On 12/11/2014 02:41 PM, Nick Kralevich wrote: > Has anyone seen this kernel panic before? Known issue? I don't have > repo steps...
I have not. Any other dmesg output from the binder driver prior to this crash? Only way I can see that this could happen would be if one or the other task arguments to selinux_binder_transaction() were NULL, which would be a bug in the caller (i.e. the binder driver). The binder driver calls the hook with proc->tsk and target_proc->tsk, and has just checked that target_proc is non-NULL (but not necessarily target_proc->tsk). The proc->tsk field is set upon binder_open(), and a put_task_struct() of it occurs in binder_deferred_release() just prior to kfree of the proc itself, so the lifecycle seems to be the same. I'd ask the binder driver maintainer(s) if NULL proc->tsk or target_proc->tsk is ever possible there; I don't see how it would happen. If the specific kernel branch/tag is public and can be identified, that might help. > This is showing up in a 3.10 based kernel. > > [28800.379179] Unable to handle kernel NULL pointer dereference at > virtual address 000001d0 > [28800.379210] pgd = d1588000 > [28800.379210] [000001d0] *pgd=00000000 > [28800.379240] Internal error: Oops: 5 [#1] PREEMPT ARM > [28800.379240] CPU: 0 PID: 1765 Comm: android.fg Not tainted 3.10.0-g89fdc2c > #1 > [28800.379271] task: cf26c000 ti: cf270000 task.ti: cf270000 > [28800.379271] PC is at selinux_binder_transaction+0x54/0xc0 > [28800.379301] LR is at selinux_binder_transaction+0x54/0xc0 > [28800.379301] pc : [<c01cc89c>] lr : [<c01cc89c>] psr: 600f0053 > [28800.379301] sp : cf271d68 ip : cf271d68 fp : cf271d8c > [28800.379301] r10: d1f87cc0 r9 : de8a4e00 r8 : 00000000 > [28800.379332] r7 : c086fe3c r6 : 00000000 r5 : 000000cf r4 : 000000cf > [28800.379332] r3 : cf26c000 r2 : 00000001 r1 : 00000000 r0 : d2811040 > [28800.379332] Flags: nZCv IRQs on FIQs off Mode SVC_32 ISA ARM > Segment user > [28800.379362] Control: 10c5387d Table: 91588019 DAC: 00000015 > [28800.379362] > [28800.379362] PC: 0xc01cc81c: > [28800.379362] c81c ebfa1208 e3a03000 e1a00005 e58d3000 e3a02032 > e58d3004 e1a01004 e3a03004 > [28800.379393] c83c ebfff8a8 e24bd014 e89da830 e1a0c00d e92dd870 > e24cb004 e24dd00c e52de004 > [28800.379423] c85c e8bd4000 e1a0200d e3c23d7f e1a04000 e3c3303f > e1a06001 e593300c e59331d4 > [28800.379454] c87c e593305c e5935004 ebfa11e1 e59431d0 e593305c > e5934004 ebfa11ea ebfa11dc > [28800.379484] c89c e59631d0 e593305c e5936004 ebfa11e5 e1550004 > 1a000008 e3a03000 e1a00004 > [28800.379515] c8bc e58d3000 e1a01006 e58d3004 e3a02032 e3a03002 > ebfff883 ea000009 e3a03000 > [28800.379515] c8dc e1a00005 e58d3000 e1a01004 e58d3004 e3a02032 > e3a03001 ebfff87a e3500000 > [28800.379545] c8fc 0affffec e24bd018 e89da870 e1a0c00d e92dd870 > e24cb004 e24dd00c e52de004 > [28800.379576] > [28800.379576] LR: 0xc01cc81c: > [28800.379576] c81c ebfa1208 e3a03000 e1a00005 e58d3000 e3a02032 > e58d3004 e1a01004 e3a03004 > [28800.379606] c83c ebfff8a8 e24bd014 e89da830 e1a0c00d e92dd870 > e24cb004 e24dd00c e52de004 > [28800.379637] c85c e8bd4000 e1a0200d e3c23d7f e1a04000 e3c3303f > e1a06001 e593300c e59331d4 > [28800.379667] c87c e593305c e5935004 ebfa11e1 e59431d0 e593305c > e5934004 ebfa11ea ebfa11dc > [28800.379698] c89c e59631d0 e593305c e5936004 ebfa11e5 e1550004 > 1a000008 e3a03000 e1a00004 > [28800.379728] c8bc e58d3000 e1a01006 e58d3004 e3a02032 e3a03002 > ebfff883 ea000009 e3a03000 > [28800.379759] c8dc e1a00005 e58d3000 e1a01004 e58d3004 e3a02032 > e3a03001 ebfff87a e3500000 > [28800.379789] c8fc 0affffec e24bd018 e89da870 e1a0c00d e92dd870 > e24cb004 e24dd00c e52de004 > [28800.379789] > [28800.379789] SP: 0xcf271ce8: > [28800.379820] 1ce8 cf271d0c cf271cf8 c0062660 c0061ea8 cf26c030 > c00627e8 c01cc89c 600f0053 > [28800.379850] 1d08 ffffffff cf271d54 cf271d8c cf271d20 c000e798 > c00083a0 d2811040 00000000 > [28800.379881] 1d28 00000001 cf26c000 000000cf 000000cf 00000000 > c086fe3c 00000000 de8a4e00 > [28800.379881] 1d48 d1f87cc0 cf271d8c cf271d68 cf271d68 c01cc89c > c01cc89c 600f0053 ffffffff > [28800.379912] 1d68 00000000 0003b9ad cf271d9c c086fab8 d3e05300 > 00000378 cf271d9c cf271d90 > [28800.379942] 1d88 c01c70e4 c01cc854 cf271e7c cf271da0 c03dc0a4 > c01c70cc cf271dc4 cf271db0 > [28800.379973] 1da8 c0011150 c002e1d4 cf26c000 c0059be8 ffffffff > 00000000 cf271df4 cf271dd0 > [28800.380003] 1dc8 c0059be8 c00f6518 df665ea0 df9789d0 cf271e20 > b8a4cfec 00000016 b8a4cfc0 > [28800.380034] > [28800.380034] IP: 0xcf271ce8: > [28800.380034] 1ce8 cf271d0c cf271cf8 c0062660 c0061ea8 cf26c030 > c00627e8 c01cc89c 600f0053 > [28800.380064] 1d08 ffffffff cf271d54 cf271d8c cf271d20 c000e798 > c00083a0 d2811040 00000000 > [28800.380095] 1d28 00000001 cf26c000 000000cf 000000cf 00000000 > c086fe3c 00000000 de8a4e00 > [28800.380125] 1d48 d1f87cc0 cf271d8c cf271d68 cf271d68 c01cc89c > c01cc89c 600f0053 ffffffff > [28800.380125] 1d68 00000000 0003b9ad cf271d9c c086fab8 d3e05300 > 00000378 cf271d9c cf271d90 > [28800.380156] 1d88 c01c70e4 c01cc854 cf271e7c cf271da0 c03dc0a4 > c01c70cc cf271dc4 cf271db0 > [28800.380186] 1da8 c0011150 c002e1d4 cf26c000 c0059be8 ffffffff > 00000000 cf271df4 cf271dd0 > [28800.380217] 1dc8 c0059be8 c00f6518 df665ea0 df9789d0 cf271e20 > b8a4cfec 00000016 b8a4cfc0 > [28800.380247] > [28800.380247] FP: 0xcf271d0c: > [28800.380247] 1d0c cf271d54 cf271d8c cf271d20 c000e798 c00083a0 > d2811040 00000000 00000001 > [28800.380278] 1d2c cf26c000 000000cf 000000cf 00000000 c086fe3c > 00000000 de8a4e00 d1f87cc0 > [28800.380308] 1d4c cf271d8c cf271d68 cf271d68 c01cc89c c01cc89c > 600f0053 ffffffff 00000000 > [28800.380339] 1d6c 0003b9ad cf271d9c c086fab8 d3e05300 00000378 > cf271d9c cf271d90 c01c70e4 > [28800.380369] 1d8c c01cc854 cf271e7c cf271da0 c03dc0a4 c01c70cc > cf271dc4 cf271db0 c0011150 > [28800.380400] 1dac c002e1d4 cf26c000 c0059be8 ffffffff 00000000 > cf271df4 cf271dd0 c0059be8 > [28800.380400] 1dcc c00f6518 df665ea0 df9789d0 cf271e20 b8a4cfec > 00000016 b8a4cfc0 c00f6518 > [28800.380430] 1dec c0106be0 00000000 df665ea0 df9789d0 c00f88a8 > 00000000 df665ea0 cfc51e80 > [28800.380461] > [28800.380461] R0: 0xd2810fc0: > [28800.380461] 0fc0 00000000 00000000 00000000 00000000 0000000d > 00000020 00000000 0000c350 > [28800.380491] 0fe0 0000c350 ffffffff 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.380522] 1000 00000000 00000000 dffffbff ffffdfbd 93ffffff > f9ffffff ffffffff dbfbdfff > [28800.380552] 1020 bfbeffff fffffffd ffffbfff ffffffff 7fbfffff > fdffffff ffdfffff fbffefff > [28800.380583] 1040 00000000 d1584000 00000003 00404140 00000000 > 00000001 00000076 00000076 > [28800.380613] 1060 00000076 00000000 c05b6518 00000000 00000632 > 00295252 d6b36739 00000000 > [28800.380644] 1080 00000000 d2811084 d2811084 00000001 9ac1c7b8 > 00001a31 c0d0d2e1 00000005 > [28800.380644] 10a0 9309e634 00000517 c0d05bab 00000005 00000000 > 00000000 df1b7080 df38c100 > [28800.380674] > [28800.380674] R3: 0xcf26bf80: > [28800.380705] bf80 bffcffff cfffffff dffffdff fbfffbef fbffff5f > fde5feef 7fffffff ff5fffff > [28800.380705] bfa0 fffffffd fdffffff fffffffb ff7fffff fffffffd > fbfffff9 fdffbfff ffffffff > [28800.380736] bfc0 f7ffffff fffffff3 ffffffff ffffffff ffffffef > bffff7ff ffbfffff dfffffff > [28800.380766] bfe0 ffefffff fffffff7 ffffffff dfffffff ffbfffff > ffeffffb fdeffbff fbffffff > [28800.380797] c000 00000000 cf270000 00000002 00404040 00000000 > 00000001 00000078 00000078 > [28800.380827] c020 00000078 00000000 c05b6518 00000000 00000400 > 00400000 cf26c9f8 00000000 > [28800.380858] c040 00000000 cf26c044 cf26c044 00000001 9c5c071a > 00001a31 5ab344b7 00000000 > [28800.380888] c060 92dc1f74 00000517 5ab344b7 00000000 00000000 > 00000000 df1b7080 df38c100 > [28800.380888] > [28800.380888] R7: 0xc086fdbc: > [28800.380919] fdbc 00000000 00000000 00093bd0 00000000 000007bc > 000007bc 00000006 000006cc > [28800.380949] fddc 00000000 000006cf 00000060 00000000 00093bd1 > 00000002 000006cc 00000835 > [28800.380949] fdfc ffffffff 000007bc 000007bc 00000000 000000a4 > 00000000 00093bd2 00000002 > [28800.380980] fe1c 00000584 00001672 ffffffff 000006cc 00000734 > 00000000 00000000 00000000 > [28800.381010] fe3c 00000000 00000001 000006cc 000006e5 0000008f > 00000000 00000000 0000fb56 > [28800.381041] fe5c 00000054 00000000 00093bb4 00000000 0000058a > 000007ea 00000002 000006cc > [28800.381071] fe7c 000006cc 00001d09 000000ac 00000000 00093bb5 > 00000001 000006cc 000006e3 > [28800.381102] fe9c 00000030 00000584 00000000 00092742 00000050 > 00000000 00093bb6 00000001 > [28800.381132] > [28800.381132] R9: 0xde8a4d80: > [28800.381132] 4d80 00000000 00000000 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381163] 4da0 00000000 00000000 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381163] 4dc0 00000000 00000000 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381193] 4de0 00000000 00000000 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381224] 4e00 de83de00 dd631400 d6e73b04 defadb90 d6fed104 > d09f0550 000006cc dea849f8 > [28800.381254] 4e20 de82f300 d2811040 dec93000 00000000 00000000 > 00000000 e1700000 cbf5c000 > [28800.381285] 4e40 e1700000 e170021c e1700224 e17000a8 0007f000 > d10ed800 000fe000 00000000 > [28800.381315] 4e60 de8a4e60 de8a4e60 d0ef1e34 d6a4be34 00000000 > 00000000 000225db 000111ad > [28800.381346] > [28800.381346] R10: 0xd1f87c40: > [28800.381346] 7c40 00000000 d3b44500 00000000 00000020 00000008 > 00000020 00000000 00000000 > [28800.381376] 7c60 00000034 00000000 00000000 00000000 d1d821c0 > 00000000 d1f87c78 d1f87c78 > [28800.381407] 7c80 d1f87c80 d1f87c80 df7817c4 00000000 00000000 > 00000000 00000000 00000000 > [28800.381407] 7ca0 00000000 00000000 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381437] 7cc0 dea3ad80 cf226900 dea39b50 df6b6e58 deccec38 > c05f785c 0000000d 00020002 > [28800.381468] 7ce0 0000001f 00000000 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381498] 7d00 00000000 d3b47500 00000000 00000000 00000000 > 00000000 00000000 00000000 > [28800.381529] 7d20 ffffffff ffffffff 00000000 00000000 d0dd5140 > de8a4e00 d1f87d38 d1f87d38 > [28800.381559] Process android.fg (pid: 1765, stack limit = 0xcf270230) > [28800.381559] Stack: (0xcf271d68 to 0xcf272000) > [28800.381590] 1d60: 00000000 0003b9ad cf271d9c > c086fab8 d3e05300 00000378 > [28800.381590] 1d80: cf271d9c cf271d90 c01c70e4 c01cc854 cf271e7c > cf271da0 c03dc0a4 c01c70cc > [28800.381621] 1da0: cf271dc4 cf271db0 c0011150 c002e1d4 cf26c000 > c0059be8 ffffffff 00000000 > [28800.381621] 1dc0: cf271df4 cf271dd0 c0059be8 c00f6518 df665ea0 > df9789d0 cf271e20 b8a4cfec > [28800.381621] 1de0: 00000016 b8a4cfc0 c00f6518 c0106be0 00000000 > df665ea0 df9789d0 c00f88a8 > [28800.381651] 1e00: 00000000 df665ea0 cfc51e80 b8a4cfec cf271e4c > cf271e20 c00f88a8 dd001400 > [28800.381651] 1e20: 5483e7e6 08763004 0000008f 00000000 00000003 > 00000011 00000000 00000000 > [28800.381682] 1e40: 00000054 00000000 b8d5d7e0 00000000 cf214840 > 00000000 aceae3f0 de8a4e00 > [28800.381682] 1e60: c0186201 d3e05300 cf270000 d1f87cc0 cf271ee4 > cf271e80 c03df034 c03db680 > [28800.381712] 1e80: cf271ea4 00000000 00000000 00000010 cf271f78 > c01cabb8 cfbf3c7c 00000001 > [28800.381712] 1ea0: 0000002c 00000000 b8a4cfc0 00000100 00000000 > b8a4ceb8 aceae89d 00000000 > [28800.381743] 1ec0: d1f87cc0 aceae3f0 c0186201 deccec38 cf270000 > aceae3f0 cf271ef4 cf271ee8 > [28800.381743] 1ee0: c00ef458 c03ded34 cf271f74 cf271ef8 c00f0030 > c00ef42c c01d1100 c01caaf0 > [28800.381773] 1f00: cf271f28 00000000 00000000 00000001 cf271f54 > cf271f20 c01d1798 c01d10c4 > [28800.381773] 1f20: cf21b788 00000001 df665e01 dea39b50 df6b6e58 > 00000010 b8a4ce40 d1f87cc0 > [28800.381804] 1f40: aceae3f0 c0186201 cf271f64 00000000 d1f87cc0 > aceae3f0 c0186201 00000001 > [28800.381804] 1f60: cf270000 00000009 cf271fa4 cf271f78 c00f00e8 > c00efad8 00000008 00000001 > [28800.381834] 1f80: b8a4ce40 b8a4ce70 b8a4ce10 00000036 c000ee64 > 00000000 00000000 cf271fa8 > [28800.381834] 1fa0: c000ec40 c00f0094 b8a4ce40 b8a4ce70 00000009 > c0186201 aceae3f0 aceae3e8 > [28800.381865] 1fc0: b8a4ce40 b8a4ce70 b8a4ce10 00000036 00000001 > b6c0e610 b6f52dd4 00007205 > [28800.381865] 1fe0: b8831478 aceae3d8 b6f3a11d b6f34758 600f0050 > 00000009 bfafdf3d f9ffffff > [28800.381865] Backtrace: > [28800.381895] [<c01cc848>] (selinux_binder_transaction+0x0/0xc0) from > [<c01c70e4>] (security_binder_transaction+0x24/0x2c) > [28800.381895] r6:00000378 r5:d3e05300 r4:c086fab8 > [28800.381926] [<c01c70c0>] (security_binder_transaction+0x0/0x2c) > from [<c03dc0a4>] (binder_thread_write+0xa30/0x2614) > [28800.381956] [<c03db674>] (binder_thread_write+0x0/0x2614) from > [<c03df034>] (binder_ioctl+0x30c/0x9b4) > [28800.381987] [<c03ded28>] (binder_ioctl+0x0/0x9b4) from [<c00ef458>] > (vfs_ioctl+0x38/0x4c) > [28800.381987] [<c00ef420>] (vfs_ioctl+0x0/0x4c) from [<c00f0030>] > (do_vfs_ioctl+0x564/0x5bc) > [28800.382017] [<c00efacc>] (do_vfs_ioctl+0x0/0x5bc) from [<c00f00e8>] > (SyS_ioctl+0x60/0x88) > [28800.382017] [<c00f0088>] (SyS_ioctl+0x0/0x88) from [<c000ec40>] > (ret_fast_syscall+0x0/0x30) > [28800.382048] Code: e593305c e5934004 ebfa11ea ebfa11dc (e59631d0) > [28800.382780] ---[ end trace baeafa86c34f25ec ]--- > [28800.518309] healthd: battery l=100 v=4324 t=35.5 h=1 st=3 c=-259 chg= > [28800.527434] Kernel panic - not syncing: Fatal exception > [28800.622343] Rebooting in 1 seconds.. > Boot info: > Last boot reason: kernel_panic > > _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
