Description of problem: null pointer dereference when the removable keyboard detached. And if the keyboard is attached a again. It will not be usable. The device is ThinkPad X1 tablet 20GGA00L00. I am responsive to provide further information. I am on Fedora 26 with kernel-4.12.0-0.rc5.git2.1.fc27.x86_64. And kernel-4.11.5-300.fc26.x86_64 also comes with the name issue. journal output: Jun 19 11:33:42 cheese-X1tablet kernel: usb 1-7: USB disconnect, device number 2 Jun 19 11:33:42 cheese-X1tablet kernel: BUG: unable to handle kernel NULL pointer dereference at (null) Jun 19 11:33:42 cheese-X1tablet kernel: IP: device_del+0x17/0x360 Jun 19 11:33:42 cheese-X1tablet kernel: PGD 0 Jun 19 11:33:42 cheese-X1tablet kernel: P4D 0 Jun 19 11:33:42 cheese-X1tablet kernel: Jun 19 11:33:42 cheese-X1tablet kernel: Oops: 0000 [#1] SMP Jun 19 11:33:42 cheese-X1tablet kernel: Modules linked in: fuse ccm xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 tun nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables bnep vfat fat wacom iTCO_wdt iTCO_vendor_support mei_wdt spi_pxa2xx_platform intel_rapl x86_pkg_temp_thermal i2c_designware_platform intel_powerclamp i2c_designware_core coretemp snd_soc_skl kvm_intel snd_soc_skl_ipc snd_soc_sst_ipc snd_soc_sst_dsp snd_hda_ext_core Jun 19 11:33:42 cheese-X1tablet kernel: arc4 snd_soc_sst_match snd_soc_core kvm snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_compress iwlmvm snd_pcm_dmaengine ac97_bus snd_hda_intel snd_hda_codec mac80211 irqbypass snd_hda_core crct10dif_pclmul crc32_pclmul snd_hwdep snd_seq ghash_clmulni_intel intel_cstate snd_seq_device intel_uncore snd_pcm intel_rapl_perf iwlwifi cfg80211 rtsx_pci_ms snd_timer i2c_i801 memstick btusb btrtl btbcm btintel joydev bluetooth mei_me mei ecdh_generic 8250_pci shpchp hid_sensor_als hid_sensor_accel_3d hid_sensor_magn_3d hid_sensor_gyro_3d hid_sensor_trigger hid_sensor_iio_common industrialio_triggered_buffer kfifo_buf industrialio idma64 processor_thermal_device thinkpad_acpi intel_lpss_pci intel_soc_dts_iosf wmi snd soc_button_array soundcore int3403_thermal rfkill intel_vbtn Jun 19 11:33:42 cheese-X1tablet kernel: pinctrl_sunrisepoint pinctrl_intel intel_lpss_acpi int3400_thermal intel_hid int3402_thermal acpi_thermal_rel intel_lpss sparse_keymap int340x_thermal_zone tpm_tis tpm_tis_core tpm nfsd auth_rpcgss nfs_acl lockd grace sunrpc mmc_block hid_sensor_hub intel_ishtp_hid i915 rtsx_pci_sdmmc mmc_core crc32c_intel i2c_algo_bit drm_kms_helper serio_raw drm rtsx_pci intel_ish_ipc intel_ishtp i2c_hid video hid_rmi rmi_core Jun 19 11:33:42 cheese-X1tablet kernel: CPU: 2 PID: 43 Comm: kworker/2:1 Not tainted 4.12.0-0.rc5.git2.1.fc27.x86_64 #1 Jun 19 11:33:42 cheese-X1tablet kernel: Hardware name: LENOVO 20GGA00L00/20GGA00L00, BIOS N1LET37W (1.19 ) 05/19/2016 Jun 19 11:33:42 cheese-X1tablet kernel: Workqueue: usb_hub_wq hub_event Jun 19 11:33:42 cheese-X1tablet kernel: task: ffff9ef59667b2c0 task.stack: ffffbd7d40df4000 Jun 19 11:33:42 cheese-X1tablet kernel: RIP: 0010:device_del+0x17/0x360 Jun 19 11:33:42 cheese-X1tablet kernel: RSP: 0018:ffffbd7d40df7a00 EFLAGS: 00010286 Jun 19 11:33:42 cheese-X1tablet kernel: RAX: ffffffffb6e5b300 RBX: 0000000000000000 RCX: 0000000000000000 Jun 19 11:33:42 cheese-X1tablet kernel: RDX: 0000001fffffffc0 RSI: ffff9ef59667c068 RDI: 0000000000000000 Jun 19 11:33:42 cheese-X1tablet kernel: RBP: ffffbd7d40df7a38 R08: 0000000000000001 R09: 0000000000000000 Jun 19 11:33:42 cheese-X1tablet kernel: R10: 0000000000000000 R11: 0000000000000000 R12: ffff9ef590bcc000 Jun 19 11:33:42 cheese-X1tablet kernel: R13: 0000000000000000 R14: ffff9ef590bcd8e8 R15: ffff9ef590bcd948 Jun 19 11:33:42 cheese-X1tablet kernel: FS: 0000000000000000(0000) GS:ffff9ef598a00000(0000) knlGS:0000000000000000 Jun 19 11:33:42 cheese-X1tablet kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jun 19 11:33:42 cheese-X1tablet kernel: CR2: 0000000000000000 CR3: 0000000025e11000 CR4: 00000000003406e0 Jun 19 11:33:42 cheese-X1tablet kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Jun 19 11:33:42 cheese-X1tablet kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Jun 19 11:33:42 cheese-X1tablet kernel: Call Trace: Jun 19 11:33:42 cheese-X1tablet kernel: ? trace_hardirqs_on_caller+0xf4/0x190 Jun 19 11:33:42 cheese-X1tablet kernel: rmi_unregister_transport_device+0x16/0x30 [rmi_core] Jun 19 11:33:42 cheese-X1tablet kernel: rmi_remove+0x36/0x60 [hid_rmi] Jun 19 11:33:42 cheese-X1tablet kernel: hid_device_remove+0x68/0xd0 Jun 19 11:33:42 cheese-X1tablet kernel: device_release_driver_internal+0x160/0x210 Jun 19 11:33:42 cheese-X1tablet kernel: device_release_driver+0x12/0x20 Jun 19 11:33:42 cheese-X1tablet kernel: bus_remove_device+0x11b/0x190 Jun 19 11:33:42 cheese-X1tablet kernel: device_del+0x1e7/0x360 Jun 19 11:33:42 cheese-X1tablet kernel: hid_destroy_device+0x27/0x60 Jun 19 11:33:42 cheese-X1tablet kernel: usbhid_disconnect+0x49/0x70 Jun 19 11:33:42 cheese-X1tablet kernel: usb_unbind_interface+0x75/0x290 Jun 19 11:33:42 cheese-X1tablet kernel: device_release_driver_internal+0x160/0x210 Jun 19 11:33:42 cheese-X1tablet kernel: device_release_driver+0x12/0x20 Jun 19 11:33:42 cheese-X1tablet kernel: bus_remove_device+0x11b/0x190 Jun 19 11:33:42 cheese-X1tablet kernel: device_del+0x1e7/0x360 Jun 19 11:33:42 cheese-X1tablet kernel: usb_disable_device+0x9f/0x270 Jun 19 11:33:42 cheese-X1tablet kernel: usb_disconnect+0xc8/0x2b0 Jun 19 11:33:42 cheese-X1tablet kernel: hub_event+0x598/0x15e0 Jun 19 11:33:42 cheese-X1tablet kernel: process_one_work+0x253/0x6a0 Jun 19 11:33:42 cheese-X1tablet kernel: worker_thread+0x4d/0x3b0 Jun 19 11:33:42 cheese-X1tablet kernel: kthread+0x133/0x150 Jun 19 11:33:42 cheese-X1tablet kernel: ? process_one_work+0x6a0/0x6a0 Jun 19 11:33:42 cheese-X1tablet kernel: ? kthread_create_on_node+0x70/0x70 Jun 19 11:33:42 cheese-X1tablet kernel: ret_from_fork+0x2a/0x40 Jun 19 11:33:42 cheese-X1tablet kernel: Code: 00 00 00 00 00 41 5c 41 5d 5d c3 66 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 56 41 55 41 54 53 48 89 fb 48 83 ec 18 <4c> 8b 2f 65 48 8b 04 25 28 00 00 00 48 89 45 d8 31 c0 48 8b 87 Jun 19 11:33:42 cheese-X1tablet kernel: RIP: device_del+0x17/0x360 RSP: ffffbd7d40df7a00 Jun 19 11:33:42 cheese-X1tablet kernel: CR2: 0000000000000000 Jun 19 11:33:42 cheese-X1tablet kernel: ---[ end trace a6f1a7b4d9a49be5 ]--- Jun 19 11:33:42 cheese-X1tablet kernel: BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:33 Jun 19 11:33:42 cheese-X1tablet kernel: in_atomic(): 0, irqs_disabled(): 1, pid: 43, name: kworker/2:1 Jun 19 11:33:42 cheese-X1tablet kernel: INFO: lockdep is turned off. Jun 19 11:33:42 cheese-X1tablet kernel: irq event stamp: 980444 Jun 19 11:33:42 cheese-X1tablet kernel: hardirqs last enabled at (980443): [<ffffffffb60cee10>] flush_work+0x2b0/0x320 Jun 19 11:33:42 cheese-X1tablet kernel: hardirqs last disabled at (980444): [<ffffffffb698488c>] error_entry+0x7c/0xd0 Jun 19 11:33:42 cheese-X1tablet kernel: softirqs last enabled at (980426): [<ffffffffb6988012>] __do_softirq+0x382/0x4ed Jun 19 11:33:42 cheese-X1tablet kernel: softirqs last disabled at (980411): [<ffffffffb60b8faf>] irq_exit+0x10f/0x120 Jun 19 11:33:42 cheese-X1tablet kernel: CPU: 2 PID: 43 Comm: kworker/2:1 Tainted: G D 4.12.0-0.rc5.git2.1.fc27.x86_64 #1 Jun 19 11:33:42 cheese-X1tablet kernel: Hardware name: LENOVO 20GGA00L00/20GGA00L00, BIOS N1LET37W (1.19 ) 05/19/2016 Jun 19 11:33:42 cheese-X1tablet kernel: Workqueue: usb_hub_wq hub_event Jun 19 11:33:42 cheese-X1tablet kernel: Call Trace: Jun 19 11:33:42 cheese-X1tablet kernel: dump_stack+0x8e/0xcd Jun 19 11:33:42 cheese-X1tablet kernel: ___might_sleep+0x144/0x260 Jun 19 11:33:42 cheese-X1tablet kernel: __might_sleep+0x4a/0x80 Jun 19 11:33:42 cheese-X1tablet kernel: exit_signals+0x33/0x240 Jun 19 11:33:42 cheese-X1tablet kernel: do_exit+0xb4/0xd30 Jun 19 11:33:42 cheese-X1tablet kernel: ? kthread+0x133/0x150 Jun 19 11:33:42 cheese-X1tablet kernel: rewind_stack_do_exit+0x17/0x20 Jun 19 11:33:42 cheese-X1tablet kernel: intel-vbtn INT33D6:00: unknown event index 0xcc Jun 19 11:33:42 cheese-X1tablet kernel: intel-vbtn INT33D6:00: unknown event index 0xcb Jun 19 11:33:43 cheese-X1tablet kernel: thinkpad_acpi: unhandled HKEY event 0x4013 Jun 19 11:33:43 cheese-X1tablet kernel: thinkpad_acpi: please report the conditions when this event happened to ibm-acpi-devel@lists.sourceforge.net Jun 19 11:33:43 cheese-X1tablet kernel: int3403 thermal INT3403:01: Unsupported event [0x91] Jun 19 11:33:43 cheese-X1tablet kernel: int3403 thermal INT3403:00: Unsupported event [0x91] Jun 19 11:33:43 cheese-X1tablet kernel: intel-vbtn INT33D6:00: unknown event index 0xcc Jun 19 11:33:43 cheese-X1tablet kernel: intel-vbtn INT33D6:00: unknown event index 0xcb
Created attachment 257077 [details] lsusb -vvv output on Thinkpad X1 Tablet
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef14a4bf0910d06c7e202552914028d4956809cb This commit in current master fixed this issue. And the commit can be applied to 4.13 branch cleanly.