Kernel Oops

[comcute]

I am getting Kernel Oops after insmod mcp2210.ko.

Here is the trace: [ 46.954217] mcp2210_init [ 46.954234] mcp2210_probe [ 46.954243] BUG: unable to handle kernel NULL pointer dereference at 00000000000000d8 [ 46.954245] IP: [] dev_printk+0x11/0x90 [ 46.954251] PGD 0 [ 46.954252] Oops: 0000 [#1] SMP [ 46.954254] Modules linked in: mcp2210(OF+) pci_stub vboxpci(OF) vboxnetadp(OF) vboxnetflt(OF) vboxdrv(OF) autofs4(F) dm_crypt(F) parport_pc(F) ppdev(F) rfcomm bnep bluetooth nfsd(F) auth_rpcgss(F) binfmt_misc(F) nfs_acl(F) nfs(F) lockd(F) sunrpc(F) fscache(F) snd_hda_codec_hdmi x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel(F) kvm(F) nvidia(POF) crct10dif_pclmul(F) crc32_pclmul(F) ghash_clmulni_intel(F) aesni_intel(F) aes_x86_64(F) lrw(F) gf128mul(F) glue_helper(F) ablk_helper(F) gpio_ich cryptd(F) snd_ice1724 snd_ak4113 snd_hda_codec_realtek snd_pt2258 snd_ak4114 snd_i2c snd_ice17xx_ak4xxx snd_hda_intel snd_ak4xxx_adda snd_ac97_codec snd_hda_codec ac97_bus snd_hwdep(F) snd_pcm(F) snd_seq_midi(F) snd_seq_midi_event(F) snd_rawmidi(F) microcode(F) serio_raw(F) snd_page_alloc(F) snd_seq(F) lpc_ich snd_seq_device(F) snd_timer(F) snd(F) soundcore(F) mei_me mei mac_hid lp(F) parport(F) hid_generic usbhid hid r8169 ahci(F) libahci(F) mii(F) [ 46.954287] CPU: 0 PID: 2934 Comm: insmod Tainted: PF O 3.11.0-14-generic #21-Ubuntu [ 46.954288] Hardware name: Gigabyte Technology Co., Ltd. P67A-UD3P-B3/P67A-UD3P-B3, BIOS F7 10/13/2011 [ 46.954289] task: ffff8801cbbf2ee0 ti: ffff88020fec0000 task.ti: ffff88020fec0000 [ 46.954290] RIP: 0010:[] [] dev_printk+0x11/0x90 [ 46.954293] RSP: 0018:ffff88020fec1ad0 EFLAGS: 00010206 [ 46.954294] RAX: ffff88020fec1af0 RBX: ffff88020eff6000 RCX: ffffffffa0f721c5 [ 46.954295] RDX: ffff88020fec1ae0 RSI: 0000000000000088 RDI: ffffffffa0f733f9 [ 46.954296] RBP: ffff88020fec1ad0 R08: 00000000fffffff3 R09: ffff88020fec1ae0 [ 46.954296] R10: 0000000000000000 R11: ffff88020fec186e R12: ffff8802113ba108 [ 46.954297] R13: ffff8802100a5c00 R14: 00000000fffffff3 R15: ffff8801def7b800 [ 46.954299] FS: 00007fd83496c740(0000) GS:ffff88021f400000(0000) knlGS:0000000000000000 [ 46.954300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.954301] CR2: 00000000000000d8 CR3: 00000001c9272000 CR4: 00000000000407f0 [ 46.954302] Stack: [ 46.954303] ffff88020fec1b38 ffffffff8147131d ffffffffa0f748a0 ffff88020fec1af0 [ 46.954305] 0000000000000018 ffff88020fec1b48 ffff88020fec1b08 ffff8802100a5c30 [ 46.954307] ffff88020fec1b38 ffffffff81522e2d ffffffffa0f721c5 00000000fffffff3 [ 46.954308] Call Trace: [ 46.954311] [] dev_printk+0x4d/0x50 [ 46.954315] [] ? usb_autopm_get_interface+0x4d/0x60 [ 46.954319] [] mcp2210_probe+0xb9/0x860 [mcp2210] [ 46.954321] [] usb_probe_interface+0x1c4/0x2f0 [ 46.954323] [] driver_probe_device+0x87/0x3a0 [ 46.954325] [] driver_attach+0x93/0xa0 [ 46.954327] [] ? device_attach+0x40/0x40 [ 46.954329] [] bus_for_each_dev+0x63/0xa0 [ 46.954330] [] driver_attach+0x1e/0x20 [ 46.954332] [] bus_add_driver+0x1e8/0x2a0 [ 46.954333] [] driver_register+0x74/0x150 [ 46.954335] [] usb_register_driver+0x82/0x160 [ 46.954338] [] ? 0xffffffffa0f7cfff [ 46.954340] [] mcp2210_init+0x2d/0x1000 [mcp2210] [ 46.954343] [] do_one_initcall+0xfa/0x1b0 [ 46.954345] [] ? set_memory_nx+0x43/0x50 [ 46.954349] [] load_module+0x12b2/0x1b80 [ 46.954351] [] ? store_uevent+0x40/0x40 [ 46.954353] [] SyS_init_module+0xa2/0xf0 [ 46.954356] [] system_call_fastpath+0x1a/0x1f [ 46.954357] Code: 01 19 c0 83 e0 f0 5b 5d c3 90 5b 31 c0 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 66 66 90 55 48 85 f6 49 89 d1 48 89 e5 74 60 <4c> 8b 46 50 4d 85 c0 74 26 48 8b 86 90 00 00 00 48 85 c0 74 2a [ 46.954375] RIP [] __dev_printk+0x11/0x90 [ 46.954377] RSP [ 46.954378] CR2: 00000000000000d8 [ 46.954380] ---[ end trace 78a92c64d1111dc1 ]---

Kernel: 3.11.0-14-generic GCC: gcc (Ubuntu/Linaro 4.8.1-10ubuntu9) 4.8.1

[daniel-santos]

Thanks for the bug report. I guess I haven't tested on a 3.11 kernel, so something must have changed to trigger this. Still, I'm calling usb_autopm_get_interface() prior to usb_set_intfdata(), which is apparently the problem. The original mcp2210_probe function was a lot slower so I wanted to make sure that it wasn't in danger of being put to sleep prior to completing the probe, but it now defers its work so this shouldn't be an issue.

[daniel-santos]

I have pushed a fix to the master branch, will you please give it a test? Thanks!

[comcute]

Thanks for the fast response. Oops i gone now, but something is still broken. Here is dmesg output after module insert: [16206.915700] mcp2210_init [16206.915722] mcp2210_probe [16206.915729] usb 2-1.8.3: ctl_cmd_init: pin = 127, is_mcp_endianness = 0 [16206.915736] usb 2-1.8.3: mcp2210_probe: usb_autopm_get_interface failed: -13e [16206.915743] mcp2210: probe of 2-1.8.3:1.0 failed with error -13 [16206.915763] usbcore: registered new interface driver mcp2210

[daniel-santos]

Hmm, 13 is EACCES. If you want to work-around this for now, you can do something like this at the top of mcp2210-core.c:

#define usb_autopm_get_interface(a) 0
#define usb_autopm_put_interface(a)

However, it sounds like this must be related to rather or not some config option is enabled in the kernel. I'll have to investigate this further.

[daniel-santos]

Ok, well here's the culprit: "PM / Runtime: Return special error code if runtime PM is disabled" by Rafael J. Wysocki at 2011-07-02 12:30:10 GMT.

My guess is that either the correct way to call usb_autopm_get_interface() now is to ignore -EACCES or that it was not properly updated after this commit and nothing else broke as a result. However, looking at the example USB interface driver, it looks broken to me (I haven't actually tested it though): https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/usb/usb-skeleton.c#n107. Oddly enough, they might be an upstream bug! Either way, I'll fix it in this driver.

[daniel-santos]

oh crud. I've just noticed that I may have accidentally compiled-in the kernel fix for this on the kernel that I tested the fix for this driver. :( Can somebody please let me know if they are still having a problem? In the mean time, I'm going to rebuild that kernel w/o the fix.

[comcute]

Tested on 3.11.0-15-generic #23-Ubuntu SMP and working now.

[daniel-santos]

thank you