Re: crash by cdc_acm driver in kernels 4.8-rc1/5
From: Oliver Neukum
Date: Mon Nov 21 2016 - 08:25:44 EST
On Thu, 2016-11-17 at 17:11 +0100, Wim Osterholt wrote:
> Nov 17 15:07:51 localhost kernel: Check point 10
> Nov 17 15:07:51 localhost kernel: BUG: unable to handle kernel NULL pointer dereference at 00000249
> Nov 17 15:07:51 localhost kernel: IP: [<e186ece2>] acm_probe+0x559/0xe53 [cdc_acm]
> Nov 17 15:07:51 localhost kernel: *pde = 00000000
> Nov 17 15:07:51 localhost kernel: Oops: 0000 [#1] SMP
I don't understand it, bit please test the attached patch
with dynamic debugging for cdc-acm and the kernel log level
at maximum. And please repost "lsusb -v" for your device.
Regards
Oliver
From 51665f8ce6e13ba11b93b856290135bfe529d835 Mon Sep 17 00:00:00 2001
From: Oliver Neukum <oneukum@xxxxxxxx>
Date: Mon, 21 Nov 2016 14:08:31 +0100
Subject: [PATCH] CDC-ACM: debugging for parsed descriptors
This is necessary to debug the parser on malformed headers.
Signed-off-by: Oliver Neukum <oneukum@xxxxxxxx>
---
drivers/usb/class/cdc-acm.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
index 6895f9e..f03b5db 100644
--- a/drivers/usb/class/cdc-acm.c
+++ b/drivers/usb/class/cdc-acm.c
@@ -1188,6 +1188,12 @@ static int acm_probe(struct usb_interface *intf,
cdc_parse_cdc_header(&h, intf, buffer, buflen);
union_header = h.usb_cdc_union_desc;
+
+ dev_dbg(&intf->dev, "Parsed device header\n");
+ dev_dbg(&intf->dev, "Union descriptor %p\n", h.usb_cdc_union_desc);
+ dev_dbg(&intf->dev, "ACM descriptor %p\n", h.usb_cdc_acm_descriptor);
+ dev_dbg(&intf->dev, "Country descriptor %p\n", h.usb_cdc_country_functional_desc);
+
cmgmd = h.usb_cdc_call_mgmt_descriptor;
if (cmgmd)
call_intf_num = cmgmd->bDataInterface;
--
2.1.4