From patchwork Wed Jan 13 02:06:22 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kefeng Wang X-Patchwork-Id: 59643 Delivered-To: patch@linaro.org Received: by 10.112.130.2 with SMTP id oa2csp3083771lbb; Tue, 12 Jan 2016 18:06:47 -0800 (PST) X-Received: by 10.66.139.166 with SMTP id qz6mr119477117pab.148.1452650807238; Tue, 12 Jan 2016 18:06:47 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x65si40079352pfa.33.2016.01.12.18.06.46; Tue, 12 Jan 2016 18:06:47 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753662AbcAMCGp (ORCPT + 29 others); Tue, 12 Jan 2016 21:06:45 -0500 Received: from szxga03-in.huawei.com ([119.145.14.66]:61361 "EHLO szxga03-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753597AbcAMCGn (ORCPT ); Tue, 12 Jan 2016 21:06:43 -0500 Received: from 172.24.1.47 (EHLO szxeml427-hub.china.huawei.com) ([172.24.1.47]) by szxrg03-dlp.huawei.com (MOS 4.4.3-GA FastPath queued) with ESMTP id BUL85891; Wed, 13 Jan 2016 10:06:38 +0800 (CST) Received: from linux-ibm.site (10.175.102.37) by szxeml427-hub.china.huawei.com (10.82.67.182) with Microsoft SMTP Server id 14.3.235.1; Wed, 13 Jan 2016 10:06:30 +0800 From: Kefeng Wang To: Ingo Molnar , Peter Zijlstra , "Paul E. McKenney" , CC: Subject: [PATCH] locktorture: Fix NULL pointer when torture_type is invalid Date: Wed, 13 Jan 2016 10:06:22 +0800 Message-ID: <1452650782-15099-1-git-send-email-wangkefeng.wang@huawei.com> X-Mailer: git-send-email 1.7.12.4 MIME-Version: 1.0 X-Originating-IP: [10.175.102.37] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090203.5695B12F.0025, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-05-26 15:14:31, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: aef83e992c969b27043c6b8ffe2c0fec Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Insmod locktorture with torture_type=mutex will lead to crash, Unable to handle kernel NULL pointer dereference at virtual address 00000008 pgd = ffffffc0f6c10000 [00000008] *pgd=000000013b221003, *pud=000000013b221003, *pmd=0000000000000000 Internal error: Oops: 94000006 [#1] PREEMPT SMP Modules linked in: locktorture(+) torture CPU: 2 PID: 1462 Comm: insmod Not tainted 4.4.0+ #19 Hardware name: linux,dummy-virt (DT) task: ffffffc0fb2b3700 ti: ffffffc0fa938000 task.ti: ffffffc0fa938000 PC is at __torture_print_stats+0x18/0x180 [locktorture] LR is at lock_torture_stats_print+0x68/0x110 [locktorture] pc : [] lr : [] pstate: 60000145 sp : ffffffc0fa93bb20 [snip...] Call trace: [] __torture_print_stats+0x18/0x180 [locktorture] [] lock_torture_stats_print+0x68/0x110 [locktorture] [] lock_torture_cleanup+0xc4/0x278 [locktorture] [] lock_torture_init+0x144/0x5b0 [locktorture] [] do_one_initcall+0x94/0x1a0 [] do_init_module+0x60/0x1c8 [] load_module+0x1880/0x1c9c [] SyS_finit_module+0x7c/0x88 [] el0_svc_naked+0x24/0x28 Fix it by check stats_task in lock_torture_cleanup() to guard not into a wrong path. Signed-off-by: Kefeng Wang --- kernel/locking/locktorture.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) -- 1.7.12.4 diff --git a/kernel/locking/locktorture.c b/kernel/locking/locktorture.c index 8ef1919..1afa8ad 100644 --- a/kernel/locking/locktorture.c +++ b/kernel/locking/locktorture.c @@ -764,8 +764,10 @@ static void lock_torture_cleanup(void) reader_tasks = NULL; } - torture_stop_kthread(lock_torture_stats, stats_task); - lock_torture_stats_print(); /* -After- the stats thread is stopped! */ + if (stats_task) { + torture_stop_kthread(lock_torture_stats, stats_task); + lock_torture_stats_print(); /* -After- the stats thread is stopped! */ + } if (atomic_read(&cxt.n_lock_torture_errors)) lock_torture_print_module_parms(cxt.cur_ops,