Created attachment 132151 [details] Patсh for fix this bug When connecting a barcode scanner Motorola Symbol DS4208 in the mode "Smiple COM port emulation" kernel reported an error in the driver symbolserial. I prefer ALT Linux, so I see with 3.10.34-std-def-alt1 x86_64: [ 54.290502] usb 1-1.5: new full-speed USB device number 3 using ehci-pci [ 54.435435] usbcore: registered new interface driver usbserial [ 54.435443] usbcore: registered new interface driver usbserial_generic [ 54.435449] usbserial: USB Serial support registered for generic [ 54.435783] usbcore: registered new interface driver symbolserial [ 54.435793] usbserial: USB Serial support registered for symbol [ 54.435802] symbolserial 1-1.5:1.0: symbol converter detected [ 54.435873] usb 1-1.5: symbol converter now attached to ttyUSB0 [ 54.511060] BUG: unable to handle kernel NULL pointer dereference at (null) [ 54.511300] IP: [<ffffffff81043a19>] __ticket_spin_lock+0x9/0x30 [ 54.511481] PGD 429323067 PUD 429315067 PMD 0 [ 54.511624] Oops: 0002 [#1] SMP [ 54.511728] Modules linked in: symbolserial usbserial nvidia(PO) drm vhost_net bnep tun macvtap macvlan uinput bluetooth af_packet vboxnetadp(O) vboxnetflt(O) ipv6 pci_stub vboxpci(O) vboxdrv(O) hid_generic usbhid hid coretemp intel_powerclamp kvm_intel kvm snd_hda_codec_hdmi eeepc_wmi crc32_pclmul asus_wmi crc32c_intel ghash_clmulni_intel i2c_i801 i2c_core cryptd sparse_keymap rfkill hwmon pci_hotplug sr_mod cdrom iTCO_wdt xhci_hcd pcspkr acpi_cpufreq iTCO_vendor_support mperf microcode ehci_pci ehci_hcd r8169 usbcore snd_hda_codec_realtek snd_hda_intel snd_hda_codec mxm_wmi mii snd_hwdep snd_pcm usb_common processor lpc_ich snd_seq_midi snd_seq_midi_event snd_seq snd_page_alloc wmi snd_rawmidi snd_seq_device video snd_timer snd soundcore button dm_mod ext4 crc16 mbcache jbd2 sd_mod crc_t10dif ahci [ 54.514183] libahci libata evdev scsi_mod autofs4 [ 54.514312] CPU: 0 PID: 912 Comm: ModemManager Tainted: P O 3.10.34-std-def-alt1 #1 [ 54.514555] Hardware name: System manufacturer System Product Name/P8Z68-V LX, BIOS 0703 10/21/2011 [ 54.514814] task: ffff88042ab78700 ti: ffff880428cb2000 task.ti: ffff880428cb2000 [ 54.515027] RIP: 0010:[<ffffffff81043a19>] [<ffffffff81043a19>] __ticket_spin_lock+0x9/0x30 [ 54.515274] RSP: 0018:ffff880428cb3ab8 EFLAGS: 00010082 [ 54.515426] RAX: 0000000000000100 RBX: 0000000000000286 RCX: 0000000000000000 [ 54.515630] RDX: 0000000000000003 RSI: 0000000000000286 RDI: 0000000000000000 [ 54.515833] RBP: ffff880428cb3ab8 R08: 0000000000000000 R09: 0000000000000001 [ 54.516036] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88041505a000 [ 54.516240] R13: ffff88041505a008 R14: ffff8804285e3c00 R15: ffff8804285e3c00 [ 54.516444] FS: 00007f861fd647c0(0000) GS:ffff88043f400000(0000) knlGS:0000000000000000 [ 54.516674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.516839] CR2: 0000000000000000 CR3: 0000000428c9e000 CR4: 00000000000407f0 [ 54.517042] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 54.517246] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 54.517449] Stack: [ 54.517506] ffff880428cb3ac8 ffffffff81043ad3 ffff880428cb3ae8 ffffffff814d96c7 [ 54.517739] 0000000000000000 ffff88041505a000 ffff880428cb3b08 ffffffffa04ca03c [ 54.523667] ffff88041a977b68 ffff88041a977b00 ffff880428cb3b48 ffffffffa05792f5 [ 54.529614] Call Trace: [ 54.535534] [<ffffffff81043ad3>] default_spin_lock_flags+0x13/0x20 [ 54.541599] [<ffffffff814d96c7>] _raw_spin_lock_irqsave+0x47/0x60 [ 54.547545] [<ffffffffa04ca03c>] symbol_open+0x1c/0x70 [symbolserial] [ 54.553430] [<ffffffffa05792f5>] serial_port_activate+0x75/0xa0 [usbserial] [ 54.559309] [<ffffffff81346163>] ? tty_port_tty_set+0x63/0xa0 [ 54.565139] [<ffffffff81346870>] tty_port_open+0xb0/0x100 [ 54.570957] [<ffffffffa057963d>] serial_open+0x1d/0x20 [usbserial] [ 54.576732] [<ffffffff8133d6fc>] tty_open+0x17c/0x5a0 [ 54.582327] [<ffffffff811835a3>] chrdev_open+0xb3/0x1b0 [ 54.587772] [<ffffffff8117c903>] do_dentry_open+0x203/0x290 [ 54.593072] [<ffffffff811834f0>] ? cdev_put+0x30/0x30 [ 54.598187] [<ffffffff8117c9c0>] finish_open+0x30/0x40 [ 54.603149] [<ffffffff8118d8e9>] do_last+0x6f9/0xef0 [ 54.607973] [<ffffffff8118a3ff>] ? link_path_walk+0x6f/0x870 [ 54.612656] [<ffffffff8119d6ff>] ? mntput+0x1f/0x30 [ 54.617181] [<ffffffff8118898d>] ? path_put+0x1d/0x30 [ 54.621590] [<ffffffff8118e191>] path_openat+0xb1/0x4c0 [ 54.625865] [<ffffffff81144e8d>] ? handle_mm_fault+0x2ad/0x3c0 [ 54.630033] [<ffffffff814dd4b4>] ? __do_page_fault+0x224/0x520 [ 54.634074] [<ffffffff8118ee3c>] do_filp_open+0x3c/0x90 [ 54.637988] [<ffffffff8119b935>] ? __alloc_fd+0xd5/0x130 [ 54.641777] [<ffffffff8117dcbf>] do_sys_open+0xef/0x1d0 [ 54.645499] [<ffffffff8101fdb0>] ? syscall_trace_enter+0x20/0x240 [ 54.649318] [<ffffffff8117ddbd>] SyS_open+0x1d/0x20 [ 54.653135] [<ffffffff814e1d37>] tracesys+0xdd/0xe2 [ 54.656937] Code: 00 00 48 c7 c1 31 38 04 81 48 c7 c2 2e 38 04 81 e9 dd fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 b8 00 01 00 00 48 89 e5 <f0> 66 0f c1 07 0f b6 d4 38 c2 74 0c 0f 1f 00 f3 90 0f b6 07 38 [ 54.669149] RIP [<ffffffff81043a19>] __ticket_spin_lock+0x9/0x30 [ 54.673182] RSP <ffff880428cb3ab8> [ 54.677189] CR2: 0000000000000000 [ 54.681217] ---[ end trace 8da18c5391c8fa84 ]--- With 3.12.16-std-def-alt1 x86_64: [ 88.461810] usb 3-1.5: new full-speed USB device number 3 using ehci-pci [ 88.631979] usbcore: registered new interface driver usbserial [ 88.631991] usbcore: registered new interface driver usbserial_generic [ 88.632000] usbserial: USB Serial support registered for generic [ 88.632439] usbcore: registered new interface driver symbolserial [ 88.632450] usbserial: USB Serial support registered for symbol [ 88.632463] symbolserial 3-1.5:1.0: symbol converter detected [ 88.632532] usb 3-1.5: symbol converter now attached to ttyUSB0 [ 88.711811] BUG: unable to handle kernel NULL pointer dereference at (null) [ 88.728682] IP: [<ffffffff8150b09a>] _raw_spin_lock_irqsave+0x2a/0x80 [ 88.737141] PGD 42887a067 PUD 429e56067 PMD 0 [ 88.745398] Oops: 0002 [#1] SMP [ 88.753385] Modules linked in: symbolserial usbserial nvidia(PO) drm vhost_net tun vhost macvtap macvlan bnep kvm_intel uinput kvm bluetooth af_packet vboxnetadp(O) vboxnetflt(O) pci_stub vboxpci(O) ipv6 vboxdrv(O) hid_generic usbhid hid snd_hda_codec_hdmi snd_hda_codec_realtek xhci_hcd eeepc_wmi asus_wmi i2c_i801 sparse_keymap ehci_pci rfkill snd_hda_intel snd_hda_codec ehci_hcd hwmon usbcore iTCO_wdt snd_hwdep snd_pcm iTCO_vendor_support usb_common snd_page_alloc sr_mod i2c_core r8169 cdrom lpc_ich mii pcspkr mxm_wmi processor wmi video snd_seq_midi snd_seq_midi_event snd_seq snd_rawmidi snd_seq_device snd_timer snd soundcore button dm_mod ext4 crc16 mbcache jbd2 sd_mod crc_t10dif crct10dif_common ahci libahci libata evdev scsi_mod autofs4 [ 88.821371] CPU: 0 PID: 978 Comm: ModemManager Tainted: P O 3.12.16-std-def-alt1 #1 [ 88.830388] Hardware name: System manufacturer System Product Name/P8Z68-V LX, BIOS 0703 10/21/2011 [ 88.848247] task: ffff880428f260c0 ti: ffff880428f9a000 task.ti: ffff880428f9a000 [ 88.857460] RIP: 0010:[<ffffffff8150b09a>] [<ffffffff8150b09a>] _raw_spin_lock_irqsave+0x2a/0x80 [ 88.866921] RSP: 0018:ffff880428f9baf0 EFLAGS: 00010086 [ 88.876318] RAX: 0000000000000282 RBX: 0000000000000000 RCX: 0000000000000002 [ 88.885827] RDX: 0000000000000200 RSI: ffff880428bd6000 RDI: 0000000000000000 [ 88.895389] RBP: ffff880428f9bb08 R08: 0000000000000282 R09: 00000000002ffeb4 [ 88.904926] R10: 0000000000004328 R11: 0000000000000000 R12: ffff880428bd6000 [ 88.914412] R13: ffff880428bd6008 R14: ffff880418542800 R15: ffff880418542800 [ 88.923894] FS: 00007ffa58c227c0(0000) GS:ffff88043f400000(0000) knlGS:0000000000000000 [ 88.933627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.943270] CR2: 0000000000000000 CR3: 0000000428bfa000 CR4: 00000000000407f0 [ 88.953043] Stack: [ 88.962758] ffffffffa03f103c ffff880418a8a7e8 ffff880418a8a780 ffff880428f9bb48 [ 88.972876] ffffffffa0586325 ffff880428f9bb48 ffffffff8137948c ffff880428bd6008 [ 88.983015] ffff880418542800 ffff880428bd6110 ffff88042a9da080 ffff880428f9bb88 [ 88.993168] Call Trace: [ 89.003256] [<ffffffffa03f103c>] ? symbol_open+0x1c/0x70 [symbolserial] [ 89.013604] [<ffffffffa0586325>] serial_port_activate+0x75/0xa0 [usbserial] [ 89.023950] [<ffffffff8137948c>] ? tty_port_tty_set+0x6c/0xb0 [ 89.034236] [<ffffffff81379bfe>] tty_port_open+0xae/0x170 [ 89.044421] [<ffffffff8137019a>] ? tty_init_dev+0xaa/0x1d0 [ 89.054385] [<ffffffffa05865ed>] serial_open+0x1d/0x20 [usbserial] [ 89.064191] [<ffffffff81370a65>] tty_open+0x165/0x5c0 [ 89.073861] [<ffffffff8119c026>] chrdev_open+0x96/0x1c0 [ 89.083415] [<ffffffff81195313>] do_dentry_open+0x203/0x290 [ 89.092961] [<ffffffff8119bf90>] ? cdev_put+0x30/0x30 [ 89.102318] [<ffffffff811953d0>] finish_open+0x30/0x40 [ 89.111419] [<ffffffff811a67d6>] do_last+0x6d6/0xf80 [ 89.120265] [<ffffffff811a713d>] path_openat+0xbd/0x670 [ 89.128866] [<ffffffff811a2bab>] ? getname_flags.part.25+0x2b/0x140 [ 89.137316] [<ffffffff811a7f1e>] do_filp_open+0x3e/0xa0 [ 89.145468] [<ffffffff811b422e>] ? __alloc_fd+0xce/0x120 [ 89.153346] [<ffffffff81196837>] do_sys_open+0x137/0x220 [ 89.160963] [<ffffffff8119693d>] SyS_open+0x1d/0x20 [ 89.168362] [<ffffffff81513987>] tracesys+0xdd/0xe2 [ 89.175500] Code: 00 48 83 3d 68 fa 28 00 00 74 30 9c 58 66 66 90 66 90 48 83 3d 67 fa 28 00 00 49 89 c0 74 4a fa 66 66 90 66 66 90 ba 00 02 00 00 <f0> 66 0f c1 17 0f b6 ce 38 d1 75 06 4c 89 c0 c3 0f 0b 83 e1 fe [ 89.197496] RIP [<ffffffff8150b09a>] _raw_spin_lock_irqsave+0x2a/0x80 [ 89.204639] RSP <ffff880428f9baf0> [ 89.211646] CR2: 0000000000000000 [ 89.218652] ---[ end trace 39155a05d64827ec ]---
On Mon, Apr 14, 2014 at 10:48:18AM +0000, bugzilla-daemon@bugzilla.kernel.org wrote: > https://bugzilla.kernel.org/show_bug.cgi?id=74041 > > Bug ID: 74041 > Summary: kernel NULL pointer dereference in symbolserial We can't take patches through bugzilla, please resend it to the linux-usb@vger.kernel.org mailing list after reading Documentation/SubmittingPatches for what the proper format is to send it in.