* kernel oops
@ 2008-07-23 12:52 Andrei Popa
2008-07-23 13:23 ` [PATCH] cdc-acm: don't unlock acm->mutex on error path Alexey Dobriyan
2008-07-23 17:11 ` kernel oops Vegard Nossum
0 siblings, 2 replies; 6+ messages in thread
From: Andrei Popa @ 2008-07-23 12:52 UTC (permalink / raw)
To: Linux Kernel Mailing List
Hello,
I installed gnokii-0.6.22-r2 and gave the command "gnokii --identify"
and the kernel oopsed:
BUG: unable to handle kernel NULL pointer dereference at 00000458
IP: [<c0444b52>] mutex_unlock+0x0/0xb
*pde = 00000000
Oops: 0002 [#1] PREEMPT SMP
Pid: 19043, comm: gnokii Not tainted (2.6.26-ineo7 #2)
EIP: 0060:[<c0444b52>] EFLAGS: 00010246 CPU: 0
EIP is at mutex_unlock+0x0/0xb
EAX: 00000458 EBX: 00000000 ECX: df90a000 EDX: dc722100
ESI: df90a000 EDI: 00000458 EBP: 00000100 ESP: dc736e54
DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process gnokii (pid: 19043, ti=dc736000 task=dfb3c6c0 task.ti=dc736000)
Stack: c03830ae 00000000 dc736e84 00000000 ffffffea ffffffed c0383062
dc722100
00000100 c023cbfd 0902e0ff 0a600000 df90a000 00000000 df857544
dc713240
00000000 c023ca9e c016951c dc722100 00000000 dc722100 dc713240
00000000
Call Trace:
[<c03830ae>] acm_tty_open+0x4c/0x214
[<c0383062>] acm_tty_open+0x0/0x214
[<c023cbfd>] tty_open+0x15f/0x2a6
[<c023ca9e>] tty_open+0x0/0x2a6
[<c016951c>] chrdev_open+0x98/0x149
[<c0169484>] chrdev_open+0x0/0x149
[<c0165dde>] __dentry_open+0xfd/0x222
[<c0165f96>] nameidata_to_filp+0x2e/0x53
[<c016f80b>] do_filp_open+0x1bb/0x64f
[<c016610e>] get_unused_fd_flags+0xb3/0xe3
[<c016d383>] do_getname+0x4b/0x82
[<c0166239>] do_sys_open+0x50/0xdd
[<c01662f2>] sys_open+0x2c/0x3c
[<c0102eb1>] sysenter_past_esp+0x6a/0x91
[<c0440000>] init_chipset_sis5513+0x1b2/0x1c5
=======================
Code: 44 24 38 ec 2a 13 c0 e8 06 ff ff ff 8b 5c 24 48 8b 74 24 4c 8b 7c
24 50 8b 6c 24 54 83 c4 58 c3 f0 ff 08 79 05 e8 9e 00 00 00 c3 <f0> ff
00 7f 05 e8 01 00 00 00 c3 83 ec 08 89 74 24 04 8d 70 04
EIP: [<c0444b52>] mutex_unlock+0x0/0xb SS:ESP 0068:dc736e54
---[ end trace 2723488af998d371 ]---
Nms ~ #
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] cdc-acm: don't unlock acm->mutex on error path
2008-07-23 12:52 kernel oops Andrei Popa
@ 2008-07-23 13:23 ` Alexey Dobriyan
2008-07-23 13:36 ` Andrei Popa
2008-07-23 17:11 ` kernel oops Vegard Nossum
1 sibling, 1 reply; 6+ messages in thread
From: Alexey Dobriyan @ 2008-07-23 13:23 UTC (permalink / raw)
To: Andrei Popa; +Cc: linux-kernel, akpm, gregkh
On Wed, Jul 23, 2008 at 03:52:36PM +0300, Andrei Popa wrote:
> I installed gnokii-0.6.22-r2 and gave the command "gnokii --identify"
> and the kernel oopsed:
>
> BUG: unable to handle kernel NULL pointer dereference at 00000458
> IP: [<c0444b52>] mutex_unlock+0x0/0xb
> [<c03830ae>] acm_tty_open+0x4c/0x214
Try this:
[PATCH] cdc-acm: don't unlock acm->mutex on error path
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
---
drivers/usb/class/cdc-acm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/usb/class/cdc-acm.c
+++ b/drivers/usb/class/cdc-acm.c
@@ -595,8 +595,8 @@ static int acm_tty_open(struct tty_struct *tty, struct file *filp)
tasklet_schedule(&acm->urb_task);
done:
-err_out:
mutex_unlock(&acm->mutex);
+err_out:
mutex_unlock(&open_mutex);
return rv;
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cdc-acm: don't unlock acm->mutex on error path
2008-07-23 13:23 ` [PATCH] cdc-acm: don't unlock acm->mutex on error path Alexey Dobriyan
@ 2008-07-23 13:36 ` Andrei Popa
0 siblings, 0 replies; 6+ messages in thread
From: Andrei Popa @ 2008-07-23 13:36 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: linux-kernel, akpm, gregkh
It's ok now, thanks.
On Wed, 2008-07-23 at 17:23 +0400, Alexey Dobriyan wrote:
> On Wed, Jul 23, 2008 at 03:52:36PM +0300, Andrei Popa wrote:
> > I installed gnokii-0.6.22-r2 and gave the command "gnokii --identify"
> > and the kernel oopsed:
> >
> > BUG: unable to handle kernel NULL pointer dereference at 00000458
> > IP: [<c0444b52>] mutex_unlock+0x0/0xb
> > [<c03830ae>] acm_tty_open+0x4c/0x214
>
> Try this:
>
> [PATCH] cdc-acm: don't unlock acm->mutex on error path
>
> Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
> ---
>
> drivers/usb/class/cdc-acm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- a/drivers/usb/class/cdc-acm.c
> +++ b/drivers/usb/class/cdc-acm.c
> @@ -595,8 +595,8 @@ static int acm_tty_open(struct tty_struct *tty, struct file *filp)
> tasklet_schedule(&acm->urb_task);
>
> done:
> -err_out:
> mutex_unlock(&acm->mutex);
> +err_out:
> mutex_unlock(&open_mutex);
> return rv;
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: kernel oops
2008-07-23 12:52 kernel oops Andrei Popa
2008-07-23 13:23 ` [PATCH] cdc-acm: don't unlock acm->mutex on error path Alexey Dobriyan
@ 2008-07-23 17:11 ` Vegard Nossum
2008-08-18 16:33 ` Vegard Nossum
1 sibling, 1 reply; 6+ messages in thread
From: Vegard Nossum @ 2008-07-23 17:11 UTC (permalink / raw)
To: Andrei Popa, Oliver Neukum, Greg Kroah-Hartman; +Cc: Linux Kernel Mailing List
Hi,
On Wed, Jul 23, 2008 at 2:52 PM, Andrei Popa <andrei.popa@i-neo.ro> wrote:
>
> Hello,
>
> I installed gnokii-0.6.22-r2 and gave the command "gnokii --identify"
> and the kernel oopsed:
>
> BUG: unable to handle kernel NULL pointer dereference at 00000458
> IP: [<c0444b52>] mutex_unlock+0x0/0xb
> *pde = 00000000
> Oops: 0002 [#1] PREEMPT SMP
>
> Pid: 19043, comm: gnokii Not tainted (2.6.26-ineo7 #2)
> EIP: 0060:[<c0444b52>] EFLAGS: 00010246 CPU: 0
> EIP is at mutex_unlock+0x0/0xb
...
> [<c03830ae>] acm_tty_open+0x4c/0x214
This shouldn't be too hard; the code is trying to unlock the mutex
&acm->mutex even when "acm" is NULL. It seems that the label "err_out"
is otherwise unused, so it makes sense to move this one step further
down, so that it doesn't try to unlock the non-existant mutex.
If the problem is reproducible, you could try the patch below!
Vegard
PS: I actually think the code has some other problems too. Shouldn't
&acm->mutex be locked before we even inspect acm->dev?
Reported-by: Andrei Popa <andrei.popa@i-neo.ro>
Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
index 63c3404..74d03a7 100644
--- a/drivers/usb/class/cdc-acm.c
+++ b/drivers/usb/class/cdc-acm.c
@@ -525,8 +525,8 @@ static int acm_tty_open(struct tty_struct *tty, struct file *filp)
tasklet_schedule(&acm->urb_task);
done:
-err_out:
mutex_unlock(&acm->mutex);
+err_out:
mutex_unlock(&open_mutex);
return rv;
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: kernel oops
2008-07-23 17:11 ` kernel oops Vegard Nossum
@ 2008-08-18 16:33 ` Vegard Nossum
2008-08-18 16:39 ` Greg KH
0 siblings, 1 reply; 6+ messages in thread
From: Vegard Nossum @ 2008-08-18 16:33 UTC (permalink / raw)
To: Andrei Popa, Oliver Neukum, Greg Kroah-Hartman
Cc: Andrew Morton, Linux Kernel Mailing List
On Wed, Jul 23, 2008 at 7:11 PM, Vegard Nossum <vegard.nossum@gmail.com> wrote:
> On Wed, Jul 23, 2008 at 2:52 PM, Andrei Popa <andrei.popa@i-neo.ro> wrote:
>>
>> I installed gnokii-0.6.22-r2 and gave the command "gnokii --identify"
>> and the kernel oopsed:
>>
>> BUG: unable to handle kernel NULL pointer dereference at 00000458
>> IP: [<c0444b52>] mutex_unlock+0x0/0xb
>> *pde = 00000000
>> Oops: 0002 [#1] PREEMPT SMP
>>
>> Pid: 19043, comm: gnokii Not tainted (2.6.26-ineo7 #2)
>> EIP: 0060:[<c0444b52>] EFLAGS: 00010246 CPU: 0
>> EIP is at mutex_unlock+0x0/0xb
> ...
>> [<c03830ae>] acm_tty_open+0x4c/0x214
>
> This shouldn't be too hard; the code is trying to unlock the mutex
> &acm->mutex even when "acm" is NULL. It seems that the label "err_out"
> is otherwise unused, so it makes sense to move this one step further
> down, so that it doesn't try to unlock the non-existent mutex.
>
> If the problem is reproducible, you could try the patch below!
>
>
> Vegard
>
> PS: I actually think the code has some other problems too. Shouldn't
> &acm->mutex be locked before we even inspect acm->dev?
>
>
> Reported-by: Andrei Popa <andrei.popa@i-neo.ro>
> Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
>
> diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
> index 63c3404..74d03a7 100644
> --- a/drivers/usb/class/cdc-acm.c
> +++ b/drivers/usb/class/cdc-acm.c
> @@ -525,8 +525,8 @@ static int acm_tty_open(struct tty_struct *tty, struct file *filp)
> tasklet_schedule(&acm->urb_task);
>
> done:
> -err_out:
> mutex_unlock(&acm->mutex);
> +err_out:
> mutex_unlock(&open_mutex);
> return rv;
>
>
Hi,
Latest -git seems to have the same problem, and this was about three
weeks ago, so.. Ping?
Vegard
--
"The animistic metaphor of the bug that maliciously sneaked in while
the programmer was not looking is intellectually dishonest as it
disguises that the error is the programmer's own creation."
-- E. W. Dijkstra, EWD1036
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: kernel oops
2008-08-18 16:33 ` Vegard Nossum
@ 2008-08-18 16:39 ` Greg KH
0 siblings, 0 replies; 6+ messages in thread
From: Greg KH @ 2008-08-18 16:39 UTC (permalink / raw)
To: Vegard Nossum
Cc: Andrei Popa, Oliver Neukum, Andrew Morton, Linux Kernel Mailing List
On Mon, Aug 18, 2008 at 06:33:42PM +0200, Vegard Nossum wrote:
> On Wed, Jul 23, 2008 at 7:11 PM, Vegard Nossum <vegard.nossum@gmail.com> wrote:
> > On Wed, Jul 23, 2008 at 2:52 PM, Andrei Popa <andrei.popa@i-neo.ro> wrote:
> >>
> >> I installed gnokii-0.6.22-r2 and gave the command "gnokii --identify"
> >> and the kernel oopsed:
> >>
> >> BUG: unable to handle kernel NULL pointer dereference at 00000458
> >> IP: [<c0444b52>] mutex_unlock+0x0/0xb
> >> *pde = 00000000
> >> Oops: 0002 [#1] PREEMPT SMP
> >>
> >> Pid: 19043, comm: gnokii Not tainted (2.6.26-ineo7 #2)
> >> EIP: 0060:[<c0444b52>] EFLAGS: 00010246 CPU: 0
> >> EIP is at mutex_unlock+0x0/0xb
> > ...
> >> [<c03830ae>] acm_tty_open+0x4c/0x214
> >
> > This shouldn't be too hard; the code is trying to unlock the mutex
> > &acm->mutex even when "acm" is NULL. It seems that the label "err_out"
> > is otherwise unused, so it makes sense to move this one step further
> > down, so that it doesn't try to unlock the non-existent mutex.
> >
> > If the problem is reproducible, you could try the patch below!
> >
> >
> > Vegard
> >
> > PS: I actually think the code has some other problems too. Shouldn't
> > &acm->mutex be locked before we even inspect acm->dev?
> >
> >
> > Reported-by: Andrei Popa <andrei.popa@i-neo.ro>
> > Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
> >
> > diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c
> > index 63c3404..74d03a7 100644
> > --- a/drivers/usb/class/cdc-acm.c
> > +++ b/drivers/usb/class/cdc-acm.c
> > @@ -525,8 +525,8 @@ static int acm_tty_open(struct tty_struct *tty, struct file *filp)
> > tasklet_schedule(&acm->urb_task);
> >
> > done:
> > -err_out:
> > mutex_unlock(&acm->mutex);
> > +err_out:
> > mutex_unlock(&open_mutex);
> > return rv;
> >
> >
>
> Hi,
>
> Latest -git seems to have the same problem, and this was about three
> weeks ago, so.. Ping?
Hm, I thought I took a patch to fix this a few weeks ago.
Oliver, have I missed anything recently?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2008-08-18 16:42 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-07-23 12:52 kernel oops Andrei Popa
2008-07-23 13:23 ` [PATCH] cdc-acm: don't unlock acm->mutex on error path Alexey Dobriyan
2008-07-23 13:36 ` Andrei Popa
2008-07-23 17:11 ` kernel oops Vegard Nossum
2008-08-18 16:33 ` Vegard Nossum
2008-08-18 16:39 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).