potential USB bug while plugging/unplugging phone

[Christian Hoffmann <chrmhoffmann@gmail.com>]

Hi,

running a loop like this:

while true; do lsusb; done

and plugging my mtk phone in, the stack below happened.

Version: Linux c3po 4.2.0-18-generic #22-Ubuntu SMP Fri Nov 6 18:25:50 
UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Full dmesg: https://dl.dropboxusercontent.com/u/21820416/usb-crash.dmesg

Rgds,
Chris

[16323.481289] usb 5-3: USB disconnect, device number 5
[16602.047146] usb 9-3: new full-speed USB device number 5 using ohci-pci
[16602.215677] usb 9-3: config 1 has an invalid descriptor of length 0, 
skipping remainder of the config
[16602.215682] usb 9-3: config 1 has 1 interface, different from the 
descriptor's value: 2
[16602.215687] usb 9-3: New USB device found, idVendor=0e8d, idProduct=0003
[16602.215689] usb 9-3: New USB device strings: Mfr=0, Product=0, 
SerialNumber=0
[16602.312280] BUG: unable to handle kernel NULL pointer dereference at 
0000000000000008
[16602.312384] IP: [<ffffffffc08eb5e6>] acm_probe+0x186/0x1230 [cdc_acm]
[16602.312464] PGD 0
[16602.312489] Oops: 0000 [#1] SMP
[16602.312531] Modules linked in: cdc_acm(+) nfsv3 rpcsec_gss_krb5 nfsv4 
nfs fscache rfcomm xt_addrtype xt_conntrack ipt_MASQUERADE 
nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 
nf_nat_ipv4 iptable_filter ip_tables x_tables nf_nat nf_conntrack bridge 
stp llc dm_thin_pool dm_persistent_data dm_bio_prison dm_bufio libcrc32c 
pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) binfmt_misc 
vboxdrv(OE) bnep btusb btrtl btbcm btintel bluetooth input_leds joydev 
snd_hda_codec_realtek snd_hda_codec_generic snd_hda_codec_hdmi kvm_amd 
kvm snd_hda_intel edac_core snd_hda_codec snd_hda_core serio_raw 
snd_seq_midi k10temp snd_seq_midi_event snd_hwdep edac_mce_amd 
snd_rawmidi snd_pcm i2c_piix4 snd_seq snd_seq_device snd_timer 
asus_atk0110 8250_fintek snd mac_hid soundcore shpchp nfsd hwmon_vid
[16602.313551]  auth_rpcgss msr nfs_acl parport_pc lockd grace ppdev 
sunrpc lp parport autofs4 raid10 raid456 async_raid6_recov async_memcpy 
async_pq async_xor async_tx xor raid6_pq raid1 multipath linear raid0 
uas usb_storage pata_acpi hid_generic usbhid hid amdkfd amd_iommu_v2 
radeon firewire_ohci psmouse i2c_algo_bit ttm r8169 firewire_core mii 
drm_kms_helper crc_itu_t ahci drm libahci pata_jmicron wmi
[16602.314040] CPU: 1 PID: 9808 Comm: systemd-udevd Tainted: G 
  OE   4.2.0-18-generic #22-Ubuntu
[16602.314155] Hardware name: System manufacturer System Product 
Name/M4A89GTD-PRO/USB3, BIOS 2301    07/18/2011
[16602.314277] task: ffff88021181f080 ti: ffff880212e78000 task.ti: 
ffff880212e78000
[16602.314367] RIP: 0010:[<ffffffffc08eb5e6>]  [<ffffffffc08eb5e6>] 
acm_probe+0x186/0x1230 [cdc_acm]
[16602.314478] RSP: 0018:ffff880212e7b9f8  EFLAGS: 00010246
[16602.314543] RAX: 0000000000000000 RBX: ffff880214422000 RCX: 
ffff8801c5550400
[16602.314629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 
0000000000000001
[16602.314715] RBP: ffff880212e7bab8 R08: ffff8802131ca1f8 R09: 
0000000000000000
[16602.314802] R10: ffffea0000093600 R11: 0000000000000020 R12: 
ffff880214422000
[16602.314888] R13: ffffffffc08f0108 R14: ffff88010269cf72 R15: 
0000000000000013
[16602.314976] FS:  00007f634d0068c0(0000) GS:ffff88021fc40000(0000) 
knlGS:00000000f7542940
[16602.315075] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[16602.315144] CR2: 0000000000000008 CR3: 000000012f011000 CR4: 
00000000000006e0
[16602.315230] Stack:
[16602.315254]  ffff88021181f080 ffffffff81277334 00000000ffffffea 
0000000000000000
[16602.315347]  ffff880212e7ba58 ffffffff812779ae ffff8802131ca7f8 
000000009f186511
[16602.315440]  ffff880214422090 ffff880200000010 0000000000000000 
ffff880214422140
[16602.315533] Call Trace:
[16602.315566]  [<ffffffff81277334>] ? kernfs_link_sibling+0x94/0xc0
[16602.315640]  [<ffffffff812779ae>] ? kernfs_add_one+0xee/0x140
[16602.315712]  [<ffffffff815e4562>] usb_probe_interface+0x1b2/0x2d0
[16602.315787]  [<ffffffff81520b0a>] driver_probe_device+0x21a/0x490
[16602.315861]  [<ffffffff81520e10>] __driver_attach+0x90/0xa0
[16602.315928]  [<ffffffff81520d80>] ? driver_probe_device+0x490/0x490
[16602.316005]  [<ffffffff8151e6ac>] bus_for_each_dev+0x6c/0xc0
[16602.316074]  [<ffffffff815202ae>] driver_attach+0x1e/0x20
[16602.316140]  [<ffffffff8151fddb>] bus_add_driver+0x1eb/0x280
[16602.316210]  [<ffffffff815216b0>] driver_register+0x60/0xe0
[16602.316277]  [<ffffffff815e2e74>] usb_register_driver+0x84/0x140
[16602.316351]  [<ffffffffc0863000>] ? 0xffffffffc0863000
[16602.316414]  [<ffffffffc08630c3>] acm_init+0xc3/0x1000 [cdc_acm]
[16602.316489]  [<ffffffff81002123>] do_one_initcall+0xb3/0x200
[16602.316558]  [<ffffffff811c2835>] ? __vunmap+0x95/0xf0
[16602.316622]  [<ffffffff811de027>] ? kmem_cache_alloc_trace+0x187/0x1f0
[16602.316702]  [<ffffffff817e66c8>] ? do_init_module+0x28/0x1e7
[16602.316772]  [<ffffffff817e6700>] do_init_module+0x60/0x1e7
[16602.316840]  [<ffffffff81102876>] load_module+0x1676/0x1c10
[16602.316907]  [<ffffffff810fe9c0>] ? __symbol_put+0x60/0x60
[16602.316975]  [<ffffffff81202f80>] ? kernel_read+0x50/0x80
[16602.317041]  [<ffffffff81103069>] SyS_finit_module+0xb9/0xf0
[16602.317111]  [<ffffffff817ef9f2>] entry_SYSCALL_64_fastpath+0x16/0x75
[16602.317189] Code: 0f 84 26 02 00 00 44 39 6d 98 74 0d f6 05 d4 4c 00 
00 04 0f 85 24 09 00 00 48 8b 4d b8 48 39 4d c8 0f 84 36 09 00 00 48 8b 
45 c8 <48> 8b 40 08 80 78 05 0a 0f 84 7e 02 00 00 48 8b 45 b8 48 8b 40
[16602.317506] RIP  [<ffffffffc08eb5e6>] acm_probe+0x186/0x1230 [cdc_acm]
[16602.317590]  RSP <ffff880212e7b9f8>
[16602.317631] CR2: 0000000000000008
[16602.351424] ---[ end trace c6faa535f8cd71f5 ]---
[16605.324490] usb 9-3: USB disconnect, device number 5