Oops on irattach with stir4200 device

[kruegerha]

I use the latest irda source with kernel 5.15.52 (-gentoo, hope that does not make a difference)... The Oops occurs on the "irattach irda0 -s" command. Interestingly, I was able to download data from the connected dive computer, even though the system became unstable afterwards. I hope the following output is helpful. I'm happy to do all the testing needed to track this down.

[ 426.096971] IrCOMM protocol (Dag Brattli) [ 447.214784] usb 7-1: new full-speed USB device number 2 using uhci_hcd [ 447.374810] usb 7-1: New USB device found, idVendor=066f, idProduct=4200, bcdDevice= 0.08 [ 447.374814] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0 [ 447.374816] usb 7-1: Product: IrDA/USB Bridge [ 447.374818] usb 7-1: Manufacturer: Sigmatel Inc [ 447.396818] SigmaTel STIr4200 IRDA/USB found at address 2, Vendor: 66f, Product: 4200 [ 447.396997] stir4200 7-1:1.0: IrDA: Registered SigmaTel device irda0 [ 447.397025] usbcore: registered new interface driver stir4200 [ 581.056241] BUG: kernel NULL pointer dereference, address: 000000000000048c [ 581.056248] #PF: supervisor read access in kernel mode [ 581.056250] #PF: error_code(0x0000) - not-present page [ 581.056253] PGD 0 P4D 0 [ 581.056256] Oops: 0000 [#1] SMP PTI [ 581.056260] CPU: 3 PID: 3861 Comm: irattach Tainted: P O 5.15.52-gentoo #3 [ 581.056263] Hardware name: System manufacturer System Product Name/P5B-E, BIOS 1807 04/15/2009 [ 581.056265] RIP: 0010:ip_mc_up+0x38/0xa0 [ 581.056271] Code: 48 8b 45 00 31 d2 b9 c0 0c 00 00 be e0 00 00 01 48 89 ef 48 8b 80 b0 04 00 00 48 c7 45 50 48 e8 01 00 48 c7 45 58 10 27 00 00 <8b> 80 8c 04 00 00 88 45 60 e8 ca e8 ff ff 48 8b 5d 18 48 85 db 74 [ 581.056274] RSP: 0018:ffffb29e4311bcc8 EFLAGS: 00010246 [ 581.056276] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000cc0 [ 581.056278] RDX: 0000000000000000 RSI: 00000000010000e0 RDI: ffff8af176035400 [ 581.056280] RBP: ffff8af176035400 R08: 0000000000000000 R09: ffffb29e4311bc60 [ 581.056282] R10: ffffb29e4311bd48 R11: ffff8af277d286b0 R12: ffff8af173694000 [ 581.056284] R13: ffff8af176035400 R14: 00000000000000c1 R15: 0000000000000000 [ 581.056286] FS: 00007fba4f79b740(0000) GS:ffff8af277d80000(0000) knlGS:0000000000000000 [ 581.056289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 581.056291] CR2: 000000000000048c CR3: 0000000107ab2000 CR4: 00000000000406e0 [ 581.056293] Call Trace: [ 581.056296] [ 581.056298] inetdev_event+0x28d/0x620 [ 581.056303] ? raw_notifier_call_chain+0x3f/0x50 [ 581.056307] raw_notifier_call_chain+0x3f/0x50 [ 581.056311] __dev_notify_flags+0x53/0xe0 [ 581.056315] dev_change_flags+0x43/0x50 [ 581.056318] dev_ioctl+0x15a/0x4f0 [ 581.056322] ? _copy_from_user+0x28/0x60 [ 581.056326] sock_do_ioctl+0xa2/0xf0 [ 581.056330] sock_ioctl+0x1c4/0x2d0 [ 581.056333] __x64_sys_ioctl+0x7d/0xb0 [ 581.056337] do_syscall_64+0x3b/0x90 [ 581.056342] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 581.056346] RIP: 0033:0x7fba4f89cb1b [ 581.056348] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <3d> 00 f0 ff ff 41 89 c0 77 1b 48 8b 44 24 18 64 48 2b 04 25 28 00 [ 581.056351] RSP: 002b:00007ffd8ae7f1c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 581.056354] RAX: ffffffffffffffda RBX: 00000000000000c1 RCX: 00007fba4f89cb1b [ 581.056356] RDX: 00007ffd8ae7f220 RSI: 0000000000008914 RDI: 0000000000000001 [ 581.056358] RBP: 0000000000000001 R08: 000000000000000a R09: 000056125908cdb0 [ 581.056360] R10: 00007fba4f7afd90 R11: 0000000000000246 R12: 00000000ffffffff [ 581.056362] R13: 00007ffd8ae7f220 R14: 0000561258bc6300 R15: 0000561258bc43d2 [ 581.056364] [ 581.056366] Modules linked in: stir4200(O) ircomm_tty(O) ircomm(O) irda(O) rfcomm nvidia_modeset(PO) nvidia(PO) cifs cifs_arc4 cifs_md4 algif_hash ecb algif_skcipher af_alg bnep snd_hda_codec_generic ledtrig_audio btusb btrtl btbcm btintel bluetooth ecdh_generic ecc snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hwdep snd_hda_core snd_pcm atl1 [last unloaded: vboxdrv] [ 581.056393] CR2: 000000000000048c [ 581.056395] ---[ end trace a2a7fe0d51352747 ]--- [ 581.056397] RIP: 0010:ip_mc_up+0x38/0xa0 [ 581.056399] Code: 48 8b 45 00 31 d2 b9 c0 0c 00 00 be e0 00 00 01 48 89 ef 48 8b 80 b0 04 00 00 48 c7 45 50 48 e8 01 00 48 c7 45 58 10 27 00 00 <8b> 80 8c 04 00 00 88 45 60 e8 ca e8 ff ff 48 8b 5d 18 48 85 db 74 [ 581.056402] RSP: 0018:ffffb29e4311bcc8 EFLAGS: 00010246 [ 581.056404] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000cc0 [ 581.056406] RDX: 0000000000000000 RSI: 00000000010000e0 RDI: ffff8af176035400 [ 581.056408] RBP: ffff8af176035400 R08: 0000000000000000 R09: ffffb29e4311bc60 [ 581.056410] R10: ffffb29e4311bd48 R11: ffff8af277d286b0 R12: ffff8af173694000 [ 581.056412] R13: ffff8af176035400 R14: 00000000000000c1 R15: 0000000000000000 [ 581.056414] FS: 00007fba4f79b740(0000) GS:ffff8af277d80000(0000) knlGS:0000000000000000 [ 581.056417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 581.056419] CR2: 000000000000048c CR3: 0000000107ab2000 CR4: 00000000000406e0

[cschramm]

Immediately reminds me a lot of #4. Are you sure the latest revision is in use, especially that 67cf035f965e7d6d3c07020c6cdb5e4c6b803e5d is included? If you're using dkms, dkms status should tell you.

[kruegerha]

Yep, I used the latest (a0cb7c0). However, I found that CONFIG_ATALK was not set on the current kernel... works a lot better with it! ;-)

To be honest, I don't understand the details... In the last kernel I used (with in-tree-irda, 4.14.275) ATALK was not set, and it worked....

[cschramm]

To be honest, I don't understand the details... In the last kernel I used (with in-tree-irda, 4.14.275) ATALK was not set, and it worked....

Funny story: in-tree-irda always misused atalk_ptr in struct net_device to store its struct irlap_cb * (/* FIXME: should we get our own field? */ :see_no_evil:). The field was thus guarded by #if IS_ENABLED(CONFIG_IRDA) || IS_ENABLED(CONFIG_ATALK), so if ATALK was not enabled but IRDA was, the field was present.

I actually think that

Starting with Linux 5.17 the irda module requires Appletalk protocol support to be enabled.

is incorrect / misleading. Any kernel version needs IRDA or ATALK to have the field. Starting with 5.17 irda cannot build without it (as the field is not defined), but with earlier versions it should build (as the field is defined...) but still crash (...but not present).