New issue
Advanced search Search tips

Issue 633464 link

Starred by 2 users
Status: Assigned
Owner:
semenzato@chromium.org
Cc:
chirantan@chromium.org
dbasehore@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

When running an amd64-generic kernel under depthcharge under UEFI on QEMU, there is a NULL pointer dereference.

Project Member Reported by gabeblack@chromium.org, Aug 2 2016 
It looks to me like the TPM driver tries to initialize itself, and then since there's no TPM in QEMU it fails and tries to clean up after itself. Something there isn't working properly, and a NULL pointer gets passed to a function which isn't expecting it.


[    1.641816] BUG: unable to handle kernel NULL pointer dereference at 0000000000000068                                                           
[    1.641816] IP: [<ffffffff82d8ec1c>] kernfs_find_ns+0x13/0xbd                                                                                   
[    1.641816] PGD 0                                                                                                                               
[    1.641816] Oops: 0000 [#1] PREEMPT SMP                                                                                                         
[    1.641816] Modules linked in:                                                                                                                  
[    1.641816] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.4.14-04510-g1662c98 #1                                                                  
[    1.641816] task: ffff8800074c0000 ti: ffff8800074bc000 task.ti: ffff8800074bc000                                                               
[    1.641816] RIP: 0010:[<ffffffff82d8ec1c>]  [<ffffffff82d8ec1c>] kernfs_find_ns+0x13/0xbd                                                       
[    1.641816] RSP: 0018:ffff8800074bfd28  EFLAGS: 00000246                                                                                        
[    1.641816] RAX: ffff8800074c0000 RBX: 0000000000000000 RCX: ffff8800074c0000                                                                   
[    1.641816] RDX: 0000000000000000 RSI: ffffffff834c8608 RDI: 0000000000000000                                                                   
[    1.641816] RBP: ffff8800074bfd48 R08: 0000000000000000 R09: ffffffff82d03284                                                                   
[    1.641816] R10: ffff8800074bfd28 R11: 0000000000000000 R12: ffffffff838c0890                                                                   
[    1.641816] R13: 0000000000000000 R14: ffffffff83815040 R15: 0000000000000000                                                                   
[    1.641816] FS:  0000000000000000(0000) GS:ffff880007a00000(0000) knlGS:0000000000000000                                                        
[    1.641816] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b                                                                                   
[    1.641816] CR2: 0000000000000068 CR3: 0000000003810000 CR4: 00000000000006f0                                                                   
[    1.641816] Stack:                                                                                                                              
[    1.641816]  0000000000000000 ffffffff838c0890 ffffffff838bfcc0 ffffffff83815040                                                                
[    1.641816]  ffff8800074bfd70 ffffffff82d8ecfb ffffffff834c8608 0000000000000000                                                                
[    1.641816]  ffff88000002cc20 ffff8800074bfd90 ffffffff82d92229 ffff88000002cc20                                                                
[    1.641816] Call Trace:                                                                                                                         
[    1.641816]  [<ffffffff82d8ecfb>] kernfs_find_and_get_ns+0x35/0x56                                                                              
[    1.641816]  [<ffffffff82d92229>] sysfs_unmerge_group+0x1d/0x51                                                                                 
[    1.641816]  [<ffffffff830a36bb>] dpm_sysfs_remove+0x22/0x55                                                                                    
[    1.641816]  [<ffffffff830990ab>] device_del+0x56/0x213                                                                                         
[    1.641816]  [<ffffffff8309deb1>] platform_device_del+0x1d/0x69                                                                                 
[    1.641816]  [<ffffffff8309df0f>] platform_device_unregister+0x12/0x1d                                                                          
[    1.641816]  [<ffffffff8398a300>] init_tis+0xcf/0xee                                                                                            
[    1.641816]  [<ffffffff8398a231>] ? tpm_init+0x7e/0x7e                                                                                          
[    1.641816]  [<ffffffff82c004a2>] do_one_initcall+0x185/0x19a                                                                                   
[    1.641816]  [<ffffffff8395608a>] kernel_init_freeable+0x192/0x233                                                                              
[    1.641816]  [<ffffffff83332820>] ? rest_init+0x87/0x87                                                                                         
[    1.641816]  [<ffffffff8333282e>] kernel_init+0xe/0xda                                                                                          
[    1.641816]  [<ffffffff833376ef>] ret_from_fork+0x3f/0x70                                                                                       
[    1.641816]  [<ffffffff83332820>] ? rest_init+0x87/0x87                                                                                         
[    1.641816] Code: ff 48 89 df 48 89 45 e8 e8 ba 69 5a 00 48 8b 45 e8 5a 59 5b 41 5c 5d c3 66 66 66 66 90 55 48 89 e5 41 56 41 55 41 54 53 49 89 d5 <66> 8b 47 68 31 d2 49 89 f4 48 8b 5f 48 66 c1 e8 05 83 e0 01 4d                                                                                
[    1.641816] RIP  [<ffffffff82d8ec1c>] kernfs_find_ns+0x13/0xbd                                                                                  
[    1.641816]  RSP <ffff8800074bfd28>                                                                                                             
[    1.641816] CR2: 0000000000000068                                                                                                               
[    1.641816] ---[ end trace 1c992e148d431255 ]---                                                                                                
[    1.641816] Kernel panic - not syncing: Fatal exception                                                                                         
[    1.641816] Kernel Offset: 0x1c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)

Comment 1 by zalcorn@chromium.org, Apr 6 2018

Components: OS>Kernel

Comment 2 by benhenry@chromium.org, Aug 3

Status: Assigned (was: Untriaged)
This bug has an owner, thus, it's been triaged. Changing status to "assigned".

Sign in to add a comment