Re: crash by cdc_acm driver in kernels 4.8-rc1/5
From: Oliver Neukum
Date: Thu Oct 06 2016 - 06:59:13 EST
On Thu, 2016-09-29 at 15:26 +0200, Wim Osterholt wrote:
> On Wed, Sep 28, 2016 at 05:23:30PM +0200, Oliver Neukum wrote:
> > >
> > > HP src # sync
> > > HP src # [ 3744.914184] BUG: unable to handle kernel NULL pointer dereference at 00000249
> >
> > The last view lines before that please with the debugging level ramped
> > up to 9 please.
>
> Recompiled again, double checked if it was really the new module.
> That doesn't seem to make any difference at all.
Hi,
sorry for the delay. Your results are strange and we will have to do it
the hard way. Could you retest with the attached patch applied
in addition to the last patch I sent?
I can see no good reason for a crash where you see a crash, so brute
force is called for.
Regards
Oliver
From f9344147b6c75aca8f66b728e92ab854452255ed Mon Sep 17 00:00:00 2001
From: Oliver Neukum <oneukum@xxxxxxxx>
Date: Thu, 6 Oct 2016 12:47:15 +0200
Subject: [PATCH] CDC-ACM: insanely paranoid debugging
---
drivers/usb/class/cdc-acm.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
index 283e16e..32625a3 100644
--- a/drivers/usb/class/cdc-acm.c
+++ b/drivers/usb/class/cdc-acm.c
@@ -1319,11 +1319,13 @@ made_compressed_probe:
acm = kzalloc(sizeof(struct acm), GFP_KERNEL);
if (acm == NULL)
goto alloc_fail;
+ dev_dbg(&intf->dev, "descriptor allocated\n");
minor = acm_alloc_minor(acm);
if (minor < 0)
goto alloc_fail1;
+ dev_dbg(&intf->dev, "minor allocated\n");
WARN_ON(!epctrl);
ctrlsize = usb_endpoint_maxp(epctrl);
WARN_ON(!epread);
@@ -1343,6 +1345,7 @@ made_compressed_probe:
acm->ctrlsize = ctrlsize;
acm->readsize = readsize;
acm->rx_buflimit = num_rx_buf;
+ dev_dbg(&intf->dev, "descriptor initialized\n");
INIT_WORK(&acm->work, acm_softint);
init_waitqueue_head(&acm->wioctl);
spin_lock_init(&acm->write_lock);
@@ -1351,6 +1354,7 @@ made_compressed_probe:
acm->is_int_ep = usb_endpoint_xfer_int(epread);
if (acm->is_int_ep)
acm->bInterval = epread->bInterval;
+ dev_dbg(&intf->dev, "locks and queues initialized\n");
tty_port_init(&acm->port);
acm->port.ops = &acm_port_ops;
init_usb_anchor(&acm->delayed);
--
2.6.2