tty: uartlite: GP fault when calling tty_unregister_driver()
From: Randy Dunlap
Date: Fri Mar 15 2019 - 00:49:29 EST
This is on v5.0-11053-gebc551f2b8f9 on x86_64. (March 12, 2019)
Just load uartlite module and then unload it.
[ 75.334373] calling ulite_init+0x0/0x1000 [uartlite] @ 1655
[ 75.334634] initcall ulite_init+0x0/0x1000 [uartlite] returned 0 after 223 usecs
[ 80.145544] kasan: CONFIG_KASAN_INLINE enabled
[ 80.145578] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 80.145614] general protection fault: 0000 [#1] PREEMPT SMP KASAN PTI
[ 80.145634] CPU: 3 PID: 1658 Comm: rmmod Not tainted 5.0.0mod #1
[ 80.145651] Hardware name: TOSHIBA PORTEGE R835/Portable PC, BIOS Version 4.10 01/08/2013
[ 80.145677] RIP: 0010:tty_unregister_driver+0x25/0x1d0
[ 80.145694] Code: 00 00 00 00 90 55 48 b8 00 00 00 00 00 fc ff df 48 89 e5 41 55 41 54 53 48 89 fb 48 83 c7 34 48 89 fa 48 c1 ea 03 48 83 ec 08 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 5e
[ 80.145728] RSP: 0018:ffff8880a41ffda0 EFLAGS: 00010286
[ 80.145744] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffffffff83a9a7b
[ 80.145761] RDX: 0000000000000006 RSI: 0000000000000004 RDI: 0000000000000034
[ 80.145778] RBP: ffff8880a41ffdc0 R08: ffffed101483ff9f R09: ffffed101483ff9f
[ 80.145796] R10: 0000000000000001 R11: ffffed101483ff9f R12: ffffffffc1d4e040
[ 80.145814] R13: ffff8880a41ffef0 R14: 0000000000000800 R15: ffffffffc1d4d3a0
[ 80.145832] FS: 00007fe6d6029b80(0000) GS:ffff88811f400000(0000) knlGS:0000000000000000
[ 80.145851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 80.145867] CR2: 000055e9112790b8 CR3: 00000000a3742006 CR4: 00000000000606e0
[ 80.145884] Call Trace:
[ 80.145903] uart_unregister_driver+0x43/0x1b0
[ 80.145924] ulite_exit+0x1c/0x25 [uartlite]
[ 80.145941] __x64_sys_delete_module+0x329/0x490
[ 80.145958] ? __ia32_sys_delete_module+0x490/0x490
[ 80.145976] ? blkcg_exit_queue+0x20/0x20
[ 80.145991] ? _raw_spin_unlock_irq+0x22/0x40
[ 80.146014] do_syscall_64+0xaa/0x310
[ 80.146028] ? prepare_exit_to_usermode+0x8b/0x150
[ 80.146046] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 80.146062] RIP: 0033:0x7fe6d5717f77
[ 80.146075] Code: 73 01 c3 48 8b 0d 21 af 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 b0 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d f1 ae 2b 00 f7 d8 64 89 01 48
[ 80.146111] RSP: 002b:00007fffdcc101b8 EFLAGS: 00000206 ORIG_RAX: 00000000000000b0
[ 80.146130] RAX: ffffffffffffffda RBX: 00007fffdcc10218 RCX: 00007fe6d5717f77
[ 80.146147] RDX: 000000000000000a RSI: 0000000000000800 RDI: 000055e91126e7d8
[ 80.146164] RBP: 000055e91126e770 R08: 00007fffdcc0f131 R09: 0000000000000000
[ 80.146181] R10: 00007fe6d57871c0 R11: 0000000000000206 R12: 00007fffdcc103e0
[ 80.146199] R13: 00007fffdcc1275b R14: 000055e91126e260 R15: 000055e91126e770
[ 80.146230] Modules linked in: uartlite(-) ctr ccm af_packet xt_tcpudp ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 ipt_REJECT nf_reject_ipv4 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter ip_tables x_tables bpfilter btrfs coretemp hwmon msr xor zstd_compress intel_rapl raid6_pq x86_pkg_temp_thermal hid_generic intel_powerclamp libcrc32c uvcvideo kvm_intel zstd_decompress usbmouse iTCO_wdt usbkbd kvm iTCO_vendor_support usbhid videobuf2_vmalloc videobuf2_memops hid videobuf2_v4l2 mei_hdcp videobuf2_common videodev arc4 iwldvm irqbypass media snd_hda_codec_hdmi mac80211 crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel iwlwifi snd_hda_codec aesni_intel
[ 80.146319] snd_hda_core aes_x86_64 crypto_simd snd_hwdep cryptd snd_pcm glue_helper sdhci_pci cqhci cfg80211 snd_timer intel_cstate intel_uncore uio_pdrv_genirq sdhci uio toshiba_acpi sparse_keymap sr_mod wmi cdrom mmc_core snd joydev pcspkr input_leds soundcore rfkill mousedev e1000e led_class intel_rapl_perf serio_raw industrialio rtc_cmos evdev mei_me mac_hid pcc_cpufreq thermal lpc_ich toshiba_haps mei battery ac sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua autofs4
[ 80.146617] ---[ end trace e7f9f1d70ea2ceb9 ]---
[ 80.146636] RIP: 0010:tty_unregister_driver+0x25/0x1d0
[ 80.146657] Code: 00 00 00 00 90 55 48 b8 00 00 00 00 00 fc ff df 48 89 e5 41 55 41 54 53 48 89 fb 48 83 c7 34 48 89 fa 48 c1 ea 03 48 83 ec 08 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 5e
[ 80.146702] RSP: 0018:ffff8880a41ffda0 EFLAGS: 00010286
[ 80.146730] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffffffff83a9a7b
[ 80.146750] RDX: 0000000000000006 RSI: 0000000000000004 RDI: 0000000000000034
[ 80.146770] RBP: ffff8880a41ffdc0 R08: ffffed101483ff9f R09: ffffed101483ff9f
[ 80.146790] R10: 0000000000000001 R11: ffffed101483ff9f R12: ffffffffc1d4e040
[ 80.146809] R13: ffff8880a41ffef0 R14: 0000000000000800 R15: ffffffffc1d4d3a0
[ 80.146830] FS: 00007fe6d6029b80(0000) GS:ffff88811f400000(0000) knlGS:0000000000000000
[ 80.146850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 80.146872] CR2: 000055e9112790b8 CR3: 00000000a3742006 CR4: 00000000000606e0
--
~Randy