Wind River Support Network

HomeDefectsLIN1018-5707
Fixed

LIN1018-5707 : Process lttng-sessiond caused kernel NULL pointer dereference at virtual address 0000000000000080

Created: Feb 11, 2020    Updated: Mar 16, 2020
Resolved Date: Feb 26, 2020
Found In Version: 10.18.44.13
Fix Version: 10.18.44.15
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Kernel, Userspace

Description

a kernel crash (kernel Oops) in lttng  (with lttng-sessiond causing a NULL pointer dereference).

 

Here is the dmesg:

<1>[ 22.637196] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000080
<1>[ 22.645982] Mem abort info:
<1>[ 22.648769] ESR = 0x96000007
<1>[ 22.651817] Exception class = DABT (current EL), IL = 32 bits
<1>[ 22.657730] SET = 0, FnV = 0
<1>[ 22.660777] EA = 0, S1PTW = 0
<1>[ 22.663910] Data abort info:
<1>[ 22.666784] ISV = 0, ISS = 0x00000007
<1>[ 22.670611] CM = 0, WnR = 0
<1>[ 22.673574] user pgtable: 4k pages, 39-bit VAs, pgdp = 0000000012378f78
<1>[ 22.680180] [0000000000000080] pgd=000000007f023003, pud=000000007f023003, pmd=000000007f01f003, pte=0000000000000000
<0>[ 22.690794] Internal error: Oops: 96000007 [#1] PREEMPT SMP
<4>[ 22.690797] Modules linked in: adkNetD ncp lttng_ring_buffer_client_overwrite(C) lttng_ring_buffer_metadata_client(C) lttng_ring_buffer_client_discard(C) lttng_ring_buffer_client_mmap_overwrite(C) lttng_ring_buffer_client_mmap_discard(C) lttng_ring_buffer_metadata_mmap_client(C) lttng_probe_signal(C) lttng_probe_printk(C) lttng_probe_sched(C) lttng_probe_irq(C) lttng_tracer(C) lttng_statedump(C) lttng_ftrace(C) lttng_lib_ring_buffer(C) lttng_clock_plugin_arm_cntpct(C) lttng_clock(C)
<0>[ 22.690823] Process lttng-sessiond (pid: 3093, stack limit = 0x000000005d27910f)
<4>[ 22.690828] CPU: 1 PID: 3093 Comm: lttng-sessiond Tainted: G C 4.18.37-rt820-custom #1
<4>[ 22.690830] Hardware name: DUS33 (CPM2-20) (DT)
<4>[ 22.690833] pstate: 60000005 (nZCv daif -PAN -UAO)
<4>[ 22.690845] pc : do_lttng_statedump+0xcc/0x8a8 [lttng_statedump]
<4>[ 22.690849] lr : do_lttng_statedump+0xc4/0x8a8 [lttng_statedump]
<4>[ 22.690851] sp : ffffffc07fe57ad0
<4>[ 22.690852] x29: ffffffc07fe57ad0 x28: ffffffc008ae2700
<4>[ 22.690856] x27: ffffff8000724000 x26: 0000000000000001
<4>[ 22.690859] x25: ffffff80089c9620 x24: 0000000000000000
<4>[ 22.690862] x23: ffffffc008ae2e10 x22: ffffff80089d3380
<4>[ 22.690865] x21: ffffffc07f450000 x20: ffffffc008ae2700
<4>[ 22.690869] x19: 0000000000000007 x18: 00000000fffffffe
<4>[ 22.690871] x17: 0000000000000000 x16: ffffff800824b980
<4>[ 22.690874] x15: 0000000000000000 x14: 736162203b656e6f
<4>[ 22.690877] x13: 6e203d20676e6964 x12: 0000000000000000
<4>[ 22.690880] x11: 0101010101010101 x10: 7f7f7f7f7f7f7f7f
<4>[ 22.690882] x9 : 3c1f647968721eff x8 : ffffffc0877504c8
<4>[ 22.690886] x7 : 09093a7c093a7c08 x6 : ffffff8010c4b317
<4>[ 22.690888] x5 : 0000000000000000 x4 : 00000040a7575000
<4>[ 22.690891] x3 : ffffffc008ae2e28 x2 : 0000000000000000
<4>[ 22.690894] x1 : 0000000000000000 x0 : 0000000000000000
<4>[ 22.690896] Call trace:
<4>[ 22.690902] do_lttng_statedump+0xcc/0x8a8 [lttng_statedump]
<4>[ 22.690905] lttng_statedump_start+0x20/0x30 [lttng_statedump]
<4>[ 22.690981] lttng_session_enable+0xf0/0x120 [lttng_tracer]
<4>[ 22.691018] lttng_session_ioctl+0x22c/0x328 [lttng_tracer]
<4>[ 22.691026] compat_sys_ioctl+0x110/0x778
<4>[ 22.691030] el0_svc_naked+0x30/0x34
<0>[ 22.691034] Code: 1a9f17fa 95e689e4 aa0003f8 d503201f (f9404318)
 
Live chat
Online