I get a NULL pointer dereference by running "cat" on /dev/misc/uinput
I'm a newbie, but I think the patch at the bottom fixes it.
ksymoops 2.4.6 on i586 2.5.41. Options used
-v /usr/src/linux/vmlinux (specified)
-k /proc/ksyms (default)
-l /proc/modules (default)
-o /lib/modules/2.5.41/ (default)
-m /usr/src/linux/System.map (default)
Unable to handle kernel NULL pointer dereference at virtual address 00000004
c0112986
*pde = 00000000
Oops: 0002
CPU: 0
EIP: 0060:[<c0112986>] Not tainted
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010046
eax: c521e008 ebx: 00000000 ecx: c3919f5c edx: c3919f50
esi: 00000246 edi: c3918000 ebp: c3b76b40 esp: c3919f20
ds: 0068 es: 0068 ss: 0068
Stack: c521e000 00000000 c69305cd c521e008 00000000 c3cfd380 c01118c0 00000000
00000000 00000000 00000000 00000000 00000000 c3cfd380 c01118c0 00000000
00000000 00000000 c3919f7c bffff864 c3b76b40 0804e758 00000400 c3b76b60
Call Trace: [<c69305cd>] [<c01118c0>] [<c01118c0>] [<c0137f09>] [<c013803a>] [<c0107357>]
Code: 89 4b 04 89 41 04 56 9d 5b 5e c3 90 8d b4 26 00 00 00 00 8d
>>EIP; c0112986 <add_wait_queue+16/30> <=====
>>eax; c521e008 <_end+4f5f81c/6543814>
>>ecx; c3919f5c <_end+365b770/6543814>
>>edx; c3919f50 <_end+365b764/6543814>
>>edi; c3918000 <_end+3659814/6543814>
>>ebp; c3b76b40 <_end+38b8354/6543814>
>>esp; c3919f20 <_end+365b734/6543814>
Trace; c69305cd <[uinput]uinput_read+fd/170>
Trace; c01118c0 <default_wake_function+0/40>
Trace; c01118c0 <default_wake_function+0/40>
Trace; c0137f09 <vfs_read+99/d0>
Trace; c013803a <sys_read+2a/40>
Trace; c0107357 <syscall_call+7/b>
Code; c0112986 <add_wait_queue+16/30>
00000000 <_EIP>:
Code; c0112986 <add_wait_queue+16/30> <=====
0: 89 4b 04 mov %ecx,0x4(%ebx) <=====
Code; c0112989 <add_wait_queue+19/30>
3: 89 41 04 mov %eax,0x4(%ecx)
Code; c011298c <add_wait_queue+1c/30>
6: 56 push %esi
Code; c011298d <add_wait_queue+1d/30>
7: 9d popf
Code; c011298e <add_wait_queue+1e/30>
8: 5b pop %ebx
Code; c011298f <add_wait_queue+1f/30>
9: 5e pop %esi
Code; c0112990 <add_wait_queue+20/30>
a: c3 ret
Code; c0112991 <add_wait_queue+21/30>
b: 90 nop
Code; c0112992 <add_wait_queue+22/30>
c: 8d b4 26 00 00 00 00 lea 0x0(%esi,1),%esi
Code; c0112999 <add_wait_queue+29/30>
13: 8d 00 lea (%eax),%eax
--- linux-2.5.41/drivers/input/misc/uinput.c Mon Oct 7 13:24:50 2002
+++ linux-2.5.41.new/drivers/input/misc/uinput.c Wed Oct 9 03:47:15 2002
@@ -224,15 +224,14 @@
udev = (struct uinput_device *)file->private_data;
+ if (!(udev->state & UIST_CREATED))
+ return -ENODEV;
+
if (udev->head == udev->tail) {
add_wait_queue(&udev->waitq, &waitq);
current->state = TASK_INTERRUPTIBLE;
while (udev->head == udev->tail) {
- if (!(udev->state & UIST_CREATED)) {
- retval = -ENODEV;
- break;
- }
if (file->f_flags & O_NONBLOCK) {
retval = -EAGAIN;
break;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Oct 15 2002 - 22:00:30 EST