PCI: Regression in remove NULL device handling from PCI DMA API

From: tedheadster
Date: Sat May 05 2018 - 07:55:31 EST

Next message: Fabio Estevam: "Re: [PATCH V6 7/7] ARM: dts: imx6sx-sabreauto: add egalax touch screen support"
Previous message: kbuild test robot: "Re: [PATCH] i2c: core-smbus: fix a potential uninitialization bug"
Next in thread: Christoph Hellwig: "Re: PCI: Regression in remove NULL device handling from PCI DMA API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Christoph,
I bisected the following kernel panic to the patch "PCI: Remove NULL
device handling from PCI DMA API". It seems we
still need NULL checking for some older drivers, in my case the 3c59x
driver for PCI/EISA cards.

I am pretty sure the panic arises in the driver here
(drivers/net/ethernet/3com/3c59x.c: vortex_probe1() ):

/* Makes sure rings are at least 16 byte aligned. */
vp->rx_ring = pci_alloc_consistent(pdev, sizeof(struct
boom_rx_desc) * RX_RING_SIZE
+ sizeof(struct
boom_tx_desc) * TX_RING_SIZE,
&vp->rx_ring_dma);

Here is the panic backtrace:

eisa 00:08: EISA: slot 8: TCM5970 detected
3c59x: Donald Becker and others.
00:08: 3Com EISA 3c597 EISA Fast Demon/Vortex at 4d2ccbd3.
BUG: unable to handle kernel NULL pointer dereference at 000000e8
IP: get_dma_ops+0x7/0x18
*pde = 00000000
Oops: 0000 [#1]
CPU: 0 PID: 1 Comm: swapper Not tainted 4.15.0-rc4.i486-netinstall-14+ #47
EIP: get_dma_ops+0x7/0x18
EFLAGS: 00010202 CPU: 0
EAX: 00000064 EBX: c01844a0 ECX: 00000000 EDX: 00000020
ESI: c0182708 EDI: ffffffff EBP: c0015cc8 ESP: c0015cc8
DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
CR0: 80050033 CR2: 000000e8 CR3: 01348000 CR4: 00000000
Call Trace:
vortex_probe1+0x31b/0xc6f
? node_tag_clear+0x2f/0x71
? radix_tree_iter_tag_clear+0x14/0x1a
? idr_alloc_cmn+0x77/0x8d
? slob_page_alloc+0x12b/0x172
? __kmalloc+0x2e/0x56
? __request_region+0x82/0xdf
? do_task_dead+0x21/0x21
vortex_eisa_probe+0x6a/0xa1
driver_probe_device+0x18c/0x316
__device_attach_driver+0xa7/0xb6
bus_for_each_drv+0x57/0x63
__device_attach+0x68/0xbb
? driver_allows_async_probing+0xc/0xc
device_initial_probe+0xd/0xf
bus_probe_device+0x1f/0x5f
device_add+0x387/0x442
device_register+0x12/0x15
eisa_register_device+0x12/0x7c
eisa_root_register+0x1e8/0x25c
? eisa_root_register+0x25c/0x25c
virtual_eisa_root_init+0x2f/0x42
do_one_initcall+0x7c/0x106
? parse_args+0x1ac/0x2a0
? kernel_init_freeable+0xba/0x156
kernel_init_freeable+0xda/0x156
? rest_init+0x70/0x70
kernel_init+0x8/0xc6
ret_from_fork+0x19/0x30
Code: 04 74 17 68 8b b7 2c c1 68 b8 a4 2b c1 68 b8 52 30 c1 e8 a4 4f
fa ff 83 c4 0c 89 d8 8d 65 f4 5b 5e 5f 5d c3 55 89 e5 85 c0 74 0a <8b>
80 84 00 00 00 85 c0 75 05 a1 a8 69 2e c1 5d c3 55 89 e5 53
EIP: get_dma_ops+0x7/0x18 SS:ESP: 0068:c0015cc8
CR2: 00000000000000e8
---[ end trace 8d36496943468a6f ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009

Kernel Offset: disabled

- Matthew Whitehead

Next message: Fabio Estevam: "Re: [PATCH V6 7/7] ARM: dts: imx6sx-sabreauto: add egalax touch screen support"
Previous message: kbuild test robot: "Re: [PATCH] i2c: core-smbus: fix a potential uninitialization bug"
Next in thread: Christoph Hellwig: "Re: PCI: Regression in remove NULL device handling from PCI DMA API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]