Re: [linux-2.6.5] oops when plugging CDC USB network

From: Gerald Schaefer
Date: Tue May 11 2004 - 11:38:44 EST

Next message: John Bradford: "Re: dynamic allocation of swap disk space"
Previous message: Justin Cormack: "Re: sata_sil bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Daniel Blueman wrote:
> Unable to handle kernel NULL pointer dereference at virtual address 00000004
> printing eip:
> c028ff64
> *pde = 00000000
> Oops: 0000 [#1]
> DEBUG_PAGEALLOC
> CPU: 0
> EIP: 0060:[<c028ff64>] Not tainted
> EFLAGS: 00010296 (2.6.5)
> EIP is at usb_disable_interface+0x14/0x50
> eax: df3a4ef8 ebx: 00000000 ecx: 00000000 edx: dffdaf38
> esi: 00000001 edi: 00000000 ebp: df3aabf8 esp: df98bcfc
> ds: 007b es: 007b ss: 0068
> Process khubd (pid: 5, threadinfo=df98a000 task=df9bb9e0)
> Stack: 00000001 0000000b 00000001 00000001 df3d5d94 df3aabf8 c0290257
> df3aabf8
> df3a4ef8 0000000b 00000001 00000001 00000001 00000000 00000000
> 00001388
> 00000000 df3a4ef8 df3d5d94 df3d5d94 df3d5d44 00000001 c029e301
> df3aabf8
> Call Trace:
> [<c0290257>] usb_set_interface+0xb7/0x1a0

I had the same problem with my USB DSL Modem. After looking at
usb_set_interface() I noticed that iface->cur_altsetting is set
after calling usb_disable_interface(), although iface->cur_altsetting
is being accessed at the beginning of usb_disable_interface().

The following patch solved my problem, maybe it helps you too (the
patch is for 2.6.6, but my problem also existed in 2.6.5).
I am however not at all familiar with the USB kernel code, so it may
be a good idea to wait for a comment on this patch from someone who is...

--
Gerald

--- linux-2.6.6/drivers/usb/core/message.c 2004-05-11 18:11:52.000000000 +0200
+++ linux-2.6.6-new/drivers/usb/core/message.c 2004-05-11 18:15:53.000000000 +0200
@@ -965,9 +965,8 @@
*/

/* prevent submissions using previous endpoint settings */
- usb_disable_interface(dev, iface);
-
iface->cur_altsetting = alt;
+ usb_disable_interface(dev, iface);

/* If the interface only has one altsetting and the device didn't
* accept the request, we attempt to carry out the equivalent action
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Bradford: "Re: dynamic allocation of swap disk space"
Previous message: Justin Cormack: "Re: sata_sil bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]