Re: crash by cdc_acm driver in kernels 4.8-rc1/5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 2016-09-29 at 15:26 +0200, Wim Osterholt wrote:
> On Wed, Sep 28, 2016 at 05:23:30PM +0200, Oliver Neukum wrote:
> > > 
> > > HP src # sync
> > > HP src # [ 3744.914184] BUG: unable to handle kernel NULL pointer dereference at 00000249
> > 
> > The last view lines before that please with the debugging level ramped
> > up to 9 please.
> 
> Recompiled again, double checked if it was really the new module.
> That doesn't seem to make any difference at all.

Hi,

sorry for the delay. Your results are strange and we will have to do it
the hard way. Could you retest with the attached patch applied
in addition to the last patch I sent?
I can see no good reason for a crash where you see a crash, so brute
force is called for.

	Regards
		Oliver


From f9344147b6c75aca8f66b728e92ab854452255ed Mon Sep 17 00:00:00 2001
From: Oliver Neukum <oneukum@xxxxxxxx>
Date: Thu, 6 Oct 2016 12:47:15 +0200
Subject: [PATCH] CDC-ACM: insanely paranoid debugging

---
 drivers/usb/class/cdc-acm.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
index 283e16e..32625a3 100644
--- a/drivers/usb/class/cdc-acm.c
+++ b/drivers/usb/class/cdc-acm.c
@@ -1319,11 +1319,13 @@ made_compressed_probe:
 	acm = kzalloc(sizeof(struct acm), GFP_KERNEL);
 	if (acm == NULL)
 		goto alloc_fail;
+	dev_dbg(&intf->dev, "descriptor allocated\n");
 
 	minor = acm_alloc_minor(acm);
 	if (minor < 0)
 		goto alloc_fail1;
 
+	dev_dbg(&intf->dev, "minor allocated\n");
 	WARN_ON(!epctrl);
 	ctrlsize = usb_endpoint_maxp(epctrl);
 	WARN_ON(!epread);
@@ -1343,6 +1345,7 @@ made_compressed_probe:
 	acm->ctrlsize = ctrlsize;
 	acm->readsize = readsize;
 	acm->rx_buflimit = num_rx_buf;
+	dev_dbg(&intf->dev, "descriptor initialized\n");
 	INIT_WORK(&acm->work, acm_softint);
 	init_waitqueue_head(&acm->wioctl);
 	spin_lock_init(&acm->write_lock);
@@ -1351,6 +1354,7 @@ made_compressed_probe:
 	acm->is_int_ep = usb_endpoint_xfer_int(epread);
 	if (acm->is_int_ep)
 		acm->bInterval = epread->bInterval;
+	dev_dbg(&intf->dev, "locks and queues initialized\n");
 	tty_port_init(&acm->port);
 	acm->port.ops = &acm_port_ops;
 	init_usb_anchor(&acm->delayed);
-- 
2.6.2
[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux