Re: crash by cdc_acm driver in kernels 4.8-rc1/5
From: Wim Osterholt
Date: Tue Sep 27 2016 - 12:34:28 EST
On Thu, Sep 22, 2016 at 04:40:50PM +0200, Oliver Neukum wrote:
>
> dmesg -c
> echo 9 > /proc/sysrq-trigger
> modprobe cdc_acm
> echo "module cdc_acm +mpf" > /sys/kernel/debug/dynamic_debug/control
>
> [plug your device in]
>
> and provide the full output of dmesg after that.
After some experimenting I succeeded in grabbing it over the serial port.
The console was immedately frozen, but the serial port kept working:
[ 407.859834] sysrq: SysRq : Changing Loglevel
[ 407.908433] sysrq: Loglevel set to 9
[ 407.980538] usbcore: registered new interface driver cdc_acm
[ 408.044439] cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
[ 410.480711] usb 6-1: new full-speed USB device number 2 using uhci_hcd
[ 410.696717] usb 6-1: New USB device found, idVendor=0572, idProduct=1340
[ 410.700739] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 410.704738] usb 6-1: Product: USB Modem
[ 410.708735] usb 6-1: Manufacturer: Conexant
[ 410.708738] usb 6-1: SerialNumber: 12345678
[ 410.763492] cdc_acm:acm_probe: cdc_acm 6-1:1.0: interfaces are valid
[ 410.763515] BUG: unable to handle kernel NULL pointer dereference at 00000249
[ 410.763522] IP: [<e08dfc77>] acm_probe+0x4ee/0xc8c [cdc_acm]
[ 410.763524] *pde = 00000000
[ 410.763526] Oops: 0000 [#1] SMP
[ 410.763562] Modules linked in: cdc_acm nouveau video drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm agpgart i2c_algo_bit cfg80211 rfkill binfmt_misc snd_pcm_oss snd_mixer_oss fbcon bitblit softcursor font tileblit sr9700 dm9601 usb_storage usbnet snd_hda_codec_generic mii snd_hda_intel snd_hda_codec tg3 snd_hwdep ptp snd_hda_core pps_core snd_pcm gpio_ich libphy firmware_class pcspkr ohci_pci lpc_ich ppdev snd_timer mfd_core ohci_hcd snd uhci_hcd wmi parport_pc floppy ehci_pci soundcore parport ehci_hcd acpi_cpufreq button processor
[ 410.763565] CPU: 0 PID: 429 Comm: kworker/0:1 Not tainted 4.8.0-rc8 #1
[ 410.763567] Hardware name: Hewlett-Packard HP xw4300 Workstation/0A00h, BIOS 786D3 v01.08 03/10/2006
[ 410.763572] Workqueue: usb_hub_wq hub_event
[ 410.763574] task: df523f00 task.stack: dec30000
[ 410.763576] EIP: 0060:[<e08dfc77>] EFLAGS: 00010202 CPU: 0
[ 410.763579] EIP is at acm_probe+0x4ee/0xc8c [cdc_acm]
[ 410.763581] EAX: 00000246 EBX: decff000 ECX: e08e1854 EDX: 00000000
[ 410.763582] ESI: 00000100 EDI: 00000000 EBP: dec31c18 ESP: dec31b80
[ 410.763584] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 410.763586] CR0: 80050033 CR2: 00000249 CR3: 13edd000 CR4: 00000690
[ 410.763587] Stack:
[ 410.763592] 00003a20 00003d01 0000000f df4a9d50 00000000 00000000 00000010 00000040
[ 410.763597] 00000080 00000246 df650ec0 dee42800 da86f470 00000001 df7d2e80 df7d2eb8
[ 410.763601] da86f400 dee42600 dee42800 00000000 da95f000 00000004 00000246 dec31c00
[ 410.763602] Call Trace:
[ 410.763609] [<c04cee8d>] ? __mutex_unlock_slowpath+0xf4/0xfc
[ 410.763614] [<c03cda6c>] ? usb_probe_interface+0x17b/0x1f6
[ 410.763616] [<c03cda6c>] ? usb_probe_interface+0x17b/0x1f6
[ 410.763620] [<c0361090>] ? driver_probe_device+0x17b/0x30e
[ 410.763622] [<c0361090>] ? driver_probe_device+0x17b/0x30e
[ 410.763625] [<c035f78a>] ? bus_for_each_drv+0x59/0x68
[ 410.763627] [<c035f78a>] ? bus_for_each_drv+0x59/0x68
[ 410.763629] [<c0360e3e>] ? __device_attach+0x91/0x105
[ 410.763631] [<c0361324>] ? driver_allows_async_probing+0x2f/0x2f
[ 410.763634] [<c0360412>] ? bus_probe_device+0x27/0x6b
[ 410.763636] [<c0360412>] ? bus_probe_device+0x27/0x6b
[ 410.763638] [<c035eb98>] ? device_add+0x289/0x4be
[ 410.763641] [<c03cc3d1>] ? usb_set_configuration+0x5a6/0x5e9
[ 410.763643] [<c03cc3d1>] ? usb_set_configuration+0x5a6/0x5e9
[ 410.763647] [<c03d3bc0>] ? generic_probe+0x3b/0x67
[ 410.763649] [<c03d3bc0>] ? generic_probe+0x3b/0x67
[ 410.763652] [<c03cd8d8>] ? usb_probe_device+0x49/0x62
[ 410.763654] [<c03cd88f>] ? usb_suspend+0xcd/0xcd
[ 410.763656] [<c0361090>] ? driver_probe_device+0x17b/0x30e
[ 410.763658] [<c0361090>] ? driver_probe_device+0x17b/0x30e
[ 410.763661] [<c035f78a>] ? bus_for_each_drv+0x59/0x68
[ 410.763663] [<c035f78a>] ? bus_for_each_drv+0x59/0x68
[ 410.763665] [<c0360e3e>] ? __device_attach+0x91/0x105
[ 410.763667] [<c0361324>] ? driver_allows_async_probing+0x2f/0x2f
[ 410.763670] [<c0360412>] ? bus_probe_device+0x27/0x6b
[ 410.763672] [<c0360412>] ? bus_probe_device+0x27/0x6b
[ 410.763674] [<c035eb98>] ? device_add+0x289/0x4be
[ 410.763677] [<c03598a4>] ? add_device_randomness+0x84/0x9c
[ 410.763680] [<c03c477c>] ? usb_new_device+0x29d/0x3b5
[ 410.763681] [<c03c477c>] ? usb_new_device+0x29d/0x3b5
[ 410.763684] [<c03c5eab>] ? hub_event+0xb32/0xed8
[ 410.763686] [<c03c5eab>] ? hub_event+0xb32/0xed8
[ 410.763689] [<c03c5268>] ? usb_remote_wakeup+0x6f/0x7d
[ 410.763693] [<c0148318>] ? process_one_work+0x174/0x2bc
[ 410.763695] [<c0148318>] ? process_one_work+0x174/0x2bc
[ 410.763698] [<c01488f4>] ? worker_thread+0x22c/0x2f6
[ 410.763700] [<c01486c8>] ? rescuer_thread+0x23f/0x23f
[ 410.763703] [<c014bcc9>] ? kthread+0xa4/0xa9
[ 410.763706] [<c04d06a2>] ? ret_from_kernel_thread+0xe/0x24
[ 410.763708] [<c014bc25>] ? kthread_create_on_node+0x101/0x101
[ 410.763734] Code: 14 89 83 b4 04 00 00 8b 45 94 89 43 04 8b 45 ac 89 43 08 8b 85 7c ff ff ff 89 83 c0 04 00 00 8b 45 a8 89 03 8b 45 c0 85 c0 74 0a <0f> b6 40 03 89 83 c8 04 00 00 f6 45 9c 04 74 07 83 a3 c8 04 00
[ 410.763738] EIP: [<e08dfc77>] acm_probe+0x4ee/0xc8c [cdc_acm] SS:ESP 0068:dec31b80
[ 410.763739] CR2: 0000000000000249
[ 410.763742] ---[ end trace 6872abde65b2c9e1 ]---
[ 410.763838] BUG: unable to handle kernel paging request at ffffffec
[ 410.763841] IP: [<c014c16b>] kthread_data+0xf/0x13
[ 410.763844] *pde = 00770067 *pte = 00000000
[ 410.763846] Oops: 0000 [#2] SMP
[ 410.763875] Modules linked in: cdc_acm nouveau video drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm agpgart i2c_algo_bit cfg80211 rfkill binfmt_misc snd_pcm_oss snd_mixer_oss fbcon bitblit softcursor font tileblit sr9700 dm9601 usb_storage usbnet snd_hda_codec_generic mii snd_hda_intel snd_hda_codec tg3 snd_hwdep ptp snd_hda_core pps_core snd_pcm gpio_ich libphy firmware_class pcspkr ohci_pci lpc_ich ppdev snd_timer mfd_core ohci_hcd snd uhci_hcd wmi parport_pc floppy ehci_pci soundcore parport ehci_hcd acpi_cpufreq button processor
[ 410.763878] CPU: 0 PID: 429 Comm: kworker/0:1 Tainted: G D 4.8.0-rc8 #1
[ 410.763880] Hardware name: Hewlett-Packard HP xw4300 Workstation/0A00h, BIOS 786D3 v01.08 03/10/2006
[ 410.763888] task: df523f00 task.stack: dec30000
[ 410.763890] EIP: 0060:[<c014c16b>] EFLAGS: 00010002 CPU: 0
[ 410.763892] EIP is at kthread_data+0xf/0x13
[ 410.763893] EAX: 00000000 EBX: dec32000 ECX: b3d25f6d EDX: df523f00
[ 410.763895] ESI: df5241b4 EDI: dfb94940 EBP: dec31f48 ESP: dec31f44
[ 410.763896] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 410.763898] CR0: 80050033 CR2: 00000014 CR3: 1ee16000 CR4: 00000690
[ 410.763899] Stack:
[ 410.763904] c0148a1c dec31f6c c04cd2e4 00000000 00000000 df523f00 00000246 dec32000
[ 410.763909] dec31d50 dec31f98 dec31f78 c04cd6a9 df523f00 dec31fac c013967e df524288
[ 410.763913] 01000000 df52412c df4e0000 00000001 00000000 dec31f98 dec31f98 00000009
[ 410.763914] Call Trace:
[ 410.763917] [<c0148a1c>] ? wq_worker_sleeping+0xd/0x75
[ 410.763919] [<c04cd2e4>] ? __schedule+0xcc/0x424
[ 410.763922] [<c04cd6a9>] ? schedule+0x6d/0x7a
[ 410.763925] [<c013967e>] ? do_exit+0x74d/0x775
[ 410.763929] [<c04d16b9>] ? rewind_stack_do_exit+0x11/0x13
[ 410.763931] [<c014bc25>] ? kthread_create_on_node+0x101/0x101
[ 410.763957] Code: 8d 44 b0 4d c0 8d 0c 95 00 00 00 00 29 cb b9 02 00 00 00 89 da 5b 5d e9 f5 fd ff ff 55 89 e5 3e 8d 74 26 00 8b 80 84 02 00 00 5d <8b> 40 ec c3 55 89 e5 52 3e 8d 74 26 00 b9 04 00 00 00 8b 90 84
[ 410.763960] EIP: [<c014c16b>] kthread_data+0xf/0x13 SS:ESP 0068:dec31f44
[ 410.763961] CR2: 00000000ffffffec
[ 410.763964] ---[ end trace 6872abde65b2c9e2 ]---
[ 410.763965] Fixing recursive fault but reboot is needed!
Regards, Wim.