Re: [PATCH] iommu/qcom: fix NULL pointer dereference during probe deferral
On Tue, Jan 07, 2020 at 09:00:14AM -0500, Brian Masney wrote: > On Tue, Jan 07, 2020 at 02:25:30PM +0100, Joerg Roedel wrote: > > On Tue, Dec 31, 2019 at 10:39:49PM -0500, Brian Masney wrote: > > > drivers/iommu/qcom_iommu.c | 12 ++-- > > > 1 file changed, 10 insertions(+), 2 deletions(-) > > > > Shortened commit-message a bit and applied for v5.5, thanks. > > You might want to hold off on applying this since it looks like Robin > Murphy has a better fix. > > https://lore.kernel.org/lkml/fc055443-8716-4a0e-b4d5-311517d71...@arm.com/ Alright, thanks for the heads-up. I dropped that patch from my fixes branch. Regards, Joerg ___ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu
Re: [PATCH] iommu/qcom: fix NULL pointer dereference during probe deferral
On Tue, Jan 07, 2020 at 02:25:30PM +0100, Joerg Roedel wrote: > On Tue, Dec 31, 2019 at 10:39:49PM -0500, Brian Masney wrote: > > drivers/iommu/qcom_iommu.c | 12 ++-- > > 1 file changed, 10 insertions(+), 2 deletions(-) > > Shortened commit-message a bit and applied for v5.5, thanks. You might want to hold off on applying this since it looks like Robin Murphy has a better fix. https://lore.kernel.org/lkml/fc055443-8716-4a0e-b4d5-311517d71...@arm.com/ Brian ___ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu
Re: [PATCH] iommu/qcom: fix NULL pointer dereference during probe deferral
On Tue, Dec 31, 2019 at 10:39:49PM -0500, Brian Masney wrote: > drivers/iommu/qcom_iommu.c | 12 ++-- > 1 file changed, 10 insertions(+), 2 deletions(-) Shortened commit-message a bit and applied for v5.5, thanks. ___ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu
[PATCH] iommu/qcom: fix NULL pointer dereference during probe deferral
When attempting to load the qcom-iommu driver, and an -EPROBE_DEFER error occurs, the following attempted NULL pointer deference occurs: Unable to handle kernel NULL pointer dereference at virtual address 0014 pgd = (ptrval) [0014] *pgd= Internal error: Oops: 5 [#1] PREEMPT SMP ARM Modules linked in: CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.5.0-rc2-next-20191220-8-g7e71398bac41-dirty #67 Hardware name: Generic DT based system PC is at qcom_iommu_domain_free (./include/linux/pm_runtime.h:226 linux/drivers/iommu/qcom_iommu.c:358) LR is at release_iommu_mapping (arch/arm/mm/dma-mapping.c:2141) pc : lr : psr: 6013 sp : ee89dc48 ip : fp : c13a6684 r10: c13a661c r9 : r8 : c13a1240 r7 : fdfb r6 : r5 : edc32c80 r4 : edc32c9c r3 : r2 : 0001 r1 : 0004 r0 : edc32c9c Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 10c5787d Table: 0020406a DAC: 0051 Process swapper/0 (pid: 1, stack limit = 0x(ptrval)) Stack: (0xee89dc48 to 0xee89e000) dc40: edc3cc10 edc31ba0 c0316af8 edc3cc10 edc31b80 dc60: c0319684 c14341ac edc3cc10 c083bd88 edc3cc10 c13a1240 dc80: c083c2e8 c13a6684 c13a661c c13a6508 c13a661c c083c134 c13a1240 ee89dcec dca0: edc3cc10 ee89dcec c083c2e8 c13a6684 c13a661c c13a6508 c13a661c dcc0: c13a6684 c083a31c c13a6684 ee82a86c edc32538 c1304e48 edc3cc10 0001 dce0: edc3cc54 c083bc08 ee82a880 edc3cc10 0001 c1304e48 edc3cc10 edc3cc10 dd00: c13a69e8 c083b010 edc3cc10 eea1fc10 c0837aac 0200 dd20: c1304e48 edc3cc00 eea1fc10 dd40: eeff42f4 0001 c09e96e0 eeff42a4 dd60: eea1fc10 c09e98bc 0001 eea1fc10 eea1fc10 dd80: edc32980 c1391580 eea1fc10 0001 eea1fc10 c0850f90 c2706d80 c14368c0 dda0: 6013 c1304e48 0106 eeff42a4 eeff3fa0 eea1fc10 ddc0: 0001 c1248900 0106 c09e9bd0 0001 c0c2ee64 eea1fc00 eea1fc10 dde0: eea1fc10 c13a5b70 c1248900 c081496c c1023d84 de00: eeff3fa0 c2706ddc c2706ddc c1304e48 0001 eea1fc10 c13a5b70 de20: c13a5b70 c1248900 0106 c083dfb8 c14341ac eea1fc10 de40: c083be58 eea1fc10 c13a5b70 c13a5b70 c13a69e8 c12003ec c123a854 de60: c1248900 c083c134 c1248900 c09e6f3c c0d8d514 eea1fc10 c13a5b70 de80: c13a69e8 c12003ec c123a854 c1248900 0106 c083c3e0 c13a5b70 dea0: eea1fc10 c083c440 c13a5b70 c083c3e8 c083a23c 0106 ee82a858 dec0: eea052b4 c1304e48 c13a5b70 edc32900 c083b270 c1043084 c121d1d8 dee0: e000 c13a5b70 c121d1d8 e000 c083cfcc c13ece60 c121d1d8 df00: e000 c0302f90 0106 c034407c c10e3a00 c1044dd0 c12003ec df20: 0006 0006 c0fbecac c0fada88 c0fada3c efffcbf8 df40: efffcc0d c1304e48 0006 c13f9500 c1304e48 c123a830 0007 df60: c13f9500 c13f9500 c123a834 c1200f64 0006 0006 c12003ec df80: c0c28194 c0c28194 dfa0: c0c2819c c03010e8 dfc0: dfe0: 0013 (qcom_iommu_domain_free) from release_iommu_mapping (arch/arm/mm/dma-mapping.c:2141) (release_iommu_mapping) from arch_teardown_dma_ops (./include/linux/dma-mapping.h:271 linux/arch/arm/mm/dma-mapping.c:2335) (arch_teardown_dma_ops) from really_probe (drivers/base/dd.c:607) (really_probe) from driver_probe_device (drivers/base/dd.c:721) (driver_probe_device) from bus_for_each_drv (drivers/base/bus.c:431) (bus_for_each_drv) from __device_attach (drivers/base/dd.c:896) (__device_attach) from bus_probe_device (drivers/base/bus.c:491) (bus_probe_device) from device_add (drivers/base/core.c:2488) (device_add) from of_platform_device_create_pdata (drivers/of/platform.c:189) (of_platform_device_create_pdata) from of_platform_bus_create (drivers/of/platform.c:393 linux/drivers/of/platform.c:346) (of_platform_bus_create) from of_platform_populate (drivers/of/platform.c:486) (of_platform_populate) from msm_pdev_probe (drivers/gpu/drm/msm/msm_drv.c:1197 linux/drivers/gpu/drm/msm/msm_drv.c:1281) (msm_pdev_probe) from platform_drv_probe (drivers/base/platform.c:726) (platform_drv_probe) from really_probe (drivers/base/dd.c:553) (really_probe) from driver_probe_device (drivers/base/dd.c:721) (driver_probe_device) from device_driver_attach (drivers/base/dd.c:995)
Re: [PATCH] iommu/qcom: fix NULL pointer dereference during probe deferral
On Tue, Dec 31, 2019 at 10:39:49PM -0500, Brian Masney wrote: [...] > (kernel_init) from ret_from_fork (arch/arm/kernel/entry-common.S:156) > Exception stack(0xee89dfb0 to 0xee89dff8) > dfa0: > > dfc0: > > dfe0: 0013 > Code: e92d4070 e1a04000 e3a01004 e240501c (e5930014) This looks like ARM code... > All code > >0: 70 40 jo 0x42 >2: 2d e9 00 40 a0 sub$0xa04000e9,%eax >7: e1 04 loope 0xd >9: 10 a0 e3 1c 50 40 adc%ah,0x40501ce3(%rax) >f: e2 14 loop 0x25 > 11:*00 .byte 0x0 <-- trapping > instruction > 12: 93 xchg %eax,%ebx > 13: e5 .byte 0xe5 ... disassembled as x86 code. I suspect that scripts/decodecode picked up the wrong architecture somehow. Perhaps CROSS_COMPILE wasn't set? > > Code starting with the faulting instruction > === >0: 14 00 adc$0x0,%al >2: 93 xchg %eax,%ebx >3: e5 .byte 0xe5 Greetings and a happy new year, Jonathan Neuschäfer signature.asc Description: PGP signature ___ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu
Re: [PATCH] iommu/qcom: fix NULL pointer dereference during probe deferral
On Tue, Dec 31, 2019 at 10:39:49PM -0500, Brian Masney wrote: > When attempting to load the qcom-iommu driver, and an -EPROBE_DEFER > error occurs, the following attempted NULL pointer deference occurs: > > Unable to handle kernel NULL pointer dereference at virtual address > 0014 > pgd = (ptrval) > [0014] *pgd= > Internal error: Oops: 5 [#1] PREEMPT SMP ARM > Modules linked in: > CPU: 0 PID: 1 Comm: swapper/0 Not tainted > 5.5.0-rc2-next-20191220-8-g7e71398bac41-dirty #67 > Hardware name: Generic DT based system > PC is at qcom_iommu_domain_free (./include/linux/pm_runtime.h:226 > linux/drivers/iommu/qcom_iommu.c:358) > LR is at release_iommu_mapping (arch/arm/mm/dma-mapping.c:2141) > pc : lr : psr: 6013 > sp : ee89dc48 ip : fp : c13a6684 > r10: c13a661c r9 : r8 : c13a1240 > r7 : fdfb r6 : r5 : edc32c80 r4 : edc32c9c > r3 : r2 : 0001 r1 : 0004 r0 : edc32c9c > Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none > Control: 10c5787d Table: 0020406a DAC: 0051 > Process swapper/0 (pid: 1, stack limit = 0x(ptrval)) > Stack: (0xee89dc48 to 0xee89e000) > dc40: edc3cc10 edc31ba0 c0316af8 edc3cc10 > edc31b80 > dc60: c0319684 c14341ac edc3cc10 c083bd88 edc3cc10 > c13a1240 > dc80: c083c2e8 c13a6684 c13a661c c13a6508 c13a661c c083c134 c13a1240 > ee89dcec > dca0: edc3cc10 ee89dcec c083c2e8 c13a6684 c13a661c c13a6508 > c13a661c > dcc0: c13a6684 c083a31c c13a6684 ee82a86c edc32538 c1304e48 edc3cc10 > 0001 > dce0: edc3cc54 c083bc08 ee82a880 edc3cc10 0001 c1304e48 edc3cc10 > edc3cc10 > dd00: c13a69e8 c083b010 edc3cc10 eea1fc10 c0837aac 0200 > > dd20: c1304e48 edc3cc00 eea1fc10 > > dd40: eeff42f4 0001 c09e96e0 eeff42a4 > > dd60: eea1fc10 c09e98bc 0001 eea1fc10 > eea1fc10 > dd80: edc32980 c1391580 eea1fc10 0001 eea1fc10 c0850f90 c2706d80 > c14368c0 > dda0: 6013 c1304e48 0106 eeff42a4 eeff3fa0 > eea1fc10 > ddc0: 0001 c1248900 0106 c09e9bd0 0001 c0c2ee64 eea1fc00 > eea1fc10 > dde0: eea1fc10 c13a5b70 c1248900 c081496c c1023d84 > > de00: eeff3fa0 c2706ddc c2706ddc c1304e48 0001 eea1fc10 > c13a5b70 > de20: c13a5b70 c1248900 0106 c083dfb8 c14341ac > eea1fc10 > de40: c083be58 eea1fc10 c13a5b70 c13a5b70 c13a69e8 c12003ec > c123a854 > de60: c1248900 c083c134 c1248900 c09e6f3c c0d8d514 eea1fc10 > c13a5b70 > de80: c13a69e8 c12003ec c123a854 c1248900 0106 c083c3e0 > c13a5b70 > dea0: eea1fc10 c083c440 c13a5b70 c083c3e8 c083a23c 0106 > ee82a858 > dec0: eea052b4 c1304e48 c13a5b70 edc32900 c083b270 c1043084 > c121d1d8 > dee0: e000 c13a5b70 c121d1d8 e000 c083cfcc c13ece60 > c121d1d8 > df00: e000 c0302f90 0106 c034407c c10e3a00 c1044dd0 > c12003ec > df20: 0006 0006 c0fbecac c0fada88 c0fada3c > efffcbf8 > df40: efffcc0d c1304e48 0006 c13f9500 c1304e48 c123a830 > 0007 > df60: c13f9500 c13f9500 c123a834 c1200f64 0006 0006 > c12003ec > df80: c0c28194 c0c28194 > > dfa0: c0c2819c c03010e8 > > dfc0: > > dfe0: 0013 > > (qcom_iommu_domain_free) from release_iommu_mapping > (arch/arm/mm/dma-mapping.c:2141) > (release_iommu_mapping) from arch_teardown_dma_ops > (./include/linux/dma-mapping.h:271 > linux/arch/arm/mm/dma-mapping.c:2335) > (arch_teardown_dma_ops) from really_probe (drivers/base/dd.c:607) > (really_probe) from driver_probe_device (drivers/base/dd.c:721) > (driver_probe_device) from bus_for_each_drv (drivers/base/bus.c:431) > (bus_for_each_drv) from __device_attach (drivers/base/dd.c:896) > (__device_attach) from bus_probe_device (drivers/base/bus.c:491) > (bus_probe_device) from device_add (drivers/base/core.c:2488) > (device_add) from of_platform_device_create_pdata > (drivers/of/platform.c:189) > (of_platform_device_create_pdata) from of_platform_bus_create > (drivers/of/platform.c:393 linux/drivers/of/platform.c:346) > (of_platform_bus_create) from of_platform_populate > (drivers/of/platform.c:486) > (of_platform_populate) from msm_pdev_probe > (drivers/gpu/drm/msm/msm_drv.c:1197 > linux/drivers/gpu/drm/msm/msm_drv.c:1281) > (msm_pdev_probe) from
