Re: S2R resume crash in 2.6.33-rc7 - NULL pointer dereference indev_get_drvdata() for usbhid

From: Bruno PrÃmont
Date: Sat Feb 13 2010 - 08:04:35 EST

Next message: Maxim Levitsky: "[PATCH 12/14] MTD: add few workarounds to nand system for SmartMedia/xD chips."
Previous message: Maxim Levitsky: "[PATCH 14/14] MTD: Add new SmartMedia/xD FTL"
In reply to: Alan Stern: "Re: S2R resume crash in 2.6.33-rc7 - NULL pointer dereference indev_get_drvdata() for usbhid"
Next in thread: Alan Stern: "Re: S2R resume crash in 2.6.33-rc7 - NULL pointer dereference indev_get_drvdata() for usbhid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 08 February 2010 Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> wrote:
> Clearly something is setting usbhid->intf to NULL. But I don't see
> any code that would do it. You may have to resort to putting
> printk() statements at various strategic places to find out where it
> happens. You could start with the beginnings and ends of hid_suspend,
> hid_resume, and hid_reset_resume. Maybe also usbhid_disconnect(),
> just in case.

I did add a few printk()s and WARN_ON()s to get a better idea of
why/when usbhid->intf is NULL and it is already since probe time of the
second interface anounced by the USB keyboard (hid.debug=1):

[ 3.822393] usb 2-2.1: new full speed USB device using uhci_hcd and address 3
[ 4.011388] usb 2-2.1: New USB device found, idVendor=058f, idProduct=9462
[ 4.011502] usb 2-2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 4.011639] usb 2-2.1: Product: Multimedia USB Keyboard
[ 4.011733] usb 2-2.1: Manufacturer: Multimedia USB Keyboard
[ 4.011826] usb 2-2.1: SerialNumber: Multimedia USB Keyboard
[ 4.014514] /usr/src/linux-2.6-git/drivers/hid/usbhid/hid-core.c: HID probe called for ifnum 0
[ 4.037712] /usr/src/linux-2.6-git/drivers/hid/usbhid/hid-core.c: submitting ctrl urb: Set_Report wValue=0x0200 wIndex=0x0000 wLength=1
[ 4.038160] input: Multimedia USB Keyboard Multimedia USB Keyboard as /devices/pci0000:00/0000:00:10.0/usb2/2-2/2-2.1/2-2.1:1.0/input/input4
[ 4.038523] generic-usb 0003:058F:9462.0001: input: USB HID v1.10 Keyboard [Multimedia USB Keyboard Multimedia USB Keyboard] on usb-0000:00:10.0-2.1/input0
[ 4.038901] /usr/src/linux-2.6-git/drivers/hid/usbhid/hid-core.c: HID probe called for ifnum 1
[ 4.066881] /usr/src/linux-2.6-git/drivers/hid/hid-core.c: usage index exceeded
[ 4.066894] /usr/src/linux-2.6-git/drivers/hid/hid-core.c: hid_add_usage failed
[ 4.066905] /usr/src/linux-2.6-git/drivers/hid/hid-core.c: item 0 2 2 2 parsing failed
[ 4.066931] /usr/src/linux-2.6-git/drivers/hid/usbhid/hid-core.c: parsing report descriptor failed
>>>> following WARNING comes from WARN_ON() I added to usbhid_parse
>>>> to know what the call stack is up to the failing report parsing
[ 4.066941] ------------[ cut here ]------------
[ 4.067065] WARNING: at /usr/src/linux-2.6-git/drivers/hid/usbhid/hid-core.c:891 usbhid_parse+0x1db/0x340()
[ 4.067226] Hardware name: CX700+W697HG
[ 4.067316] Modules linked in:
[ 4.067463] Pid: 228, comm: khubd Not tainted 2.6.33-rc7-venus #6
[ 4.067560] Call Trace:
[ 4.067662] [<c1330cdd>] ? printk+0x18/0x1b
[ 4.067763] [<c12855db>] ? usbhid_parse+0x1db/0x340
[ 4.067873] [<c10251ec>] warn_slowpath_common+0x6c/0xc0
[ 4.067976] [<c12855db>] ? usbhid_parse+0x1db/0x340
[ 4.068080] [<c1025255>] warn_slowpath_null+0x15/0x20
[ 4.068183] [<c12855db>] usbhid_parse+0x1db/0x340
[ 4.068293] [<c127ac85>] hid_device_probe+0x155/0x170
[ 4.068396] [<c11ec838>] driver_probe_device+0x68/0x160
[ 4.068500] [<c127a2a8>] ? hid_bus_match+0x88/0x160
[ 4.068605] [<c11ec9f1>] __device_attach+0x41/0x50
[ 4.068707] [<c11ebe53>] bus_for_each_drv+0x53/0x80
[ 4.068810] [<c11eca9b>] device_attach+0x6b/0x70
[ 4.068911] [<c11ec9b0>] ? __device_attach+0x0/0x50
[ 4.069014] [<c11ebc4f>] bus_probe_device+0x1f/0x40
[ 4.069117] [<c11ea557>] device_add+0x357/0x570
[ 4.069224] [<c117a693>] ? kvasprintf+0x43/0x60
[ 4.069326] [<c1172c52>] ? kobject_set_name_vargs+0x62/0x70
[ 4.069432] [<c127a76e>] hid_add_device+0x14e/0x1d0
[ 4.069579] [<c1286012>] usbhid_probe+0x202/0x360
[ 4.069685] [<c1230e8f>] usb_probe_interface+0xaf/0x1c0
[ 4.069791] [<c11ec742>] ? driver_sysfs_add+0x52/0x70
[ 4.069895] [<c11ec838>] driver_probe_device+0x68/0x160
[ 4.070000] [<c122fd90>] ? usb_device_match+0x50/0xb0
[ 4.070135] [<c11ec9f1>] __device_attach+0x41/0x50
[ 4.070234] [<c11ebe53>] bus_for_each_drv+0x53/0x80
[ 4.070338] [<c11eca9b>] device_attach+0x6b/0x70
[ 4.070434] [<c11ec9b0>] ? __device_attach+0x0/0x50
[ 4.070530] [<c11ebc4f>] bus_probe_device+0x1f/0x40
[ 4.070626] [<c11ea557>] device_add+0x357/0x570
[ 4.070722] [<c1234ccc>] ? usb_create_ep_devs+0x7c/0xb0
[ 4.070821] [<c122db03>] ? create_intf_ep_devs+0x43/0x70
[ 4.070919] [<c122f7e7>] usb_set_configuration+0x4a7/0x640
[ 4.071019] [<c1237ff9>] generic_probe+0x39/0xb0
[ 4.071120] [<c10c4352>] ? sysfs_create_link+0x12/0x20
[ 4.071218] [<c122fb5f>] usb_probe_device+0x1f/0x30
[ 4.071314] [<c11ec838>] driver_probe_device+0x68/0x160
[ 4.071412] [<c11ec9f1>] __device_attach+0x41/0x50
[ 4.071508] [<c11ebe53>] bus_for_each_drv+0x53/0x80
[ 4.071605] [<c11eca9b>] device_attach+0x6b/0x70
[ 4.071700] [<c11ec9b0>] ? __device_attach+0x0/0x50
[ 4.071797] [<c11ebc4f>] bus_probe_device+0x1f/0x40
[ 4.071892] [<c11ea557>] device_add+0x357/0x570
[ 4.071987] [<c1330cdd>] ? printk+0x18/0x1b
[ 4.072081] [<c12266ab>] ? show_string+0x4b/0x50
[ 4.072177] [<c12292d6>] usb_new_device+0x116/0x180
[ 4.072274] [<c122aadf>] hub_thread+0xdbf/0x11d0
[ 4.072372] [<c1021377>] ? dequeue_task_fair+0x27/0x1d0
[ 4.072470] [<c102106e>] ? set_next_entity+0x2e/0x70
[ 4.072567] [<c1021ef1>] ? finish_task_switch+0x31/0x80
[ 4.072669] [<c10374b0>] ? autoremove_wake_function+0x0/0x50
[ 4.072767] [<c1229d20>] ? hub_thread+0x0/0x11d0
[ 4.072863] [<c10370ec>] kthread+0x6c/0x80
[ 4.072958] [<c1037080>] ? kthread+0x0/0x80
[ 4.073053] [<c10030f6>] kernel_thread_helper+0x6/0x10
[ 4.073146] ---[ end trace 74d7f471f706deb5 ]---
[ 4.073256] generic-usb: probe of 0003:058F:9462.0002 failed with error -22
>>>> This is the WARN_ON(usbhid->intf ==NULL) I added just before
>>>> return 0 to usbhid_probe() to confirm that intf is already NULL
>>>> since the very beginning for this HID device
[ 4.073378] ------------[ cut here ]------------
[ 4.073470] WARNING: at /usr/src/linux-2.6-git/drivers/hid/usbhid/hid-core.c:1166 usbhid_probe+0x2d9/0x360()
[ 4.073606] Hardware name: CX700+W697HG
[ 4.073694] Modules linked in:
[ 4.073828] Pid: 228, comm: khubd Tainted: G W 2.6.33-rc7-venus #6
[ 4.073923] Call Trace:
[ 4.074013] [<c1330cdd>] ? printk+0x18/0x1b
[ 4.074106] [<c12860e9>] ? usbhid_probe+0x2d9/0x360
[ 4.074203] [<c10251ec>] warn_slowpath_common+0x6c/0xc0
[ 4.074299] [<c12860e9>] ? usbhid_probe+0x2d9/0x360
[ 4.074397] [<c1025255>] warn_slowpath_null+0x15/0x20
[ 4.074493] [<c12860e9>] usbhid_probe+0x2d9/0x360
[ 4.074590] [<c1230e8f>] usb_probe_interface+0xaf/0x1c0
[ 4.074688] [<c11ec742>] ? driver_sysfs_add+0x52/0x70
[ 4.074785] [<c11ec838>] driver_probe_device+0x68/0x160
[ 4.074881] [<c122fd90>] ? usb_device_match+0x50/0xb0
[ 4.074979] [<c11ec9f1>] __device_attach+0x41/0x50
[ 4.075074] [<c11ebe53>] bus_for_each_drv+0x53/0x80
[ 4.075171] [<c11eca9b>] device_attach+0x6b/0x70
[ 4.075266] [<c11ec9b0>] ? __device_attach+0x0/0x50
[ 4.075363] [<c11ebc4f>] bus_probe_device+0x1f/0x40
[ 4.075458] [<c11ea557>] device_add+0x357/0x570
[ 4.075553] [<c1234ccc>] ? usb_create_ep_devs+0x7c/0xb0
[ 4.075650] [<c122db03>] ? create_intf_ep_devs+0x43/0x70
[ 4.075749] [<c122f7e7>] usb_set_configuration+0x4a7/0x640
[ 4.075847] [<c1237ff9>] generic_probe+0x39/0xb0
[ 4.075944] [<c10c4352>] ? sysfs_create_link+0x12/0x20
[ 4.076041] [<c122fb5f>] usb_probe_device+0x1f/0x30
[ 4.076138] [<c11ec838>] driver_probe_device+0x68/0x160
[ 4.076235] [<c11ec9f1>] __device_attach+0x41/0x50
[ 4.076331] [<c11ebe53>] bus_for_each_drv+0x53/0x80
[ 4.076428] [<c11eca9b>] device_attach+0x6b/0x70
[ 4.076523] [<c11ec9b0>] ? __device_attach+0x0/0x50
[ 4.076619] [<c11ebc4f>] bus_probe_device+0x1f/0x40
[ 4.076714] [<c11ea557>] device_add+0x357/0x570
[ 4.076809] [<c1330cdd>] ? printk+0x18/0x1b
[ 4.076902] [<c12266ab>] ? show_string+0x4b/0x50
[ 4.076997] [<c12292d6>] usb_new_device+0x116/0x180
[ 4.077094] [<c122aadf>] hub_thread+0xdbf/0x11d0
[ 4.077191] [<c1021377>] ? dequeue_task_fair+0x27/0x1d0
[ 4.077288] [<c102106e>] ? set_next_entity+0x2e/0x70
[ 4.077384] [<c1021ef1>] ? finish_task_switch+0x31/0x80
[ 4.077482] [<c10374b0>] ? autoremove_wake_function+0x0/0x50
[ 4.077579] [<c1229d20>] ? hub_thread+0x0/0x11d0
[ 4.077674] [<c10370ec>] kthread+0x6c/0x80
[ 4.077768] [<c1037080>] ? kthread+0x0/0x80
[ 4.077861] [<c10030f6>] kernel_thread_helper+0x6/0x10
[ 4.077954] ---[ end trace 74d7f471f706deb6 ]---
[ 5.401011] udev: starting version 146
[ 5.672965] Linux agpgart interface v0.103
[ 5.776141] sd 0:0:0:0: Attached scsi generic sg0 type 0
[ 5.776327] sd 1:0:1:0: Attached scsi generic sg1 type 0
[ 5.968845] VIA Graphics Intergration Chipset framebuffer 2.4 initializing
[ 6.145620] agpgart: Detected VIA CX700 chipset
[ 6.155095] agpgart-via 0000:00:00.0: AGP aperture is 128M @ 0xd0000000

This lets me guess that hid_add_device() is doing something wrong
here when report parsing fails... (as that one is the only one which
could be doing the initialization of usbhid which does work for the
first interface announced by my keyboard)

Bruno
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Maxim Levitsky: "[PATCH 12/14] MTD: add few workarounds to nand system for SmartMedia/xD chips."
Previous message: Maxim Levitsky: "[PATCH 14/14] MTD: Add new SmartMedia/xD FTL"
In reply to: Alan Stern: "Re: S2R resume crash in 2.6.33-rc7 - NULL pointer dereference indev_get_drvdata() for usbhid"
Next in thread: Alan Stern: "Re: S2R resume crash in 2.6.33-rc7 - NULL pointer dereference indev_get_drvdata() for usbhid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]