Bug 62711

Summary: USB-related NULL pointer dereference
Product: Drivers Reporter: Luke-Jr (luke-jr+linuxbugs)
Component: USBAssignee: Greg Kroah-Hartman (greg)
Status: RESOLVED DUPLICATE    
Severity: normal CC: xerofoify
Priority: P1    
Hardware: x86-64   
OS: Linux   
Kernel Version: 3.10.9 Subsystem:
Regression: No Bisected commit-id:

Description Luke-Jr 2013-10-08 04:48:04 UTC 
[613257.292304] BUG: unable to handle kernel NULL pointer dereference at           (null)
[613257.292337] IP: [<ffffffffa030035e>] hub_quiesce+0x4e/0xb0 [usbcore]
[613257.292363] PGD 411313067 PUD 411380067 PMD 0 
[613257.292386] Oops: 0000 [#1] PREEMPT SMP 
[613257.292405] Modules linked in: usb_storage fuse netconsole configfs cfq_iosched bridge stp llc ipv6 cdc_acm ftdi_sio cp210x usbserial hid_generic usbhid hid evdev coretemp hwmon mperf 8250_pci intel_powerclamp 8250 serial_core xhci_hcd ehci_pci ehci_hcd i915 video drm_kms_helper drm i2c_algo_bit ata_generic usbcore i2c_i801 kvm_intel kvm psmouse firewire_ohci firewire_core usb_common tpm_tis crc_itu_t tpm tpm_bios pata_acpi snd_hda_codec_hdmi snd_hda_codec_realtek e1000e 8139too rtc_cmos mii ptp pps_core snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_page_alloc snd_timer snd button
[613257.292748] CPU: 0 PID: 1284 Comm: khubd Tainted: G        W    3.10.9-gentoo #1
[613257.292767] Hardware name:                  /DQ67SW, BIOS SWQ6710H.86A.0062.2012.0418.1112 04/18/2012
[613257.292792] task: ffff880429abf060 ti: ffff880426024000 task.ti: ffff880426024000
[613257.292813] RIP: 0010:[<ffffffffa030035e>]  [<ffffffffa030035e>] hub_quiesce+0x4e/0xb0 [usbcore]
[613257.292843] RSP: 0000:ffff880426025828  EFLAGS: 00010246
[613257.292859] RAX: ffff8800b86273c0 RBX: ffff8803fb069400 RCX: 0000000000000006
[613257.292878] RDX: 0000000000000000 RSI: 000000007fffffff RDI: 0000000000000000
[613257.292898] RBP: ffff880426025848 R08: 0000000000000000 R09: 0000000000000000
[613257.292917] R10: 00000000000006a6 R11: 0000000000000000 R12: ffff8804020cc000
[613257.292936] R13: 0000000000000000 R14: ffff8803b6736430 R15: 0000000000000096
[613257.292956] FS:  0000000000000000(0000) GS:ffff88043e200000(0000) knlGS:0000000000000000
[613257.292977] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[613257.292993] CR2: 0000000000000000 CR3: 0000000409a08000 CR4: 00000000000407f0
[613257.293012] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[613257.293032] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[613257.293051] Stack:
[613257.293057]  ffff880426025848 ffff8803fb069400 ffff8804020cc088 ffff8803b6736400
[613257.293089]  ffff880426025878 ffffffffa0300679 ffff8803fb069400 ffff8803b6736400
[613257.293121]  ffff8804020cc000 ffff880428dc2000 ffff880426025918 ffffffffa0302fa1
[613257.293152] Call Trace:
[613257.293164]  [<ffffffffa0300679>] hub_disconnect+0x79/0x140 [usbcore]
[613257.293184]  [<ffffffffa0302fa1>] hub_probe+0x301/0x820 [usbcore]
[613257.293204]  [<ffffffffa030b361>] usb_probe_interface+0x1a1/0x290 [usbcore]
[613257.293226]  [<ffffffff81300756>] driver_probe_device+0x76/0x240
[613257.293243]  [<ffffffff81300a0b>] __device_attach+0x4b/0x60
[613257.293259]  [<ffffffff813009c0>] ? __driver_attach+0xa0/0xa0
[613257.293276]  [<ffffffff812feb64>] bus_for_each_drv+0x54/0x90
[613257.293292]  [<ffffffff813006a8>] device_attach+0x98/0xb0
[613257.293308]  [<ffffffff812ffba8>] bus_probe_device+0x98/0xc0
[613257.293324]  [<ffffffff812fdfa4>] device_add+0x5b4/0x670
[613257.293341]  [<ffffffffa02fe09b>] ? usb_set_device_state+0xab/0x180 [usbcore]
[613257.293363]  [<ffffffffa0309655>] usb_set_configuration+0x5f5/0x810 [usbcore]
[613257.293385]  [<ffffffffa0313132>] generic_probe+0x32/0x90 [usbcore]
[613257.293405]  [<ffffffffa030b47d>] usb_probe_device+0x2d/0x60 [usbcore]
[613257.293423]  [<ffffffff81300756>] driver_probe_device+0x76/0x240
[613257.293439]  [<ffffffff81300a0b>] __device_attach+0x4b/0x60
[613257.293455]  [<ffffffff813009c0>] ? __driver_attach+0xa0/0xa0
[613257.293471]  [<ffffffff812feb64>] bus_for_each_drv+0x54/0x90
[613257.293487]  [<ffffffff813006a8>] device_attach+0x98/0xb0
[613257.293503]  [<ffffffff812ffba8>] bus_probe_device+0x98/0xc0
[613257.293518]  [<ffffffff812fdfa4>] device_add+0x5b4/0x670
[613257.293535]  [<ffffffffa0300917>] usb_new_device+0x1d7/0x370 [usbcore]
[613257.293555]  [<ffffffffa0301cac>] hub_thread+0x69c/0x1420 [usbcore]
[613257.293573]  [<ffffffff81059f10>] ? abort_exclusive_wait+0xb0/0xb0
[613257.293592]  [<ffffffffa0301610>] ? hub_port_debounce+0xe0/0xe0 [usbcore]
[613257.293611]  [<ffffffff8105959b>] kthread+0xbb/0xc0
[613257.293625]  [<ffffffff81430000>] ? generic_processor_info+0x75/0x18a
[613257.293643]  [<ffffffff810594e0>] ? kthread_freezable_should_stop+0x70/0x70
[613257.293662]  [<ffffffff8143c2ec>] ret_from_fork+0x7c/0xb0
[613257.293677]  [<ffffffff810594e0>] ? kthread_freezable_should_stop+0x70/0x70
[613257.293697] Code: 80 8b f0 00 00 00 02 41 83 fd 02 74 37 45 8b ac 24 78 04 00 00 45 85 ed 7e 2a 45 31 ed 48 8b 83 10 02 00 00 49 63 d5 48 8b 3c d0 <48> 83 3f 00 74 05 e8 07 fe ff ff 41 83 c5 01 45 39 ac 24 78 04 
[613257.293956] RIP  [<ffffffffa030035e>] hub_quiesce+0x4e/0xb0 [usbcore]
[613257.293979]  RSP <ffff880426025828>
[613257.293988] CR2: 0000000000000000
[613257.301183] ---[ end trace 3347bc36b4bf0c05 ]---
[613258.409850] usb 4-1.5: reset full-speed USB device number 5 using ehci-pci
Comment 1 Greg Kroah-Hartman 2013-10-08 13:00:44 UTC 
On Tue, Oct 08, 2013 at 04:48:04AM +0000, bugzilla-daemon@bugzilla.kernel.org wrote:
> https://bugzilla.kernel.org/show_bug.cgi?id=62711
> 
>             Bug ID: 62711
>            Summary: USB-related NULL pointer dereference

Please send this to the linux-usb@vger.kernel.org mailing list.
Comment 2 Luke-Jr 2013-10-08 17:01:03 UTC 
Sent.

Curiously, the same re-occurred on my next boot (shutdown, cold poweron), around when udev was loading modules. After this, I shutdown again, and turned the PSU switch off for a few seconds - at the next boot, the problem stopped.
Comment 3 xerofoify 2014-06-14 02:22:40 UTC 
I am curious is this bug fixed or do we need to test it still? If not I would
close this bug on bugizilla.
Comment 4 Luke-Jr 2014-06-14 02:26:20 UTC 
Looks like I may have accidentally submitted this twice?

*** This bug has been marked as a duplicate of bug 63961 ***