On Thu, Aug 19, 2021 at 11:56:59AM +0000, Chunfeng Yun (云春峰) wrote: > Hi Greg, > > On Thu, 2021-08-05 at 13:37 +0800, Ikjoon Jang wrote: > > xhci-mtk depends on xhci's internal virt_dev when it retrieves its > > internal data from usb_host_endpoint both in add_endpoint and > > drop_endpoint callbacks. But when setup packet was retired by > > transaction errors in xhci_setup_device() path, a virt_dev for the > > slot > > is newly created with real_port 0. This leads to xhci-mtks's NULL > > pointer > > dereference from drop_endpoint callback as xhci-mtk assumes that > > virt_dev's > > real_port is always started from one. The similar problems were > > addressed > > by [1] but that can't cover the failure cases from setup_device. > > > > This patch drops the usages of xhci's virt_dev in xhci-mtk's > > drop_endpoint > > callback by adopting rhashtable for searching mtk's schedule entity > > from a given usb_host_endpoint pointer instead of searching a linked > > list. > > So mtk's drop_endpoint callback doesn't have to rely on virt_dev at > > all. > > > > [1] > > https://lore.kernel.org/r/1617179142-2681-2-git-send-email-chunfeng.yun@xxxxxxxxxxxx > > > > Signed-off-by: Ikjoon Jang <ikjn@xxxxxxxxxxxx> > > --- > > > > drivers/usb/host/xhci-mtk-sch.c | 140 ++++++++++++++++++---------- > > ---- > > drivers/usb/host/xhci-mtk.h | 15 ++-- > > 2 files changed, 86 insertions(+), 69 deletions(-) > > > > diff --git a/drivers/usb/host/xhci-mtk-sch.c b/drivers/usb/host/xhci- > > mtk-sch.c > > index cffcaf4dfa9f..f9b4d27ce449 100644 > > --- a/drivers/usb/host/xhci-mtk-sch.c > > +++ b/drivers/usb/host/xhci-mtk-sch.c > > > > I see the patch is already in usb-next branch, but find some new bugs > introduced after I test it (one NULL point dereference oops, two memory > leakage due to no error handling). > What do I need to do? revert this patch then send new version or just > send fix patches? Which ever you want to do is fine with me. thanks, greg k-h
