783561 – pti_exit() BUG: unable to handle kernel NULL pointer dereference at (null)

Bug 783561 - pti_exit() BUG: unable to handle kernel NULL pointer dereference at (null)

Summary: pti_exit() BUG: unable to handle kernel NULL pointer dereference at (null)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kernel
Sub Component:
Version:	16
Hardware:	i686
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Stanislaw Gruszka
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:232c56d933552697d8346e22a2d...
Duplicates (1):	783555 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-01-20 20:24 UTC by Josef Lusticky
Modified:	2012-04-26 03:29 UTC (History)
CC List:	6 users (show)
Fixed In Version:	kernel-2.6.43.2-6.fc15
Clone Of:
Environment:
Last Closed:	2012-04-08 03:27:40 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
disable_intel_mid_pti.patch (515 bytes, text/plain) 2012-04-04 09:45 UTC, Stanislaw Gruszka	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	783555	0	unspecified	CLOSED	[abrt] kernel: BUG: unable to handle kernel NULL pointer dereference at (null)	2021-02-22 00:41:40 UTC

Internal Links: 783555

Description Josef Lusticky 2012-01-20 20:24:09 UTC

libreport version: 2.0.8
abrt_version:   2.0.7
cmdline:        BOOT_IMAGE=/vmlinuz-3.1.9-1.fc16.i686 root=UUID=aaafe202-90ee-43cd-9fc9-e9dbe3d01cfe ro rd.md=0 rd.lvm=0 rd.dm=0 KEYTABLE=cz-us-qwertz quiet SYSFONT=latarcyrheb-sun16 rhgb rd.luks=0 LANG=en_US.UTF-8
kernel:         3.1.9-1.fc16.i686
reason:         BUG: unable to handle kernel NULL pointer dereference at   (null)
time:           Fri 20 Jan 2012 09:21:34 PM CET

backtrace:
:BUG: unable to handle kernel NULL pointer dereference at   (null)
:IP: [<c064a900>] __list_del_entry+0x20/0xe0
:*pde = 00000000 
:Oops: 0000 [#1] SMP 
:Modules linked in: pti(-) cs5535_mfgpt nsc_gpio fb_sys_fops sysimgblt sysfillrect syscopyarea vga16fb vgastate zlib rmd128 salsa20_i586 tgr192 anubis michael_mic zlib_deflate twofish_i586 twofish_common lockd 8021q fcoe libfcoe libfc scsi_transport_fc scsi_tgt garp stp llc ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ip6table_filter ip6_tables snd_intel8x0 snd_ac97_codec ac97_bus snd_seq snd_seq_device joydev parport_pc snd_pcm i2c_piix4 i2c_core parport microcode snd_timer snd soundcore snd_page_alloc vboxguest e1000 sunrpc [last unloaded: apds9802als]
:Pid: 3046, comm: modprobe Not tainted 3.1.9-1.fc16.i686 #1 innotek GmbH VirtualBox
:EIP: 0060:[<c064a900>] EFLAGS: 00010287 CPU: 0
:EIP is at __list_del_entry+0x20/0xe0
:EAX: fa6d108c EBX: fa6d108c ECX: 00000000 EDX: 00000000
:ESI: fa6d1080 EDI: fa6d108c EBP: f34dbf08 ESP: f34dbef0
: DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
:Process modprobe (pid: 3046, ti=f34da000 task=f6baf110 task.ti=f34da000)
:Stack:
: fffffff0 f34dbf10 c06ff158 fffffff0 f34dbf08 fa6d108c f34dbf14 c064a9cb
: ffffff40 f34dbf28 c06e67d8 00000000 00000000 fffffff0 f34dbf44 fa6d0aae
: f34dbf44 c0482422 fa6d1160 00000000 fa6d1160 f34dbfac c0483ce5 f34dbf7c
:Call Trace:
: [<c06ff158>] ? driver_unregister+0x48/0x80
: [<c064a9cb>] list_del+0xb/0x20
: [<c06e67d8>] misc_deregister+0x38/0x90
: [<fa6d0aae>] pti_exit+0x82/0xd4 [pti]
: [<c0482422>] ? module_refcount+0x72/0x90
: [<c0483ce5>] sys_delete_module+0x135/0x230
: [<c049f721>] ? audit_syscall_entry+0x1e1/0x2c0
: [<c049fa46>] ? audit_syscall_exit+0x176/0x1a0
: [<c040d612>] ? syscall_trace_enter+0x172/0x1d0
: [<c040d6df>] ? syscall_trace_leave+0x6f/0xd0
: [<c090da44>] syscall_call+0x7/0xb
:Code: 90 90 90 90 90 90 90 90 90 90 90 55 89 e5 53 83 ec 14 8b 08 8b 50 04 81 f9 00 01 10 00 74 24 81 fa 00 02 20 00 0f 84 8e 00 00 00 <8b> 1a 39 d8 75 62 8b 59 04 39 d8 75 35 89 51 04 89 0a 83 c4 14 
:EIP: [<c064a900>] __list_del_entry+0x20/0xe0 SS:ESP 0068:f34dbef0
:CR2: 0000000000000000

smolt_data:
:
:
:General
:=================================
:UUID: fff6268b-656b-42d9-b947-feaab219734a
:OS: Fedora release 16 (Verne)
:Default run level: Unknown
:Language: en_US.UTF-8
:Platform: i686
:BogoMIPS: 5329.64
:CPU Vendor: GenuineIntel
:CPU Model: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
:CPU Stepping: 7
:CPU Family: 6
:CPU Model Num: 42
:Number of CPUs: 1
:CPU Speed: 2664
:System Memory: 2013
:System Swap: 4031
:Vendor: innotek GmbH
:System: VirtualBox 1.2
:Form factor: Unknown
:Kernel: 3.1.9-1.fc16.i686
:SELinux Enabled: 0
:SELinux Policy: targeted
:SELinux Enforce: Unknown
:MythTV Remote: Unknown
:MythTV Role: Unknown
:MythTV Theme: Unknown
:MythTV Plugin: 
:MythTV Tuner: -1
:
:
:Devices
:=================================
:(4203:63:0:0) pci, ohci_hcd, USB, KeyLargo/Intrepid USB
:(32902:10281:0:0) pci, ahci, STORAGE, 82801HBM/HEM (ICH8M/ICH8M-E) SATA AHCI Controller
:(33006:48879:0:0) pci, None, VIDEO, VirtualBox Graphics Adapter
:(32902:28947:0:0) pci, None, BRIDGE, 82371AB/EB/MB PIIX4 ACPI
:(32902:4110:32902:30) pci, e1000, ETHERNET, PRO/1000 MT Desktop Adapter
:(33006:51966:0:0) pci, None, BASE, VirtualBox Guest Service
:(32902:4663:0:0) pci, None, HOST/PCI, 440FX - 82441FX PMC [Natoma]
:(32902:9237:32902:0) pci, snd_intel8x0, MULTIMEDIA_AUDIO, 82801AA AC'97 Audio Controller
:(32902:28945:0:0) pci, ata_piix, STORAGE, 82371AB/EB/MB PIIX4 IDE
:(32902:28672:0:0) pci, None, PCI/ISA, 82371SB PIIX3 ISA [Natoma/Triton II]
:
:
:Filesystem Information
:=================================
:device mtpt type bsize frsize blocks bfree bavail file ffree favail
:-------------------------------------------------------------------
:/dev/sda4 / ext4 4096 4096 9178262 6081565 5988349 2334720 2047472 2047472
:/dev/sda2 /boot ext4 1024 1024 495844 388727 363127 128016 127780 127780
:/dev/sr0 WITHHELD iso9660 2048 2048 22203 0 0 0 0 0
:

Comment 1 Josh Boyer 2012-01-23 15:43:19 UTC

Were you removing the pti module when this hit and can you recreate this outside of VirtualBox?

Comment 2 Josh Boyer 2012-01-23 15:44:12 UTC

*** Bug 783555 has been marked as a duplicate of this bug. ***

Comment 3 Josef Lusticky 2012-01-31 13:59:26 UTC

Yes this has occured while removing pti. I'll try to make the crash happen outside of Virtualbox.

Comment 4 Josef Lusticky 2012-02-03 15:36:08 UTC

Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.634106] BUG: unable to handle kernel NULL pointer dereference at   (null)
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.635002] IP: [<c066a110>] __list_del_entry+0x20/0xe0
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] *pdpt = 000000003276d001 *pde = 0000000000000000 
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Oops: 0000 [#1] SMP 
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Modules linked in: pti(-) e1000 ppdev i2c_piix4 parport_pc parport snd_intel8x0 snd_ac97_codec ac97_bus snd_seq snd_seq_device snd_pcm snd_timer snd soundcore snd_page_alloc ip6table_filter ip6_tables xt_state nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack_ipv6 nf_conntrack nf_defrag_ipv6 ip6t_REJECT fcoe libfcoe libfc scsi_transport_fc scsi_tgt 8021q garp stp llc twofish_i586 twofish_common michael_mic anubis tgr192 salsa20_i586 rmd128 zlib zlib_deflate vga16fb vgastate nsc_gpio cs5535_mfgpt lockd iTCO_wdt iTCO_vendor_support bnx2 i5000_edac edac_core i5k_amb ses dcdbas enclosure joydev serio_raw microcode sunrpc megaraid_sas usb_storage radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core [last unloaded: blowfish_common]
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] 
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Pid: 16338, comm: modprobe Not tainted 3.2.2-1.fc16.i686.PAE #1 Dell Inc. PowerEdge 2900/0J7551
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] EIP: 0060:[<c066a110>] EFLAGS: 00010287 CPU: 4
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] EIP is at __list_del_entry+0x20/0xe0
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] EAX: f862b0ac EBX: f862b0ac ECX: 00000000 EDX: 00000000
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] ESI: f862b0a0 EDI: f862b0ac EBP: f12b7f08 ESP: f12b7ef0
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Process modprobe (pid: 16338, ti=f12b6000 task=f1176480 task.ti=f12b6000)
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Stack:
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  fffffff0 f12b7f10 c07286c8 00000000 f862b020 f862b0ac f12b7f14 c066a1db
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  ffffff40 f12b7f28 c0712668 00000000 00000000 fffffff0 f12b7f44 f8629ab0
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  f12b7f44 c0494082 f862b180 00000000 f862b180 f12b7fac c0495c25 f26cd000
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Call Trace:
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c07286c8>] ? driver_unregister+0x48/0x80
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c066a1db>] list_del+0xb/0x20
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c0712668>] misc_deregister+0x38/0x90
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<f8629ab0>] pti_exit+0x82/0x5d2 [pti]
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c0494082>] ? module_refcount+0x72/0x90
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c0495c25>] sys_delete_module+0x135/0x230
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c0517b24>] ? remove_vma+0x44/0x60
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c0549b9a>] ? path_put+0x1a/0x20
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c04b2fe1>] ? audit_syscall_entry+0x1e1/0x2c0
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081]  [<c094351f>] sysenter_do_call+0x12/0x28
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] Code: 90 90 90 90 90 90 90 90 90 90 90 55 89 e5 53 83 ec 14 8b 08 8b 50 04 81 f9 00 01 10 00 74 24 81 fa 00 02 20 00 0f 84 8e 00 00 00 <8b> 1a 39 d8 75 62 8b 59 04 39 d8 75 35 89 51 04 89 0a 83 c4 14 
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] EIP: [<c066a110>] __list_del_entry+0x20/0xe0 SS:ESP 0068:f12b7ef0
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.656081] CR2: 0000000000000000
Feb  3 10:33:15 dell-pe2900-02 kernel: [56054.693570] ---[ end trace 4f1adfc37131d327 ]---

Caused by modprobe -r pti
on dell-pe2900-02.rhts.eng.bos.redhat.com in our labs.

Comment 5 Josef Lusticky 2012-02-03 15:37:31 UTC

[root@dell-pe2900-02 ~]# uname -a
Linux dell-pe2900-02.rhts.eng.bos.redhat.com 3.2.2-1.fc16.i686.PAE #1 SMP Thu Jan 26 03:30:43 UTC 2012 i686 i686 i386 GNU/Linux

Comment 6 Josef Lusticky 2012-02-03 16:28:09 UTC

This is for kernel 3.2.2-1.fc16.i686 #1 SMP , the same machine.


BUG: unable to handle kernel NULL pointer dereference at   (null)
IP: [<c0657aa0>] __list_del_entry+0x20/0xe0
*pde = 00000000 
Oops: 0000 [#1] SMP 
Modules linked in: pti(-) lockd joydev ses enclosure microcode dcdbas i5000_edac edac_core serio_raw iTCO_wdt iTCO_vendor_support bnx2 i5k_amb sunrpc megaraid_sas usb_storage radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core [last unloaded: scsi_wait_scan]

Pid: 1152, comm: modprobe Not tainted 3.2.2-1.fc16.i686 #1 Dell Inc. PowerEdge 2900/0J7551
EIP: 0060:[<c0657aa0>] EFLAGS: 00010287 CPU: 6
EIP is at __list_del_entry+0x20/0xe0
EAX: f7d370ac EBX: f7d370ac ECX: 00000000 EDX: 00000000
ESI: f7d370a0 EDI: f7d370ac EBP: f2f05f08 ESP: f2f05ef0
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process modprobe (pid: 1152, ti=f2f04000 task=f663d7f0 task.ti=f2f04000)
Stack:
 fffffff0 f2f05f10 c0709758 00000000 f7d37020 f7d370ac f2f05f14 c0657b6b
 ffffff40 f2f05f28 c06f38f8 00000000 00000000 fffffff0 f2f05f44 f7d35aae
 f2f05f44 c04841d2 f7d37180 00000000 f7d37180 f2f05fac c0485d75 f2f05f7c
Call Trace:
 [<c0709758>] ? driver_unregister+0x48/0x80
 [<c0657b6b>] list_del+0xb/0x20
 [<c06f38f8>] misc_deregister+0x38/0x90
 [<f7d35aae>] pti_exit+0x82/0x5d4 [pti]
 [<c04841d2>] ? module_refcount+0x72/0x90
 [<c0485d75>] sys_delete_module+0x135/0x230
 [<c04a30b1>] ? audit_syscall_entry+0x1e1/0x2c0
 [<c04a33d6>] ? audit_syscall_exit+0x176/0x1a0
 [<c040d992>] ? syscall_trace_enter+0x172/0x1d0
 [<c040da5f>] ? syscall_trace_leave+0x6f/0xd0
 [<c0921264>] syscall_call+0x7/0xb
Code: 90 90 90 90 90 90 90 90 90 90 90 55 89 e5 53 83 ec 14 8b 08 8b 50 04 81 f9 00 01 10 00 74 24 81 fa 00 02 20 00 0f 84 8e 00 00 00 <8b> 1a 39 d8 75 62 8b 59 04 39 d8 75 35 89 51 04 89 0a 83 c4 14 
EIP: [<c0657aa0>] __list_del_entry+0x20/0xe0 SS:ESP 0068:f2f05ef0
CR2: 0000000000000000
---[ end trace badcfddacf9b0d1d ]---

Comment 7 Stanislaw Gruszka 2012-02-26 13:07:40 UTC

We do misc_register at pci_probe and misc_unregister at module exit (should be pci_remove), so we unregister device that was never registered (since you do not have actual PTI device).

I will post patch ustream or report a bug there.

But for fedora, I do not even know why we have this enabled, I think that driver is useless (below is Kconfig description): 

        tristate "Parallel Trace Interface for MIPI P1149.7 cJTAG standard"
        depends on PCI
        default n
        help
          The PTI (Parallel Trace Interface) driver directs
          trace data routed from various parts in the system out
          through an Intel Penwell PTI port and out of the mobile
          device for analysis with a debugging tool (Lauterbach or Fido).

          You should select this driver if the target kernel is meant for
          an Intel Atom (non-netbook) mobile device containing a MIPI
          P1149.7 standard implementation.

Comment 8 Josh Boyer 2012-03-01 18:42:17 UTC

(In reply to comment #7)
> We do misc_register at pci_probe and misc_unregister at module exit (should be
> pci_remove), so we unregister device that was never registered (since you do
> not have actual PTI device).
> 
> I will post patch ustream or report a bug there.

Could you stick a link to it in here when you do?

> But for fedora, I do not even know why we have this enabled, I think that
> driver is useless (below is Kconfig description): 

We can disable it if you want.  We've had a rather lax policy on what is enabled during rebases, etc.

Comment 9 Dave Jones 2012-03-22 17:13:32 UTC

[mass update]
kernel-3.3.0-4.fc16 has been pushed to the Fedora 16 stable repository.
Please retest with this update.

Comment 10 Dave Jones 2012-03-22 17:15:41 UTC

[mass update]
kernel-3.3.0-4.fc16 has been pushed to the Fedora 16 stable repository.
Please retest with this update.

Comment 11 Dave Jones 2012-03-22 17:24:46 UTC

[mass update]
kernel-3.3.0-4.fc16 has been pushed to the Fedora 16 stable repository.
Please retest with this update.

Comment 12 Stanislaw Gruszka 2012-03-22 19:07:07 UTC

This is not fixed for sure.

Comment 13 Stanislaw Gruszka 2012-03-27 09:29:29 UTC

Reported upstream:
https://lkml.org/lkml/2012/3/26/197

Comment 14 Dave Jones 2012-03-28 17:55:53 UTC

let's just disable this. it's unlikely anyone is going to run fedora on machines that actually have this feature.

Comment 15 Stanislaw Gruszka 2012-04-04 09:45:46 UTC

Created attachment 575077 [details]
disable_intel_mid_pti.patch

Fedora patch for disable the driver.

Comment 16 Josh Boyer 2012-04-04 12:26:51 UTC

(In reply to comment #15)
> Created attachment 575077 [details]
> disable_intel_mid_pti.patch
> 
> Fedora patch for disable the driver.

Ugh.  Sorry Stanislaw, you shouldn't have had to create a patch for this.

It's disabled in all branches now.

Comment 17 Fedora Update System 2012-04-05 12:50:59 UTC

kernel-3.3.1-3.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/kernel-3.3.1-3.fc17

Comment 18 Fedora Update System 2012-04-05 12:53:50 UTC

kernel-3.3.1-3.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/kernel-3.3.1-3.fc16

Comment 19 Fedora Update System 2012-04-05 18:25:07 UTC

Package kernel-3.3.1-3.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing kernel-3.3.1-3.fc17'
as soon as you are able to, then reboot.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-5346/kernel-3.3.1-3.fc17
then log in and leave karma (feedback).

Comment 20 Fedora Update System 2012-04-08 03:27:40 UTC

kernel-3.3.1-3.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 21 Fedora Update System 2012-04-11 00:27:37 UTC

kernel-3.3.1-5.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/kernel-3.3.1-5.fc16

Comment 22 Fedora Update System 2012-04-11 00:29:03 UTC

kernel-3.3.1-5.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/kernel-3.3.1-5.fc17

Comment 23 Fedora Update System 2012-04-11 00:29:53 UTC

kernel-2.6.43.1-5.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/kernel-2.6.43.1-5.fc15

Comment 24 Fedora Update System 2012-04-13 21:33:20 UTC

kernel-3.3.1-5.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 25 Fedora Update System 2012-04-14 00:40:52 UTC

kernel-2.6.43.2-2.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/kernel-2.6.43.2-2.fc15

Comment 26 Fedora Update System 2012-04-14 04:33:47 UTC

kernel-3.3.1-5.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 27 Fedora Update System 2012-04-21 16:47:52 UTC

kernel-2.6.43.2-6.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/kernel-2.6.43.2-6.fc15

Comment 28 Fedora Update System 2012-04-26 03:29:06 UTC

kernel-2.6.43.2-6.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.