffb71646a0 R12: ffff8a254f51a100
R13: ffffffffb7145e60 R14: ffff8a255a811790 R15: 0000000000000002
FS:  0000000000000000(0000) GS:ffff8a284dc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000278 CR3: 000000012dd6a003 CR4: 00000000001706f0
Call Trace:
  device_release+0x2f/0x80
  kobject_put+0x63/0xc0
  cp210x_disconnect+0x1b/0x30 [cp210x]
  usb_serial_disconnect+0xe1/0x130
  usb_unbind_interface+0x65/0x1c0
  __device_release_driver+0x144/0x1f0
  device_release_driver+0x1f/0x30
  bus_remove_device+0xcd/0x110
  device_del+0x185/0x450
  ? kobject_put+0x70/0xc0
  usb_disable_device+0xac/0x150
  usb_disconnect.cold+0x60/0x1a4
  usb_disconnect.cold+0x29/0x1a4
  usb_disconnect.cold+0x29/0x1a4
  hub_event+0x5cf/0x1230
  ? __switch_to_asm+0x42/0x70
  process_one_work+0x1ea/0x340
  worker_thread+0x48/0x3c0
  ? rescuer_thread+0x380/0x380
  kthread+0x111/0x130
  ? __kthread_bind_mask+0x60/0x60
  ret_from_fork+0x22/0x30
Modules linked in: rfcomm cmac hid_logitech_hidpp bnep btusb btrtl btbcm 
btintel bluetooth ecdh_generic ecc hid_logitech_dj cp210x joydev 
uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 snd_usb_audio 
videobuf2_common snd_usbmidi_lib videodev snd_rawmidi mc iptable_filter 
bpfilter sunrpc snd_hda_codec_hdmi snd_hda_codec_realtek 
snd_hda_codec_generic ledtrig_audio x86_pkg_temp_thermal 
intel_powerclamp snd_hda_intel coretemp snd_intel_dspcfg snd_hda_codec 
kvm_intel snd_hda_core snd_hwdep snd_seq kvm snd_seq_device irqbypass 
at24 snd_pcm rapl hp_wmi snd_timer sparse_keymap iTCO_wdt wmi_bmof 
rfkill iTCO_vendor_support snd intel_cstate pcspkr i2c_i801 intel_uncore 
i2c_smbus soundcore lpc_ich wmi drm zram ip_tables x_tables 
crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel r8169 
e1000e fuse
CR2: 0000000000000278
---[ end trace a5b6fc6316be72a4 ]---
RIP: 0010:gpiodevice_release+0xc/0x70
Code: c0 0f b6 c0 5b c3 85 c0 5b 0f 95 c0 0f b6 c0 c3 0f 0b eb b1 b8 fb 
ff ff ff 5b c3 0f 1f 00 55 48 8b 6f 78 48 c7 c7 d0 24 13 b7 <48> 8b 95 
78 02 00 00 48 8b 85 80 02 00 00 48 89 42 08 48 89 10 8b
RSP: 0018:ffffb7b600a3bb10 EFLAGS: 00010286
RAX: ffffffffb6414650 RBX: 00000000ffffffff RCX: 0000000000000282
RDX: ffff8a255a8d6598 RSI: 0000000000000282 RDI: ffffffffb71324d0
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000282
R10: 0000000000000001 R11: ffffffffb71646a0 R12: ffff8a254f51a100
R13: ffffffffb7145e60 R14: ffff8a255a811790 R15: 0000000000000002
FS:  0000000000000000(0000) GS:ffff8a284dc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000278 CR3: 000000012dd6a003 CR4: 00000000001706f0

................................

Fault is 100% reproducible.   Login/logout no longer works.  Hard power 
cycle required.

No problems with Kernel 5.11.x

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ