Re: [alsa-devel] [ALSA/seq] BUG: unable to handle kernel NULL pointer dereference at 00000050

11 Mar 2015

At Wed, 11 Mar 2015 18:37:48 +0800,
Fengguang Wu wrote:
...
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
commit 7c37ae5c625aaa4836466cfaea829a3199dfc571
Author:     Takashi Iwai tiwai@suse.de
AuthorDate: Thu Feb 12 10:51:59 2015 +0100
Commit:     Takashi Iwai tiwai@suse.de
CommitDate: Thu Feb 12 11:35:11 2015 +0100
ALSA: seq: Rewrite sequencer device binding with standard bus

We've used the old house-made code for binding the sequencer device
and driver.  This can be far better implemented with the standard
bus nowadays.

This patch refactors the whole sequencer binding code with the bus
/sys/bus/snd_seq.  The devices appear as id-card-device on this bus
and are bound with the drivers corresponding to the given id like the
former implementation.  The module autoload is also kept like before.

There is no change in API functions by this patch, and almost all
transitions are kept inside seq_device.c.  The proc file output will
change slightly but kept compatible as much as possible.

Further integration works will follow in later patches.

Signed-off-by: Takashi Iwai <tiwai@suse.de>


+------------------------------------------+------------+------------+-----------------+
|                                          | 72496edcf8 | 7c37ae5c62 | v4.0-rc3_031010 |
+------------------------------------------+------------+------------+-----------------+
| boot_successes                           | 79         | 0          | 0               |
| boot_failures                            | 1          | 20         | 14              |
| BUG:kernel_boot_crashed                  | 1          |            |                 |
| BUG:unable_to_handle_kernel              | 0          | 20         | 14              |
| Oops                                     | 0          | 20         | 14              |
| EIP_is_at_bus_add_device                 | 0          | 20         | 14              |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 20         | 14              |
| backtrace:usb_composite_probe            | 0          | 20         | 14              |
| backtrace:midi_driver_init               | 0          | 20         | 14              |
| backtrace:kernel_init_freeable           | 0          | 20         | 14              |
+------------------------------------------+------------+------------+-----------------+
[    1.178531] udc dummy_udc.0: registering UDC driver [MIDI Gadget]
[    1.179260] MIDI Gadget gadget: adding config #1 'MIDI Gadget'/c1f006c0
[    1.184102] MIDI Gadget gadget: adding 'gmidi function'/d1fab310 to config 'MIDI Gadget'/c1f006c0
[    1.186606] BUG: unable to handle kernel NULL pointer dereference at 00000050
[    1.187008] IP: [<c1590786>] bus_add_device+0xd6/0x160
[    1.187008] *pde = 00000000 
[    1.187008] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[    1.187008] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 3.19.0-03415-g7c37ae5 #24
[    1.187008] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[    1.187008] task: d3480000 ti: d346a000 task.ti: d346a000
[    1.187008] EIP: 0060:[<c1590786>] EFLAGS: 00010246 CPU: 0
[    1.187008] EIP is at bus_add_device+0xd6/0x160
[    1.187008] EAX: 00000000 EBX: 00000000 ECX: d1fb7cc0 EDX: d1fa90bc
[    1.187008] ESI: d1fa90bc EDI: c1f4f800 EBP: d346bb44 ESP: d346bb30
[    1.187008]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[    1.187008] CR0: 80050033 CR2: 00000050 CR3: 02023000 CR4: 000406d0
[    1.187008] Stack:
[    1.187008]  c1291226 d1fa90b4 d1fa90bc d1f78c7c 00000000 d346bb84 c158e80a d1fa90bc
[    1.187008]  d1f78c84 00000000 00000002 00000000 00000000 d1fa90b4 d1fa9048 2e056fb7
[    1.187008]  00000002 ffffffff d1fb6dd0 00000000 d238b024 d346bb8c c18c26f0 d346bb98
[    1.187008] Call Trace:
[    1.187008]  [<c1291226>] ? acpi_platform_notify+0x19/0x78
[    1.187008]  [<c158e80a>] device_add+0x33a/0x530
[    1.187008]  [<c18c26f0>] snd_seq_device_dev_register+0x10/0x20
[    1.187008]  [<c18a13b6>] snd_device_register+0x46/0x80
[    1.187008]  [<c18b181d>] snd_rawmidi_dev_register+0x1cd/0x2d0
[    1.187008]  [<c189e70a>] ? snd_ctl_dev_register+0x2a/0x30
[    1.187008]  [<c18a1432>] snd_device_register_all+0x42/0x70
[    1.187008]  [<c189e10d>] snd_card_register+0x3d/0x150
[    1.187008]  [<c16c284a>] f_midi_bind+0x16a/0x6c0
[    1.187008]  [<c104de70>] ? irq_exit+0x30/0x60
[    1.187008]  [<c10881ef>] ? console_unlock+0x38f/0x520
[    1.187008]  [<c108860a>] ? vprintk_emit+0x28a/0x5f0
[    1.187008]  [<c158f8df>] ? dev_vprintk_emit+0x14f/0x280
[    1.187008]  [<c1109c9b>] ? alloc_debug_processing+0xcb/0x150
[    1.187008]  [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
[    1.187008]  [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
[    1.187008]  [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
[    1.187008]  [<c1faabc0>] ? midi_bind+0xd2/0xd2
[    1.187008]  [<c158fa2a>] ? dev_printk_emit+0x1a/0x20
[    1.187008]  [<c158fa76>] ? __dev_printk+0x46/0x90
[    1.187008]  [<c158fae6>] ? dev_printk+0x26/0x30
[    1.187008]  [<c16971b9>] usb_add_function+0x79/0x140
[    1.187008]  [<c1faabc0>] ? midi_bind+0xd2/0xd2
[    1.187008]  [<c1faabe5>] midi_bind_config+0x25/0x3c
[    1.187008]  [<c169753c>] usb_add_config+0x9c/0x240
[    1.187008]  [<c1a1ee48>] ? mutex_unlock+0x8/0x10
[    1.187008]  [<c1faab86>] midi_bind+0x98/0xd2
[    1.187008]  [<c1697d28>] composite_bind+0x88/0x1a0
[    1.187008]  [<c169a92f>] udc_bind_to_driver+0x4f/0xf0
[    1.187008]  [<c169b15d>] usb_gadget_probe_driver+0x6d/0xb0
[    1.187008]  [<c1f7cb5e>] ? do_one_initcall+0x77/0x151
[    1.187008]  [<c1697eb8>] usb_composite_probe+0x78/0xa0
[    1.187008]  [<c1faaadf>] ? midimod_init+0xf/0xf
[    1.187008]  [<c1faaaec>] midi_driver_init+0xd/0xf
[    1.187008]  [<c1f7cbb4>] do_one_initcall+0xcd/0x151
[    1.187008]  [<c1f7c424>] ? do_early_param+0x73/0x73
[    1.187008]  [<c1060c00>] ? parse_args+0x1f0/0x430
[    1.187008]  [<c1f7cd1b>] kernel_init_freeable+0xe3/0x15b
[    1.187008]  [<c1a1411b>] kernel_init+0xb/0xe0
[    1.187008]  [<c1a22201>] ret_from_kernel_thread+0x21/0x30
[    1.187008]  [<c1a14110>] ? rest_init+0xb0/0xb0
[    1.187008] Code: b6 00 00 00 00 8b 57 14 8b 45 f0 e8 25 d9 ff ff 85 c0 89 c3 75 69 8b 45 f0 8b 48 2c 85 c9 74 6c 8b 45 f0 8d 70 08 8b 47 48 89 f2 <8b> 40 50 83 c0 28 e8 6f 34 bc ff 85 c0 89 c3 74 0d 8b 55 f0 8d
[    1.187008] EIP: [<c1590786>] bus_add_device+0xd6/0x160 SS:ESP 0068:d346bb30
[    1.187008] CR2: 0000000000000050
[    1.187008] ---[ end trace 7c40b21b66beeff8 ]---
[    1.187008] Kernel panic - not syncing: Fatal exception
This is yet another init order problem.  Fixed by the patch below.
Thanks!
Takashi
-- 8< --
From: Takashi Iwai tiwai@suse.de
Subject: [PATCH] ALSA: seq: Fix init order of snd_seq_device stuff
When the sequencer driver is built in kernel, it may panic at boot
because of the uninitialized snd_seq_bus_type.  Initialize it properly
via subsys_initcall() instead of module_init() to assure that the bus
is registered beforehand.
Reported-by: Fengguang Wu fengguang.wu@intel.com
Fixes: 7c37ae5c625a ('ALSA: seq: Rewrite sequencer device binding with standard bus')
Signed-off-by: Takashi Iwai tiwai@suse.de
---
 sound/core/seq/seq_device.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sound/core/seq/seq_device.c b/sound/core/seq/seq_device.c
index 355b34269bd1..d99f99d61983 100644
--- a/sound/core/seq/seq_device.c
+++ b/sound/core/seq/seq_device.c
@@ -311,5 +311,5 @@ static void __exit alsa_seq_device_exit(void)
    bus_unregister(&snd_seq_bus_type);
 }
-module_init(alsa_seq_device_init)
+subsys_initcall(alsa_seq_device_init)
 module_exit(alsa_seq_device_exit)
-- 
2.3.2


    

Takashi Iwai

tags (0)

participants (1)