Re: [ALSA/seq] BUG: unable to handle kernel NULL pointer dereference at 00000050
From: Takashi Iwai
Date: Wed Mar 11 2015 - 07:55:27 EST
At Wed, 11 Mar 2015 18:37:48 +0800,
Fengguang Wu wrote:
> Greetings,
>
> 0day kernel testing robot got the below dmesg and the first bad commit is
>
> git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
>
> commit 7c37ae5c625aaa4836466cfaea829a3199dfc571
> Author: Takashi Iwai <tiwai@xxxxxxx>
> AuthorDate: Thu Feb 12 10:51:59 2015 +0100
> Commit: Takashi Iwai <tiwai@xxxxxxx>
> CommitDate: Thu Feb 12 11:35:11 2015 +0100
>
> ALSA: seq: Rewrite sequencer device binding with standard bus
>
> We've used the old house-made code for binding the sequencer device
> and driver. This can be far better implemented with the standard
> bus nowadays.
>
> This patch refactors the whole sequencer binding code with the bus
> /sys/bus/snd_seq. The devices appear as id-card-device on this bus
> and are bound with the drivers corresponding to the given id like the
> former implementation. The module autoload is also kept like before.
>
> There is no change in API functions by this patch, and almost all
> transitions are kept inside seq_device.c. The proc file output will
> change slightly but kept compatible as much as possible.
>
> Further integration works will follow in later patches.
>
> Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
>
> +------------------------------------------+------------+------------+-----------------+
> | | 72496edcf8 | 7c37ae5c62 | v4.0-rc3_031010 |
> +------------------------------------------+------------+------------+-----------------+
> | boot_successes | 79 | 0 | 0 |
> | boot_failures | 1 | 20 | 14 |
> | BUG:kernel_boot_crashed | 1 | | |
> | BUG:unable_to_handle_kernel | 0 | 20 | 14 |
> | Oops | 0 | 20 | 14 |
> | EIP_is_at_bus_add_device | 0 | 20 | 14 |
> | Kernel_panic-not_syncing:Fatal_exception | 0 | 20 | 14 |
> | backtrace:usb_composite_probe | 0 | 20 | 14 |
> | backtrace:midi_driver_init | 0 | 20 | 14 |
> | backtrace:kernel_init_freeable | 0 | 20 | 14 |
> +------------------------------------------+------------+------------+-----------------+
>
> [ 1.178531] udc dummy_udc.0: registering UDC driver [MIDI Gadget]
> [ 1.179260] MIDI Gadget gadget: adding config #1 'MIDI Gadget'/c1f006c0
> [ 1.184102] MIDI Gadget gadget: adding 'gmidi function'/d1fab310 to config 'MIDI Gadget'/c1f006c0
> [ 1.186606] BUG: unable to handle kernel NULL pointer dereference at 00000050
> [ 1.187008] IP: [<c1590786>] bus_add_device+0xd6/0x160
> [ 1.187008] *pde = 00000000
> [ 1.187008] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> [ 1.187008] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 3.19.0-03415-g7c37ae5 #24
> [ 1.187008] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> [ 1.187008] task: d3480000 ti: d346a000 task.ti: d346a000
> [ 1.187008] EIP: 0060:[<c1590786>] EFLAGS: 00010246 CPU: 0
> [ 1.187008] EIP is at bus_add_device+0xd6/0x160
> [ 1.187008] EAX: 00000000 EBX: 00000000 ECX: d1fb7cc0 EDX: d1fa90bc
> [ 1.187008] ESI: d1fa90bc EDI: c1f4f800 EBP: d346bb44 ESP: d346bb30
> [ 1.187008] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
> [ 1.187008] CR0: 80050033 CR2: 00000050 CR3: 02023000 CR4: 000406d0
> [ 1.187008] Stack:
> [ 1.187008] c1291226 d1fa90b4 d1fa90bc d1f78c7c 00000000 d346bb84 c158e80a d1fa90bc
> [ 1.187008] d1f78c84 00000000 00000002 00000000 00000000 d1fa90b4 d1fa9048 2e056fb7
> [ 1.187008] 00000002 ffffffff d1fb6dd0 00000000 d238b024 d346bb8c c18c26f0 d346bb98
> [ 1.187008] Call Trace:
> [ 1.187008] [<c1291226>] ? acpi_platform_notify+0x19/0x78
> [ 1.187008] [<c158e80a>] device_add+0x33a/0x530
> [ 1.187008] [<c18c26f0>] snd_seq_device_dev_register+0x10/0x20
> [ 1.187008] [<c18a13b6>] snd_device_register+0x46/0x80
> [ 1.187008] [<c18b181d>] snd_rawmidi_dev_register+0x1cd/0x2d0
> [ 1.187008] [<c189e70a>] ? snd_ctl_dev_register+0x2a/0x30
> [ 1.187008] [<c18a1432>] snd_device_register_all+0x42/0x70
> [ 1.187008] [<c189e10d>] snd_card_register+0x3d/0x150
> [ 1.187008] [<c16c284a>] f_midi_bind+0x16a/0x6c0
> [ 1.187008] [<c104de70>] ? irq_exit+0x30/0x60
> [ 1.187008] [<c10881ef>] ? console_unlock+0x38f/0x520
> [ 1.187008] [<c108860a>] ? vprintk_emit+0x28a/0x5f0
> [ 1.187008] [<c158f8df>] ? dev_vprintk_emit+0x14f/0x280
> [ 1.187008] [<c1109c9b>] ? alloc_debug_processing+0xcb/0x150
> [ 1.187008] [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
> [ 1.187008] [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
> [ 1.187008] [<c16c2e32>] ? f_midi_alloc+0x92/0x1a0
> [ 1.187008] [<c1faabc0>] ? midi_bind+0xd2/0xd2
> [ 1.187008] [<c158fa2a>] ? dev_printk_emit+0x1a/0x20
> [ 1.187008] [<c158fa76>] ? __dev_printk+0x46/0x90
> [ 1.187008] [<c158fae6>] ? dev_printk+0x26/0x30
> [ 1.187008] [<c16971b9>] usb_add_function+0x79/0x140
> [ 1.187008] [<c1faabc0>] ? midi_bind+0xd2/0xd2
> [ 1.187008] [<c1faabe5>] midi_bind_config+0x25/0x3c
> [ 1.187008] [<c169753c>] usb_add_config+0x9c/0x240
> [ 1.187008] [<c1a1ee48>] ? mutex_unlock+0x8/0x10
> [ 1.187008] [<c1faab86>] midi_bind+0x98/0xd2
> [ 1.187008] [<c1697d28>] composite_bind+0x88/0x1a0
> [ 1.187008] [<c169a92f>] udc_bind_to_driver+0x4f/0xf0
> [ 1.187008] [<c169b15d>] usb_gadget_probe_driver+0x6d/0xb0
> [ 1.187008] [<c1f7cb5e>] ? do_one_initcall+0x77/0x151
> [ 1.187008] [<c1697eb8>] usb_composite_probe+0x78/0xa0
> [ 1.187008] [<c1faaadf>] ? midimod_init+0xf/0xf
> [ 1.187008] [<c1faaaec>] midi_driver_init+0xd/0xf
> [ 1.187008] [<c1f7cbb4>] do_one_initcall+0xcd/0x151
> [ 1.187008] [<c1f7c424>] ? do_early_param+0x73/0x73
> [ 1.187008] [<c1060c00>] ? parse_args+0x1f0/0x430
> [ 1.187008] [<c1f7cd1b>] kernel_init_freeable+0xe3/0x15b
> [ 1.187008] [<c1a1411b>] kernel_init+0xb/0xe0
> [ 1.187008] [<c1a22201>] ret_from_kernel_thread+0x21/0x30
> [ 1.187008] [<c1a14110>] ? rest_init+0xb0/0xb0
> [ 1.187008] Code: b6 00 00 00 00 8b 57 14 8b 45 f0 e8 25 d9 ff ff 85 c0 89 c3 75 69 8b 45 f0 8b 48 2c 85 c9 74 6c 8b 45 f0 8d 70 08 8b 47 48 89 f2 <8b> 40 50 83 c0 28 e8 6f 34 bc ff 85 c0 89 c3 74 0d 8b 55 f0 8d
> [ 1.187008] EIP: [<c1590786>] bus_add_device+0xd6/0x160 SS:ESP 0068:d346bb30
> [ 1.187008] CR2: 0000000000000050
> [ 1.187008] ---[ end trace 7c40b21b66beeff8 ]---
> [ 1.187008] Kernel panic - not syncing: Fatal exception
This is yet another init order problem. Fixed by the patch below.
Thanks!
Takashi
-- 8< --
From: Takashi Iwai <tiwai@xxxxxxx>
Subject: [PATCH] ALSA: seq: Fix init order of snd_seq_device stuff
When the sequencer driver is built in kernel, it may panic at boot
because of the uninitialized snd_seq_bus_type. Initialize it properly
via subsys_initcall() instead of module_init() to assure that the bus
is registered beforehand.
Reported-by: Fengguang Wu <fengguang.wu@xxxxxxxxx>
Fixes: 7c37ae5c625a ('ALSA: seq: Rewrite sequencer device binding with standard bus')
Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
---
sound/core/seq/seq_device.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/core/seq/seq_device.c b/sound/core/seq/seq_device.c
index 355b34269bd1..d99f99d61983 100644
--- a/sound/core/seq/seq_device.c
+++ b/sound/core/seq/seq_device.c
@@ -311,5 +311,5 @@ static void __exit alsa_seq_device_exit(void)
bus_unregister(&snd_seq_bus_type);
}
-module_init(alsa_seq_device_init)
+subsys_initcall(alsa_seq_device_init)
module_exit(alsa_seq_device_exit)
--
2.3.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/