ftdi_sio BUG: NULL pointer dereference

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Mike Remski <mremski@mutualink.net>
To: linux-kernel@vger.kernel.org
Subject: ftdi_sio BUG: NULL pointer dereference
Date: Mon, 02 Jun 2014 10:25:39 -0400	[thread overview]
Message-ID: <538C8963.4010909@mutualink.net> (raw)

Please CC me as not subscribed to list.
Third party device, with FTDI chip on it.  Get this when plugging device 
in.  Discovered in kernel 2.6.32, comparing ftdi_sio.c in 2.6.32 to 
latest 3.14 code is fundamentally unchanged.   Crash looks to be 
occurring in ftdi_set_max_packet_size, at the point where 
priv->max_packet_size is being set off of ep_desc (about line 1503).  It 
looks like ep_desc is probably NULL since priv should be nonzero (set in 
ftdi_sio_port_probe() which calls ftdi_set_max_packet_size()) The 
num_endpoints detected for this device is 0;  is this valid?  Tracing 
use of priv->max_packet_size in the driver it it looks like doing 
something like:

     priv->max_packet_size = (ep_desc) ? 
le16_to_cpu(ep_desc->wMaxPacketSize) : 0x40;

would alleviate the crash, I'd like to verify that this would be valid 
to do.

thanks

Jun  2 08:22:23 evoc-rnic45 kernel: ftdi_sio 2-1:1.2: FTDI USB Serial 
Device converter detected
Jun  2 08:22:23 evoc-rnic45 kernel: usb 2-1: Detected FT2232C
Jun  2 08:22:23 evoc-rnic45 kernel: usb 2-1: Number of endpoints 0
Jun  2 08:22:23 evoc-rnic45 kernel: BUG: unable to handle kernel NULL 
pointer dereference at 00000030
Jun  2 08:22:23 evoc-rnic45 kernel: IP: [<f8abd4a7>] 
ftdi_sio_port_probe+0x267/0x730 [ftdi_sio]
Jun  2 08:22:23 evoc-rnic45 kernel: *pdpt = 0000000035e4a001 *pde = 
000000003dd29067
Jun  2 08:22:23 evoc-rnic45 kernel: Oops: 0000 [#1] SMP
Jun  2 08:22:23 evoc-rnic45 kernel: last sysfs file: 
/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/manufacturer
Jun  2 08:22:23 evoc-rnic45 kernel: Modules linked in: ftdi_sio 
usbserial mlSysLeds(U) coretemp hwmon sunrpc cpufreq_ondemand 
acpi_cpufreq ipv6 ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 xt_state 
nf_conntrack iptable_filter ip_tables snd_usb_audio snd_seq snd_pcm 
snd_timer snd_page_alloc snd_usb_lib snd_rawmidi snd_seq_device 
snd_hwdep snd soundcore serio_raw i2c_i801 sg iTCO_wdt 
iTCO_vendor_support r8169 mii ext4 jbd2 ext3 jbd mbcache sd_mod 
crc_t10dif pata_acpi ata_generic ata_piix i915 drm_kms_helper drm 
i2c_algo_bit i2c_core video output dm_mod [last unloaded: scsi_wait_scan]
Jun  2 08:22:23 evoc-rnic45 kernel:
Jun  2 08:22:23 evoc-rnic45 kernel: Pid: 29, comm: khubd Not tainted 
(2.6.32-71.29.1.el6.i686 #1) To Be Filled By O.E.M.
Jun  2 08:22:23 evoc-rnic45 kernel: EIP: 0060:[<f8abd4a7>] EFLAGS: 
00010246 CPU: 1
Jun  2 08:22:23 evoc-rnic45 kernel: EIP is at 
ftdi_sio_port_probe+0x267/0x730 [ftdi_sio]
Jun  2 08:22:23 evoc-rnic45 kernel: EAX: 0000002c EBX: f5dbb400 ECX: 
f5df5864 EDX: f5c1f440
Jun  2 08:22:23 evoc-rnic45 kernel: ESI: f5df5800 EDI: f5dbb4f0 EBP: 
00000000 ESP: f716da58
Jun  2 08:22:23 evoc-rnic45 kernel: DS: 007b ES: 007b FS: 00d8 GS: 00e0 
SS: 0068
Jun  2 08:22:23 evoc-rnic45 kernel: Process khubd (pid: 29, ti=f716c000 
task=f70f9030 task.ti=f716c000)
Jun  2 08:22:23 evoc-rnic45 kernel: Stack:
Jun  2 08:22:23 evoc-rnic45 kernel: f8abef40 c0976b2a f61e1d00 00000000 
00000004 c057a904 f716da9c f6206c00
Jun  2 08:22:23 evoc-rnic45 kernel: <0> f6206c00 f5df5864 0000002c 
00000000 f5c1f440 f6205458 f5de4ed4 00000000
Jun  2 08:22:23 evoc-rnic45 kernel: <0> c057b236 00000000 f5dbb4f0 
f5dbb400 f8ac1ea0 f8a93c7c f5dbb4f8 00000000
Jun  2 08:22:23 evoc-rnic45 kernel: Call Trace:
Jun  2 08:22:23 evoc-rnic45 kernel: [<c057a904>] ? 
sysfs_addrm_finish+0x14/0x200
Jun  2 08:22:23 evoc-rnic45 kernel: [<c057b236>] ? 
sysfs_do_create_link+0xa6/0x120
Jun  2 08:22:23 evoc-rnic45 kernel: [<f8a93c7c>] ? 
usb_serial_device_probe+0x5c/0xd0 [usbserial]
Jun  2 08:22:23 evoc-rnic45 kernel: [<c057b2df>] ? 
sysfs_create_link+0xf/0x20
Jun  2 08:22:23 evoc-rnic45 kernel: [<c06a1c77>] ? 
driver_probe_device+0x87/0x290
Jun  2 08:22:23 evoc-rnic45 kernel: [<c07f7e62>] ? klist_next+0x62/0xd0
Jun  2 08:22:23 evoc-rnic45 kernel: [<c06a1f00>] ? __device_attach+0x0/0x50
Jun  2 08:22:23 evoc-rnic45 kernel: [<c06a0db2>] ? 
bus_for_each_drv+0x52/0x80
Jun  2 08:22:23 evoc-rnic45 kernel: [<c06a1ff2>] ? device_attach+0x72/0x90
Jun  2 08:22:23 evoc-rnic45 kernel: [<c06a1f00>] ? __device_attach+0x0/0x50
Jun  2 08:22:23 evoc-rnic45 kernel: [<c06a0b7d>] ? 
bus_probe_device+0x1d/0x40
Jun  2 08:22:23 evoc-rnic45 kernel: [<c069f336>] ? device_add+0

-- 
Office: (978)401-4032 (x123 internally)
Cell: (603) 759-6953

next             reply	other threads:[~2014-06-02 14:25 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-06-02 14:25 Mike Remski [this message]
2014-06-02 14:33 ` ftdi_sio BUG: NULL pointer dereference Johan Hovold
2014-06-02 15:16   ` Mike Remski
2014-06-02 15:40     ` Johan Hovold
2014-06-02 16:02       ` Mike Remski
2014-06-02 16:20         ` Johan Hovold
2014-06-02 16:24           ` Mike Remski
2014-06-02 16:49             ` Johan Hovold
2014-06-02 17:11               ` Mike Remski
2014-06-02 17:46                 ` Johan Hovold
2014-06-02 17:50                   ` Mike Remski
2014-06-03 10:17                   ` Mike Remski
2014-06-04 14:19                     ` Johan Hovold
2014-06-04 14:29                       ` Mike Remski
2014-06-04 14:52                         ` Johan Hovold
2014-06-04 14:54                           ` Mike Remski
2014-06-04 14:55                           ` Mike Remski
2014-06-04 15:09                             ` Johan Hovold
2014-06-04 15:12                               ` Mike Remski
2014-06-04 15:41                               ` Mike Remski
2014-06-04 16:00                                 ` Johan Hovold
2014-06-04 16:13                                   ` Mike Remski
2014-06-04 17:05                                   ` Mike Remski
2014-06-05  7:10                                     ` Johan Hovold
2014-06-02 16:09       ` Mike Remski
2014-06-02 16:23         ` Greg KH
2014-06-02 16:26           ` Mike Remski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=538C8963.4010909@mutualink.net \
    --to=mremski@mutualink.net \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.