Regression in Linux next-20171113 with fbdev timer conversion

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tony Lindgren <tony@atomide.com>
To: Kees Cook <keescook@chromium.org>,
	Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Cc: Tomi Valkeinen <tomi.valkeinen@ti.com>,
	Daniel Vetter <daniel.vetter@ffwll.ch>,
	Stephen Rothwell <sfr@canb.auug.org.au>,
	linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org
Subject: Regression in Linux next-20171113 with fbdev timer conversion
Date: Mon, 13 Nov 2017 09:07:14 -0800	[thread overview]
Message-ID: <20171113170714.GV28152@atomide.com> (raw)

Hi,

Looks like next-20171113 now has a NULL pointe dereference with commit
6c78935777d1 ("video: fbdev: Convert timers to use timer_setup()").

See the error below, any ideas?

Regards,

Tony

8< ------------------
Unable to handle kernel NULL pointer dereference at virtual address 00000214
pgd = edfe4000
[00000214] *pgd=00000000
Internal error: Oops: 5 [#1] SMP ARM
...
CPU: 1 PID: 920 Comm: openrc-run.sh Not tainted 4.14.0-next-20171113+ #1911
Hardware name: Generic OMAP4 (Flattened Device Tree)
task: ed922000 task.stack: edc20000
PC is at _test_and_set_bit+0x20/0x48
LR is at queue_work_on+0x28/0x74
pc : [<c086f270>]    lr : [<c0155b78>]    psr: 60000193
sp : edc21e38  ip : 00000000  fp : c0d09168
r10: edb686bc  r9 : 00000001  r8 : c0544e4c
r7 : ee80f000  r6 : 00000002  r5 : 00000214  r4 : 20000113
r3 : 00000001  r2 : 00000001  r1 : 00000214  r0 : 00000000
Flags: nZCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 10c5387d  Table: adfe404a  DAC: 00000051
Process openrc-run.sh (pid: 920, stack limit = 0xedc20218)
Stack: (0xedc21e38 to 0xedc22000)
1e20:                                                       edb686bc edb686bc
1e40: c0dc8588 00000100 c0544e4c c0544e6c c0dc7239 c01cc78c 00000001 00000000
1e60: c01cc6d0 00000000 00000000 00000000 00000001 c1505b74 c124c5f8 00000000
1e80: c0adfb54 00000000 c0544e4c edb686bc c0544e4c ef6b3700 edc20000 edc21ed8
1ea0: c0dc8588 c0d09168 edb686bc c01ccbbc ffff8fee 00000001 edc21ed8 c0d05d00
1ec0: ef6b3700 c0d0957c 00000100 c0dc8128 00000282 c01ccd94 00000000 c0d4675c
1ee0: 60000113 c0dc7132 c0d09168 c019f718 ffffe000 ffffffff c0d03084 edc20000
1f00: 00000001 c0dc7132 c0d09168 c0101714 c0d8821c c0dc720a 00000002 0000000a
1f20: ffff8fee 00400000 00000001 00000002 00000000 ffffe000 00000000 c0d0957c
1f40: 00000000 00000001 ee80d400 fa240100 c0d09854 c013fa6c c0c79160 c01adf54
1f60: fa24010c 000003eb 000003ff 00000000 edc21fb0 c0d88738 fa240100 c0101574
1f80: 00000006 fa241100 edc20000 b6f2e9bc 20000010 ffffffff 10c5387d 10c5387d
1fa0: 005169a0 00517240 005169a0 c088d6b4 005280ea 005280eb 00000000 0000005f
1fc0: 005280e4 004f9511 00517830 00000000 00000000 005169a0 00517240 005169a0
1fe0: 00000001 bed595c0 bed595e0 b6f2e9bc 20000010 ffffffff 00000000 00000000
[<c086f270>] (_test_and_set_bit) from [<c0155b78>] (queue_work_on+0x28/0x74)
[<c0155b78>] (queue_work_on) from [<c0544e6c>] (cursor_timer_handler+0x20/0x44)
[<c0544e6c>] (cursor_timer_handler) from [<c01cc78c>] (call_timer_fn+0xbc/0x408)
[<c01cc78c>] (call_timer_fn) from [<c01ccbbc>] (expire_timers+0xe4/0x220)
[<c01ccbbc>] (expire_timers) from [<c01ccd94>] (run_timer_softirq+0x9c/0x1a4)
[<c01ccd94>] (run_timer_softirq) from [<c0101714>] (__do_softirq+0x13c/0x5b8)
[<c0101714>] (__do_softirq) from [<c013fa6c>] (irq_exit+0x14c/0x1a8)
[<c013fa6c>] (irq_exit) from [<c01adf54>] (__handle_domain_irq+0x6c/0xe0)
[<c01adf54>] (__handle_domain_irq) from [<c0101574>] (gic_handle_irq+0x58/0xb8)
[<c0101574>] (gic_handle_irq) from [<c088d6b4>] (__irq_usr+0x54/0x80)
Exception stack(0xedc21fb0 to 0xedc21ff8)
1fa0:                                     005280ea 005280eb 00000000 0000005f
1fc0: 005280e4 004f9511 00517830 00000000 00000000 005169a0 00517240 005169a0
1fe0: 00000001 bed595c0 bed595e0 b6f2e9bc 20000010 ffffffff
Code: e1a002a0 e0811100 e1a03312 ee070fba (e1912f9f)

next             reply	other threads:[~2017-11-13 17:07 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CGME20171113170720epcas2p3737aa011465d2d56d10cef18dcefed7a@epcas2p3.samsung.com>
2017-11-13 17:07 ` Tony Lindgren [this message]
2017-11-13 17:24   ` Regression in Linux next-20171113 with fbdev timer conversion Bartlomiej Zolnierkiewicz
2017-11-13 17:24     ` Bartlomiej Zolnierkiewicz
2017-11-13 18:48     ` Tony Lindgren

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171113170714.GV28152@atomide.com \
    --to=tony@atomide.com \
    --cc=b.zolnierkie@samsung.com \
    --cc=daniel.vetter@ffwll.ch \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=sfr@canb.auug.org.au \
    --cc=tomi.valkeinen@ti.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.