Re: [Umap2][2/11][10cf:5500] NULL pointer dereference

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 08/17/2016 09:32 AM, Binyamin Sharet wrote:
> Hi
>
> On 08/16/2016 04:44 PM, Binyamin Sharet wrote:
>> Kernel version: 4.4.0-24-generic #43-Ubuntu SMP
>> Driver source file: drivers/staging/comedi/drivers/vmk80xx.c
>> Umap2 command line: umap2vsscan -P <PHY> -s 10cf:5500
>>
>> After connecting such a device, there's oops due to NULL pointer
>> dereference.
>>
>> Binyamin Sharet
>> Cisco, STARE-C
>>
>> << Attached:  10cf_5500_dmesg.log >>
> I have reproduced this issue with ubuntu 16.04, using kernel 4.7-rc2.
>
kernel: 4.8-rc2
result: reproduced
attached updated dmesg log


-- 
Binyamin Sharet,
Cisco, STARE-C


[  293.583634] usb 1-1.2: new high-speed USB device number 6 using ehci-pci
[  293.772583] usb 1-1.2: New USB device found, idVendor=10cf, idProduct=5500
[  293.772587] usb 1-1.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.772589] usb 1-1.2: Product: UMAP2. PID:0x5500
[  293.772591] usb 1-1.2: Manufacturer: UMAP2. VID:0x10cf
[  293.772593] usb 1-1.2: SerialNumber: 123456
[  295.237358] comedi: module is from the staging directory, the quality is unknown, you have been warned.
[  295.238484] comedi: version 0.7.76 - http://www.comedi.org
[  295.261104] comedi_usb: module is from the staging directory, the quality is unknown, you have been warned.
[  295.266939] vmk80xx: module is from the staging directory, the quality is unknown, you have been warned.
[  295.267495] vmk80xx 1-1.2:1.0: driver 'vmk80xx' failed to auto-configure device.
[  295.267510] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  295.267575] IP: [<ffffffffbc85b511>] __down+0x51/0xd0
[  295.267615] PGD 0 
[  295.267633] Oops: 0002 [#1] SMP
[  295.267655] Modules linked in: vmk80xx(C+) comedi_usb(C) comedi(C) rfcomm bnep arc4 iwldvm uvcvideo snd_hda_codec_hdmi snd_hda_codec_conexant intel_powerclamp coretemp videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core mac80211 kvm_intel kvm snd_hda_codec_generic videodev irqbypass crct10dif_pclmul media crc32_pclmul snd_hda_intel ghash_clmulni_intel iwlwifi aesni_intel snd_hda_codec thinkpad_acpi aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd nvram snd_hda_core snd_hwdep snd_pcm cfg80211 snd_seq_midi snd_seq_midi_event snd_rawmidi mei_me btusb snd_seq btrtl btbcm btintel snd_seq_device snd_timer joydev bluetooth snd mei input_leds serio_raw intel_ips soundcore shpchp mac_hid lpc_ich parport_pc ppdev lp parport autofs4 psmouse ahci libahci i915 wmi i2c_algo_bit drm_kms_helper
[  295.268238]  syscopyarea fjes e1000e sysfillrect sysimgblt ptp fb_sys_fops pps_core drm video
[  295.268308] CPU: 2 PID: 3377 Comm: systemd-udevd Tainted: G         C      4.8.0-rc2-patched+ #1
[  295.268352] Hardware name: LENOVO 4492A56/4492A56, BIOS 6QET44WW (1.14 ) 04/20/2010
[  295.268390] task: ffff884545dd9a00 task.stack: ffff8844f516c000
[  295.268422] RIP: 0010:[<ffffffffbc85b511>]  [<ffffffffbc85b511>] __down+0x51/0xd0
[  295.268469] RSP: 0018:ffff8844f516f950  EFLAGS: 00010046
[  295.268506] RAX: 0000000000000000 RBX: ffff88454a23eb90 RCX: 0000000000000000
[  295.268593] RDX: ffff88454a23eb98 RSI: ffff884577d0dc68 RDI: ffff88454a23eb90
[  295.268674] RBP: ffff8844f516f998 R08: 0000000000000000 R09: 0000000000000006
[  295.268765] R10: 0000000000000001 R11: 0000000000000371 R12: 7fffffffffffffff
[  295.268857] R13: ffff884545dd9a00 R14: ffff884475b02978 R15: ffffffffc0923060
[  295.268945] FS:  00007fd45f3ff8c0(0000) GS:ffff884577d00000(0000) knlGS:0000000000000000
[  295.269046] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  295.269122] CR2: 0000000000000000 CR3: 00000000b518c000 CR4: 00000000000006e0
[  295.269209] Stack:
[  295.269236]  ffff88454a23eb98 0000000000000000 ffff8844f516f970 00000000b6a1ff55
[  295.269335]  ffff884475b02900 00000000b6a1ff55 ffff88454a23eb90 ffff88454a23eb90
[  295.269451]  ffff88454f0c8000 ffff8844f516f9b8 ffffffffbc0ccb81 0000000000000292
[  295.269566] Call Trace:
[  295.269611]  [<ffffffffbc0ccb81>] down+0x41/0x50
[  295.269673]  [<ffffffffc09227de>] vmk80xx_detach+0x2e/0x60 [vmk80xx]
[  295.269764]  [<ffffffffc0998171>] comedi_device_detach+0x41/0x1c0 [comedi]
[  295.269856]  [<ffffffffc0993383>] comedi_device_cleanup+0x63/0x80 [comedi]
[  295.269957]  [<ffffffffc0995157>] comedi_free_board_dev+0x17/0x60 [comedi]
[  295.270045]  [<ffffffffc099712a>] comedi_release_hardware_device+0x7a/0x90 [comedi]
[  295.270130]  [<ffffffffc099802c>] comedi_auto_config+0xcc/0x130 [comedi]
[  295.270186]  [<ffffffffc07ca062>] comedi_usb_auto_config+0x12/0x20 [comedi_usb]
[  295.270251]  [<ffffffffc0922019>] vmk80xx_usb_probe+0x19/0x20 [vmk80xx]
[  295.270314]  [<ffffffffbc63c913>] usb_probe_interface+0x153/0x2f0
[  295.270387]  [<ffffffffbc56d244>] driver_probe_device+0x224/0x430
[  295.270449]  [<ffffffffbc56d52f>] __driver_attach+0xdf/0xf0
[  295.270504]  [<ffffffffbc56d450>] ? driver_probe_device+0x430/0x430
[  295.270569]  [<ffffffffbc56ad2c>] bus_for_each_dev+0x6c/0xc0
[  295.270622]  [<ffffffffbc56c93e>] driver_attach+0x1e/0x20
[  295.270674]  [<ffffffffbc56c3ed>] bus_add_driver+0x1fd/0x270
[  295.270726]  [<ffffffffbc56dea0>] driver_register+0x60/0xe0
[  295.270783]  [<ffffffffbc63b294>] usb_register_driver+0x84/0x140
[  295.270842]  [<ffffffffc021f000>] ? 0xffffffffc021f000
[  295.270897]  [<ffffffffc07ca0e1>] comedi_usb_driver_register+0x31/0x50 [comedi_usb]
[  295.270969]  [<ffffffffc021f017>] vmk80xx_driver_init+0x17/0x1000 [vmk80xx]
[  295.271036]  [<ffffffffbc002190>] do_one_initcall+0x50/0x180
[  295.273192]  [<ffffffffbc2023b2>] ? kmem_cache_alloc_trace+0x152/0x1c0
[  295.275512]  [<ffffffffbc1977f4>] do_init_module+0x5f/0x1f6
[  295.277816]  [<ffffffffbc10edfb>] load_module+0x241b/0x2ab0
[  295.280163]  [<ffffffffbc10b7a0>] ? __symbol_put+0x60/0x60
[  295.282410]  [<ffffffffbc228ef0>] ? __vfs_read+0xe0/0x150
[  295.284569]  [<ffffffffbc363d5b>] ? security_kernel_post_read_file+0x6b/0x80
[  295.286667]  [<ffffffffbc10f6ef>] SYSC_finit_module+0xdf/0x110
[  295.288703]  [<ffffffffbc10f73e>] SyS_finit_module+0xe/0x10
[  295.290662]  [<ffffffffbc85dc76>] entry_SYSCALL_64_fastpath+0x1e/0xa8
[  295.292580] Code: 00 00 48 83 e4 f0 48 83 ec 30 65 48 8b 04 25 28 00 00 00 48 89 44 24 28 31 c0 48 8b 47 10 48 89 14 24 48 89 67 10 48 89 44 24 08 <48> 89 20 4c 89 6c 24 10 c6 44 24 18 00 49 c7 45 00 02 00 00 00 
[  295.296864] RIP  [<ffffffffbc85b511>] __down+0x51/0xd0
[  295.298879]  RSP <ffff8844f516f950>
[  295.300880] CR2: 0000000000000000
[  295.313146] ---[ end trace da0ea97e4e86ef20 ]---
[  298.227392] usb 1-1.2: USB disconnect, device number 6
[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux