New issue
Advanced search Search tips

Issue 810083 link

Starred by 1 user
Status: Fixed
Owner:
groeck@chromium.org
Closed: Feb 2018
Cc:
jeffy.c...@rock-chips.com
tfiga@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug



Sign in to add a comment

Crashes in chromeos-4.4 test builds

Project Member Reported by groeck@chromium.org, Feb 7 2018 
chromeos-4.4 crashes with no output when booting on systems such as beagle2. Bisect log is as follows.

# bad: [73d3ce408f07c27118d5cd6fc456b2fa90e74b1c] UPSTREAM: loop: fix concurrent lo_open/lo_release
# good: [a207b53fe93903e723b73ed71d92e26fde8ed1aa] Merge commit 'df5935f932b9fb9454074c0e5e1b0a5c21098ae1' into patch_branch
git bisect start '73d3ce408f07' 'a207b53fe939'
# bad: [434ec894c0fa2a1499e8a32a37c9a8ba30c3714e] BACKPORT: iommu: Rename iommu_get_instance()
git bisect bad 434ec894c0fa2a1499e8a32a37c9a8ba30c3714e
# bad: [5208dbfce911ee1d8a45171c763a2b6dd6eb0187] UPSTREAM: PM / runtime: Optimize the use of device links
git bisect bad 5208dbfce911ee1d8a45171c763a2b6dd6eb0187
# bad: [e3165bbdd7307e5a39fa754ddb26f9359718ba26] UPSTREAM: driver core: Add a wrapper around __device_release_driver()
git bisect bad e3165bbdd7307e5a39fa754ddb26f9359718ba26
# good: [47ccafbbbc66857ceaacebde42e17a125de559d8] UPSTREAM: ACPI / LPSS: allow to use specific PM domain during ->probe()
git bisect good 47ccafbbbc66857ceaacebde42e17a125de559d8
# bad: [8394be3dc8d1ca8290d118489aea20d9c37fee1c] BACKPORT: PM / sleep: Go direct_complete if driver has no callbacks
git bisect bad 8394be3dc8d1ca8290d118489aea20d9c37fee1c
# bad: [37f9ce5cf98dc7034777e887af4a57cdf4ec5859] BACKPORT: PM / Domains: add setter for dev.pm_domain
git bisect bad 37f9ce5cf98dc7034777e887af4a57cdf4ec5859
# first bad commit: [37f9ce5cf98dc7034777e887af4a57cdf4ec5859] BACKPORT: PM / Domains: add setter for dev.pm_domain

Analysis shows that commit 37f9ce5cf98dc introduces a bug which was later fixed upstream with commit 3ded91041a76 ("driver core: Avoid NULL pointer dereferences in device_is_bound()").
Project Member

Comment 1 by bugdroid1@chromium.org, Feb 8 2018

Labels: merge-merged-chromeos-4.4
The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/18f9d07a87c254f0829087fd8ac1d267dd15fa47

commit 18f9d07a87c254f0829087fd8ac1d267dd15fa47
Author: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Date: Thu Feb 08 09:24:23 2018

UPSTREAM: driver core: Avoid NULL pointer dereferences in device_is_bound()

If device_is_bound() is called on a device that's not been registered
yet, it will attepmt to dereference dev->p which is NULL, so avoid
that by checking dev->p in there against NULL.

Fixes: 6b9cb42752da "device core: add device_is_bound()"
Reported-and-tested-by: Guenter Roeck <linux@roeck-us.net>
Tested-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>

BUG= chromium:810083 
TEST=Build and boot

Change-Id: I9ecc560e8a1c31cf140c3caf4a06b3bcc8db818f
Signed-off-by: Guenter Roeck <groeck@chromium.org>
(cherry picked from commit 3ded91041a762423bd49bb932ae2e36b65c6ae4b)
Reviewed-on: https://chromium-review.googlesource.com/907389
Reviewed-by: Tomasz Figa <tfiga@chromium.org>
Reviewed-by: Jeffy Chen <jeffy.chen@rock-chips.com>

[modify] https://crrev.com/18f9d07a87c254f0829087fd8ac1d267dd15fa47/drivers/base/dd.c

Comment 2 by groeck@chromium.org, Feb 8 2018

Status: Fixed (was: Assigned)

Sign in to add a comment