Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751015AbbGaNZr (ORCPT ); Fri, 31 Jul 2015 09:25:47 -0400 Received: from mail-yk0-f169.google.com ([209.85.160.169]:34911 "EHLO mail-yk0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751142AbbGaNZp convert rfc822-to-8bit (ORCPT ); Fri, 31 Jul 2015 09:25:45 -0400 MIME-Version: 1.0 Date: Fri, 31 Jul 2015 16:25:44 +0300 Message-ID: Subject: Null pointer dereference in UDP4 core on AVR32 ATNGW100 From: Andy Shevchenko To: netdev , "linux-kernel@vger.kernel.org" Cc: "David S. Miller" , Nicolas Ferre , Eric Dumazet , David Held , Hans-Christian Egtvedt Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2836 Lines: 76 Hi! Got few weeks ago an old AVR32 board (ATNGW100). It has ethernet cards supported by macb driver. Bring it mostly back to work with recent kernel from linux-next. Now, when I start networking on it, I got in few seconds kernel panic. Unable to handle kernel NULL pointer dereference at virtual address 00000000 ptbr = 91e42000 pgd = 91e4b000 Oops: Kernel access of bad area, sig: 11 [#1] FRAME_POINTER chip: 0x01f:0x1e82 rev 2 Modules linked in: CPU: 0 PID: 0 Comm: swapper Not tainted 4.2.0-rc4-next-20150729+ #102 task: 903532dc ti: 90350000 task.ti: 90350000 PC is at __udp4_lib_rcv+0x300/0x660 LR is at 0x15da8a2f pc : [<90233a84>] lr : [<15da8a2f>] Not tainted 0sp : 90351b5c r12: 00000000 r11: 91cd4450 r10: 00000000 r9 : 0000004c r8 : 00000000 r7 : 90351c80 r6 : 91db5c80 r5 : 91e4e540 r4 : 11f6a114 r3 : 00000000 r2 : 91e6b224 r1 : 0000008a r0 : 00000000 Flags: qvnZc Mode bits: hjmde....g CPU Mode: Interrupt level 0 Stack: (0x90351b5c to 0x90352000) … Call trace: [<90233df0>] udp_rcv+0xc/0x14 [<90215220>] ip_local_deliver_finish+0xac/0x15c [<902150ca>] ip_local_deliver+0x76/0x84 [<90214d32>] ip_rcv_finish+0x23a/0x250 [<90215004>] ip_rcv+0x2bc/0x30c [<901f5ee4>] __netif_receive_skb_core+0x548/0x570 [<901f5f52>] __netif_receive_skb+0x46/0x50 [<901f5f8e>] netif_receive_skb_internal+0x32/0x3c [<901f5fa0>] netif_receive_skb_sk+0x8/0xc [<901cf358>] macb_rx+0x1b0/0x1d8 [<901cf4d8>] macb_poll+0x38/0xa4 [<901faf9c>] net_rx_action+0x84/0x1b4 [<90021e46>] __do_softirq+0x5a/0x150 [<90021f86>] irq_exit+0x26/0x58 [<9001a520>] do_IRQ+0x34/0x44 [<90019428>] irq_level0+0x18/0x5c [<900355a4>] default_idle_call+0x1c/0x20 [<9003563e>] cpu_startup_entry+0x66/0xa8 [<902a16a4>] rest_init+0x48/0x70 [<900007fc>] start_kernel+0x290/0x2dc Long time bisecting and reading assembly points to the commit 2dc41cff7545d55c6294525c811594576f8e119c Author: David Held Date: Tue Jul 15 23:28:32 2014 -0400 udp: Use hash2 for long hash1 chains in __udp*_lib_mcast_deliver. I don't know yet neither the package exactly makes this (tried to debug print, but bug disappears) nor should be network card driver fixed, or even compiler / binutils problems (using it from buildroot, which is gcc 4.2.2). Would like to hear opinions what the root cause might be and what ways we have to fix it. I'm also wondering if any other architecture with same network card has the issue. P.S. Since buildroot is not supporting anymore avr32 I use the version just before this removal. (Nicolas, does Atmel care about that?) -- With Best Regards, Andy Shevchenko -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/