linux-usb.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: bugzilla-daemon@bugzilla.kernel.org
To: linux-usb@vger.kernel.org
Subject: [Bug 215117] New: ucsi_acpi: kernel NULL pointer dereference
Date: Tue, 23 Nov 2021 03:51:57 +0000	[thread overview]
Message-ID: <bug-215117-208809@https.bugzilla.kernel.org/> (raw)

https://bugzilla.kernel.org/show_bug.cgi?id=215117

            Bug ID: 215117
           Summary: ucsi_acpi: kernel NULL pointer dereference
           Product: Drivers
           Version: 2.5
    Kernel Version: 5.16-rc2
          Hardware: x86-64
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: USB
          Assignee: drivers_usb@kernel-bugs.kernel.org
          Reporter: linux-kernel-bugs@hixontech.com
        Regression: No

Created attachment 299677
  --> https://bugzilla.kernel.org/attachment.cgi?id=299677&action=edit
journal and lshw

The system fails to boot completely (or shutdown properly) after kernel oops,
apparently in the ucsi_acpi module. It boots up fine with this module
blacklisted. I first noticed the issue on 5.16-rc1; the problem continues with
5.16-rc2.

HW: HP ENVY x360, AMD Ryzen 7 4700U with Radeon Graphics, Renoir

Attached: full kernel journal log and output from lshw.

OOPS:

Nov 22 06:44:04 kernel: BUG: kernel NULL pointer dereference, address:
0000000000000058
Nov 22 06:44:04 kernel: #PF: supervisor read access in kernel mode
Nov 22 06:44:04 kernel: #PF: error_code(0x0000) - not-present page
Nov 22 06:44:04 kernel: PGD 0 P4D 0 
Nov 22 06:44:04 kernel: Oops: 0000 [#1] PREEMPT SMP NOPTI
Nov 22 06:44:04 kernel: CPU: 0 PID: 394 Comm: kworker/0:2 Not tainted
5.16.0-rc2-1-mainline #1 4a5aa185cbfb8b63cd50dfec190bc41096ea30a5
Nov 22 06:44:04 kernel: Hardware name: HP HP ENVY x360 Convertible
15-ds1xxx/87A9, BIOS F.07 03/18/2021
Nov 22 06:44:04 kernel: Workqueue: events_long ucsi_init_work [typec_ucsi]
Nov 22 06:44:04 kernel: RIP: 0010:typec_register_altmode+0x2e/0x3a0 [typec]
Nov 22 06:44:04 kernel: Code: 00 41 57 41 56 41 55 41 54 49 89 f4 55 48 89 fd
48 8d bf 08 03 00 00 53 48 83 ec 28 65 48 8b 04 25 28 00 00 00 48 89 44 24 20
<48> 8b 87 50 fd ff ff 48 3d e0 99 5b c0 74 18 48 8d 95 f8 02 00 00
Nov 22 06:44:04 kernel: RSP: 0018:ffffa171c0f9fd30 EFLAGS: 00010286
Nov 22 06:44:04 kernel: RAX: 8a5a9eb1bcae6600 RBX: ffff94994f1b7800 RCX:
0000000000000001
Nov 22 06:44:04 kernel: RDX: 0000000000000000 RSI: ffffa171c0f9fdd0 RDI:
0000000000000308
Nov 22 06:44:04 kernel: RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000000
Nov 22 06:44:04 kernel: R10: 0000000000000000 R11: 0000000000000000 R12:
ffffa171c0f9fdd0
Nov 22 06:44:04 kernel: R13: 0000000000000000 R14: 0000000000000000 R15:
ffff94994f1b7800
Nov 22 06:44:04 kernel: FS:  0000000000000000(0000) GS:ffff949c3f600000(0000)
knlGS:0000000000000000
Nov 22 06:44:04 kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Nov 22 06:44:04 kernel: CR2: 0000000000000058 CR3: 0000000103c3e000 CR4:
0000000000350ef0
Nov 22 06:44:04 kernel: Call Trace:
Nov 22 06:44:04 kernel:  <TASK>
Nov 22 06:44:04 kernel:  ? ucsi_acpi_sync_write+0x4a/0x70 [ucsi_acpi
02bdd89c7010256e11856d8931a8362b48e4c3f7]
Nov 22 06:44:04 kernel:  ucsi_register_altmode.constprop.0+0x1f0/0x250
[typec_ucsi 5c5256aa8a0bedb6e8965681f3f36303c0e1b18d]
Nov 22 06:44:04 kernel:  ucsi_register_altmodes+0x161/0x1c0 [typec_ucsi
5c5256aa8a0bedb6e8965681f3f36303c0e1b18d]
Nov 22 06:44:04 kernel:  ucsi_check_altmodes+0x17/0x50 [typec_ucsi
5c5256aa8a0bedb6e8965681f3f36303c0e1b18d]
Nov 22 06:44:04 kernel:  ucsi_init_work+0x6c7/0x720 [typec_ucsi
5c5256aa8a0bedb6e8965681f3f36303c0e1b18d]
Nov 22 06:44:04 kernel:  process_one_work+0x1e8/0x3c0
Nov 22 06:44:04 kernel:  worker_thread+0x50/0x3c0
Nov 22 06:44:04 kernel:  ? rescuer_thread+0x390/0x390
Nov 22 06:44:04 kernel:  kthread+0x15c/0x180
Nov 22 06:44:04 kernel:  ? set_kthread_struct+0x50/0x50
Nov 22 06:44:04 kernel:  ret_from_fork+0x22/0x30
Nov 22 06:44:04 kernel:  </TASK>
Nov 22 06:44:04 kernel: Modules linked in: snd_hda_codec_realtek(+) fjes(-)
snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi joydev iwlmvm(+)
mousedev snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi mac80211
nls_iso8859_1 snd_hda_codec btusb vfat amdgpu(+) libarc4 snd_hda_core btrtl fat
snd_hwdep btbcm iwlwifi snd_pcm btintel snd_timer bluetooth snd_pci_acp5x
snd_rn_pci_acp3x k10temp gpu_sched amd_sfh snd_pci_acp3x cfg80211 snd
ecdh_generic ucsi_acpi drm_ttm_helper sp5100_tco soundcore rfkill typec_ucsi
ttm i2c_piix4 typec mac_hid roles wmi video tpm_crb tpm_tis wireless_hotkey
tpm_tis_core hp_accel acpi_cpufreq lis3lv02d amd_pmc acpi_tad 9pnet_virtio 9p
9pnet fscache netfs sg crypto_user fuse bpf_preload ip_tables x_tables ext4
crc32c_generic crc16 mbcache jbd2 dm_crypt cbc encrypted_keys dm_mod trusted
asn1_encoder tee tpm rtsx_pci_sdmmc mmc_core crct10dif_pclmul serio_raw
crc32_pclmul crc32c_intel ghash_clmulni_intel atkbd aesni_intel libps2
crypto_simd cryptd ccp xhci_pci
Nov 22 06:44:04 kernel:  xhci_pci_renesas rng_core rtsx_pci i8042 serio
hid_multitouch i2c_hid_acpi i2c_hid pinctrl_amd
Nov 22 06:44:04 kernel: CR2: 0000000000000058
Nov 22 06:44:04 kernel: ---[ end trace bdd82aa217da2b8a ]---
Nov 22 06:44:04 kernel: RIP: 0010:typec_register_altmode+0x2e/0x3a0 [typec]
Nov 22 06:44:04 kernel: Code: 00 41 57 41 56 41 55 41 54 49 89 f4 55 48 89 fd
48 8d bf 08 03 00 00 53 48 83 ec 28 65 48 8b 04 25 28 00 00 00 48 89 44 24 20
<48> 8b 87 50 fd ff ff 48 3d e0 99 5b c0 74 18 48 8d 95 f8 02 00 00
Nov 22 06:44:04 kernel: RSP: 0018:ffffa171c0f9fd30 EFLAGS: 00010286
Nov 22 06:44:04 kernel: RAX: 8a5a9eb1bcae6600 RBX: ffff94994f1b7800 RCX:
0000000000000001
Nov 22 06:44:04 kernel: RDX: 0000000000000000 RSI: ffffa171c0f9fdd0 RDI:
0000000000000308
Nov 22 06:44:04 kernel: RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000000
Nov 22 06:44:04 kernel: R10: 0000000000000000 R11: 0000000000000000 R12:
ffffa171c0f9fdd0
Nov 22 06:44:04 kernel: R13: 0000000000000000 R14: 0000000000000000 R15:
ffff94994f1b7800
Nov 22 06:44:04 kernel: FS:  0000000000000000(0000) GS:ffff949c3f600000(0000)
knlGS:0000000000000000
Nov 22 06:44:04 kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Nov 22 06:44:04 kernel: CR2: 0000000000000058 CR3: 0000000103c3e000 CR4:
0000000000350ef0

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are watching the assignee of the bug.

             reply	other threads:[~2021-11-23  3:51 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-23  3:51 bugzilla-daemon [this message]
2021-12-07  9:16 ` [Bug 215117] " bugzilla-daemon
2021-12-16  9:22 ` [Bug 215117] New: " Thorsten Leemhuis
2021-12-16 11:47   ` Heikki Krogerus
2021-12-16  9:22 ` [Bug 215117] " bugzilla-daemon
2021-12-16 11:09 ` bugzilla-daemon
2021-12-16 11:43 ` bugzilla-daemon
2021-12-16 11:48 ` bugzilla-daemon
2021-12-16 13:01 ` bugzilla-daemon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-215117-208809@https.bugzilla.kernel.org/ \
    --to=bugzilla-daemon@bugzilla.kernel.org \
    --cc=linux-usb@vger.kernel.org \
    --subject='Re: [Bug 215117] New: ucsi_acpi: kernel NULL pointer dereference' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).