On Thu, Aug 04, 2016 at 10:15:33PM +0200, Ladislav Michl wrote: > On Thu, Aug 04, 2016 at 06:59:30AM +0200, Greg Kroah-Hartman wrote: > > On Wed, Aug 03, 2016 at 09:06:25AM +0200, Ladislav Michl wrote: > > > Yes, also was lacking proper description and signoff. So, I'm considering > > > ioctls based approach okay, although that question (the only one I really > > > had) was never answered. > > > > > > After re-reading specifications [*] I decided to allow arbitrary MsgID > > > selection, as USB488 adds MsgID=TRIGGER (128) and other subclass > > > specifications may add other values. > > > > > > [*] http://www.usb.org/developers/docs/devclass_docs/USBTMC_1_006a.zip > > > > > > After sorting out all eventual objections, patch bellow will be turned > > > into proper one. > > > > Looks reasonable to me. > > After all, it is not that reasonable. Spec does not define anything like > EOM or TermCharEnabled bits in bmTransferAttributes nor TermChar field > in vendor specific messages - usbtmc_read and usbtmc_write are using > these fields when concatenating usb transfers. I'll need to think a bit > more about it... Hmm, sorry for a delay, I was working on something else for a while. So far using libusb seems to be better approach, but I do not want to leave bugs I know about unfixed, so here we go... > Meanwhile, there's a small race condition, which needs to be fixed first. > When device is disconnected there's a chance usbtmc_read tries to lock > already destroyd mutex, see bellow. Fix will come later in separate patch. Problem comes with commit e6c7efdcb76f11b04e3d3f71c8d764ab75c9423b (usbtmc: convert to devm_kzalloc). As memory allocated with devm_kzalloc is automatically freed on driver detach, later call to usbtmc_read will crash as bellow. Anyone has better fix than reverting that patch? > Unable to handle kernel NULL pointer dereference at virtual address 00000008 > pgd = cd55c000 > [00000008] *pgd=8d52e831, *pte=00000000, *ppte=00000000 > Internal error: Oops: 17 [#1] ARM > Modules linked in: usbtmc ppp_deflate bsd_comp ppp_async crc_ccitt ppp_generic slhc cpufreq_dt udlfb syscopyarea sysfillrect sysimgblt fb_sys_fops omap_aes omap_sham crypto_engine omap_mailbox option cdc_acm usb_wwan usbserial usb_storage scsi_mod > CPU: 0 PID: 205 Comm: tvm3 Tainted: G W 4.6.0 #1 > Hardware name: Generic OMAP36xx (Flattened Device Tree) > task: ce2ae700 ti: ce1e2000 task.ti: ce1e2000 > PC is at __bfs+0x11c/0x23c > LR is at warn_slowpath_null+0x1c/0x24 > pc : [<c014fb48>] lr : [<c012825c>] psr: 60010093 > sp : ce1e3d30 ip : 00000000 fp : c0a76388 > r10: 00000000 r9 : ce1e3d74 r8 : c0a72398 > r7 : ce1e3d70 r6 : c0a76388 r5 : c0c433f4 r4 : c0a72398 > r3 : 00000200 r2 : e55130aa r1 : c0951cd0 r0 : 00000000 > Flags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment none > Control: 10c5387d Table: 8d55c019 DAC: 00000051 > Process tvm3 (pid: 205, stack limit = 0xce1e2210) > Stack: (0xce1e3d30 to 0xce1e4000) > 3d20: ce1e4000 c014f928 00000000 e55130aa > 3d40: 00000003 00000001 ce2aeab0 ce2ae700 c073ceee 00000000 00000000 c0151090 > 3d60: 00000000 c015113c 00000000 c0c99af8 ce2aeab0 c010adc4 c0c4333c c0c432fc > 3d80: 00000000 00000000 00000000 ce1e3fa8 c01074a0 00000000 00000072 00000001 > 3da0: 00000002 ce2aeab0 c0603f60 ce2ae700 00000000 c0151cc4 ce2ae700 00000000 > 3dc0: 3c48dade 0000001e 00000001 ce103300 ce2ae700 c0152c88 00000000 ce2a0030 > 3de0: ce2aeab0 00000000 00000100 c0151fcc ce2ae700 00000001 c01c6a8c 001a9ca0 > 3e00: ce800000 c0152174 cd4e5980 a0010013 cfc7cf7c c01c6a8c 00000000 ce245420 > 3e20: 00000003 00000000 60010013 00000001 c10ed4ec ce2ae700 ce1e2000 00000000 > 3e40: 00000100 c015470c 00000001 00000000 00000000 bf14d88c 00000000 00000000 > 3e60: cd5a5a60 bf14d840 ce20c800 c05a8c94 00000001 00000000 bf14d88c a0010013 > 3e80: c0107644 c0152174 ce20c800 ce800300 cd5a5a10 bf14d840 ce20c800 c10f5cc8 > 3ea0: c0107644 ce1e2000 00000000 bf14d88c ce2aeab0 00000001 00000051 00000000 > 3ec0: b2afeb60 cd5a5a60 ce1e3f88 00000001 000670f1 c0f3c608 00000000 cd5a7a00 > 3ee0: bf14d840 ce1e3f88 b2afeb60 c0107644 ce1e2000 00000000 00000000 c01cc0b8 > 3f00: 00000000 c02e34f0 00000000 00000000 00000c00 00000000 cd5a7a00 00000100 > 3f20: 00000000 c01ccb40 00004000 c0943184 00000038 00000000 00000000 b2afeb60 > 3f40: cd5a7a00 ce1e3f88 b2afeb60 b2afeb60 cd5a7a00 ce1e3f88 b2afeb60 c01ccc58 > 3f60: cd5a7a00 b2afeb60 00000100 cd5a7a00 cd5a7a01 00000100 b2afeb60 c0107644 > 3f80: ce1e2000 c01cd834 00000c00 00000000 00000100 0000000e ffffffff 000a8050 > 3fa0: 00000003 c01074a0 0000000e ffffffff 0000000e b2afeb60 00000100 00000000 > 3fc0: 0000000e ffffffff 000a8050 00000003 000a8054 000a67cc 0008e3b4 00000000 > 3fe0: 00000000 b2afeb40 00000000 b6d48b60 80010030 0000000e 8fef6861 8fef6c61 > [<c014fb48>] (__bfs) from [<c015113c>] (check_usage_backwards+0xac/0x140) > [<c015113c>] (check_usage_backwards) from [<c0151cc4>] (mark_lock+0x36c/0x618) > [<c0151cc4>] (mark_lock) from [<c0152c88>] (__lock_acquire+0x880/0x1b88) > [<c0152c88>] (__lock_acquire) from [<c015470c>] (lock_acquire+0x70/0x90) > [<c015470c>] (lock_acquire) from [<c05a8c94>] (mutex_lock_nested+0x3c/0x314) > [<c05a8c94>] (mutex_lock_nested) from [<bf14d88c>] (usbtmc_read+0x4c/0x4e8 [usbtmc]) > [<bf14d88c>] (usbtmc_read [usbtmc]) from [<c01cc0b8>] (__vfs_read+0x20/0xcc) > [<c01cc0b8>] (__vfs_read) from [<c01ccc58>] (vfs_read+0x84/0xec) > [<c01ccc58>] (vfs_read) from [<c01cd834>] (SyS_read+0x40/0x80) > [<c01cd834>] (SyS_read) from [<c01074a0>] (ret_fast_syscall+0x0/0x1c) > Code: e30013af e58d200c ebff61be e59d200c (e59a1008) > ---[ end trace dd5c876458afcc20 ]--- > Kernel panic - not syncing: Fatal exception > -- > To unsubscribe from this list: send the line "unsubscribe linux-usb" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
