From: Valdis.Kletnieks@vt.edu
To: Mauro Carvalho Chehab <mchehab@redhat.com>
Cc: Linux Media Mailing List <linux-media@vger.kernel.org>,
linux-kernel@vger.kernel.org, linux-input@vger.kernel.org,
Dmitry Torokhov <dmitry.torokhov@gmail.com>
Subject: Re: [PATCH] input: fix error at the default input_get_keycode call
Date: Thu, 20 May 2010 13:51:46 -0400 [thread overview]
Message-ID: <9427.1274377906@localhost> (raw)
In-Reply-To: Your message of "Thu, 20 May 2010 01:55:50 -0300." <4BF4C0D6.9030808@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 4991 bytes --]
On Thu, 20 May 2010 01:55:50 -0300, Mauro Carvalho Chehab said:
> [ 76.376140] BUG: unable to handle kernel NULL pointer dereference at (null)
> [ 76.376670] IP: [<c138b6d0>] input_default_getkeycode_from_index+0x40/0x60
> [ 76.376670] *pde = 00000000
> [ 76.376670] Oops: 0002 [#1] SMP
> [ 76.376670] last sysfs file: /sys/devices/virtual/block/dm-5/range
> [ 76.376670] Modules linked in: ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables ipv6 dm_mirror dm_region_hash dm_log uinput snd_intel8x0 snd_ac97_codec ac97_bus snd_seq snd_seq_device snd_pcm snd_timer snd ppdev sg parport_pc soundcore k8temp snd_page_alloc forcedeth pcspkr hwmon parport i2c_nforce2 sd_mod crc_t10dif sr_mod cdrom pata_acpi ata_generic pata_amd sata_nv floppy nouveau ttm drm_kms_helper drm i2c_algo_bit i2c_core dm_mod [last unloaded: scsi_wait_scan]
> [ 76.376670]
> [ 76.376670] Pid: 6183, comm: getkeycodes Not tainted 2.6.34 #11 C51MCP51/
> [ 76.376670] EIP: 0060:[<c138b6d0>] EFLAGS: 00210046 CPU: 0
> [ 76.376670] EIP is at input_default_getkeycode_from_index+0x40/0x60
> [ 76.376670] EAX: 00000000 EBX: 00000000 ECX: 00000002 EDX: f53ebdc8
> [ 76.376670] ESI: f53ebdc8 EDI: f5daf794 EBP: f53ebdb8 ESP: f53ebdb4
> [ 76.376670] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
> [ 76.376670] Process getkeycodes (pid: 6183, ti=f53ea000 task=f53bd060 task.ti=f53ea000)
> [ 76.376670] Stack:
> [ 76.376670] f5daf000 f53ebdec c138d233 f53ebe30 00200286 00000000 00000000 00000004
> [ 76.376670] <0> 00000000 00000000 00000000 f53ebe2c f5da0340 c16c12cc f53ebdf8 c12f4148
> [ 76.376670] <0> c12f4130 f53ebe24 c138d9f8 00000002 00000001 00000000 c138d980 c12f4130
> [ 76.376670] Call Trace:
> [ 76.376670] [<c138d233>] ? input_get_keycode+0x73/0x90
>
> input_default_getkeycode_from_index() returns the scancode at kt_entry.scancode
> pointer. Fill it with the scancode address at the function call.
>
> Thanks-to: Vladis Kletnieks <Valdis.Kletnieks@vt.edu> for pointing the issue
>
> Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com>
> Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
>
> diff --git a/drivers/input/input.c b/drivers/input/input.c
> index 3b63fad..7851d8e 100644
Still dies, but in input_set_keycode() instead...
[ 35.294528] BUG: unable to handle kernel NULL pointer dereference at (null)
[ 35.295005] IP: [<(null)>] (null)
[ 35.296935] PGD 11da3c067 PUD 11d4ad067 PMD 0
[ 35.296935] Oops: 0010 [#1] PREEMPT SMP
[ 35.299667] last sysfs file: /sys/devices/pci0000:00/0000:00:1a.7/usb1/idVendor
[ 35.300328] CPU 0
[ 35.300328] Modules linked in:
[ 35.300328]
[ 35.300328] Pid: 2481, comm: keymap Not tainted 2.6.34-mmotm0519 #1 0X564R/Latitude E6500
[ 35.300328] RIP: 0010:[<0000000000000000>] [<(null)>] (null)
[ 35.300328] RSP: 0018:ffff88011d4d5cb0 EFLAGS: 00010046
[ 35.310163] RAX: 0000000000000000 RBX: ffff88011c03e000 RCX: 0000000000000081
[ 35.310163] RDX: ffff88011d4d5cc4 RSI: ffff88011d4d5cc8 RDI: ffff88011c03e000
[ 35.310163] RBP: ffff88011d4d5d28 R08: ffff88011e9b28e8 R09: 0000000000000001
[ 35.310163] R10: ffffffff81e0b160 R11: 0000000000000004 R12: 00000000000000a4
[ 35.310163] R13: ffff88011c03e830 R14: 0000000000000286 R15: ffff88011d4d5cc8
[ 35.310163] FS: 00007f4b86283700(0000) GS:ffff880002600000(0000) knlGS:0000000000000000
[ 35.319397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 35.319397] CR2: 0000000000000000 CR3: 000000011d575000 CR4: 00000000000406f0
[ 35.319397] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 35.319397] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 35.319397] Process keymap (pid: 2481, threadinfo ffff88011d4d4000, task ffff88011e9b28c0)
[ 35.319397] Stack:
[ 35.319397] ffffffff813bf3d1 ffff88011d4d5cf8 0000008100000246 00000081000000a4
[ 35.319397] <0> 0000000000000004 0000000000000000 ffff88011d4d5cc4 ffff88011cf11200
[ 35.319397] <0> ffff88011c179000 ffff88011d4d5d28 0000000000000081 00007fff9ee21fa0
[ 35.319397] Call Trace:
[ 35.319397] [<ffffffff813bf3d1>] ? input_set_keycode+0xad/0x12c
[ 35.319397] [<ffffffff813c231d>] evdev_do_ioctl+0x22b/0x79b
[ 35.337913] [<ffffffff815a4b04>] ? __mutex_lock_common+0x564/0x580
[ 35.337913] [<ffffffff813c28ca>] ? evdev_ioctl_handler+0x3d/0x80
[ 35.341507] [<ffffffff813c28ca>] ? evdev_ioctl_handler+0x3d/0x80
[ 35.341507] [<ffffffff813c28f0>] evdev_ioctl_handler+0x63/0x80
[ 35.344034] [<ffffffff813c292a>] evdev_ioctl+0xb/0xd
[ 35.344034] [<ffffffff810ea6cd>] vfs_ioctl+0x2d/0xa1
[ 35.344034] [<ffffffff810eac4c>] do_vfs_ioctl+0x494/0x4cd
[ 35.344034] [<ffffffff810eacdc>] sys_ioctl+0x57/0x95
[ 35.344034] [<ffffffff8100266b>] system_call_fastpath+0x16/0x1b
[ 35.344034] Code: Bad RIP value.
[ 35.344034] RIP [<(null)>] (null)
[ 35.344034] RSP <ffff88011d4d5cb0>
[ 35.344034] CR2: 0000000000000000
[ 35.357018] ---[ end trace 394fa5aa8a77b6f3 ]---
[-- Attachment #2: Type: application/pgp-signature, Size: 227 bytes --]
next prev parent reply other threads:[~2010-05-20 17:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-20 4:55 [PATCH] input: fix error at the default input_get_keycode call Mauro Carvalho Chehab
2010-05-20 5:01 ` Mauro Carvalho Chehab
2010-05-20 17:51 ` Valdis.Kletnieks [this message]
2010-05-31 19:01 ` Valdis.Kletnieks
2010-06-01 22:13 ` Mauro Carvalho Chehab
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9427.1274377906@localhost \
--to=valdis.kletnieks@vt.edu \
--cc=dmitry.torokhov@gmail.com \
--cc=linux-input@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=mchehab@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.