[PATCH] USB: gadget: g_ether: fix kernel panic in gether_setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: Ming Lei <tom.leiming@xxxxxxxxx>

Now tx queue of net_device is allocated in register_netdev,
so we should touch it(netif_stop_queue) after register_netdev
is OK.

The patch fixes the kernel panic below:

loading modules
[   29.649078] g_ether gadget: using random self ethernet address
[   29.655426] g_ether gadget: using random host ethernet address
[   29.661682] BUG: sleeping function called from invalid context at arch/arm/mm/fault.c:295
[   29.670257] in_atomic(): 0, irqs_disabled(): 128, pid: 546, name: insmod
[   29.677307] 1 lock held by insmod/546:
[   29.681243]  #0:  (&mm->mmap_sem){++++++}, at: [<c0423b90>] do_page_fault+0xb4/0x334
[   29.689422] irq event stamp: 7717
[   29.692932] hardirqs last  enabled at (7716): [<c0421d38>] __irq_svc+0x78/0xa0
[   29.700500] hardirqs last disabled at (7717): [<c0421270>] _raw_spin_lock_irqsave+0x2c/0x8c
[   29.709289] softirqs last  enabled at (7715): [<c0085060>] __do_softirq+0x140/0x188
[   29.717376] softirqs last disabled at (7708): [<c008514c>] irq_exit+0xa4/0xbc
[   29.724853] Backtrace:
[   29.727478] [<c0057324>] (dump_backtrace+0x0/0x110) from [<c041dfb0>] (dump_stack+0x18/0x1c)
[   29.736328]  r7:00000008 r6:c04e2fe0 r5:c6d8c000 r4:c78bf080
[   29.742309] [<c041df98>] (dump_stack+0x0/0x1c) from [<c007968c>] (__might_sleep+0x13c/0x140)
[   29.751190] [<c0079550>] (__might_sleep+0x0/0x140) from [<c0423d00>] (do_page_fault+0x224/0x334)
[   29.760437]  r6:00000017 r5:c6d8de08 r4:00000000
[   29.765319] [<c0423adc>] (do_page_fault+0x0/0x334) from [<c004733c>] (do_DataAbort+0x3c/0xa0)
[   29.774291] [<c0047300>] (do_DataAbort+0x0/0xa0) from [<c0421cac>] (__dabt_svc+0x4c/0x60)
[   29.782867] Exception stack(0xc6d8de08 to 0xc6d8de50)
[   29.788208] de00:                   bf006ca0 60000013 00000000 bf005f44 c7b1ee80 bf006c38
[   29.796783] de20: c7b1ee60 bf006ca0 c6dc0800 c6dc0dfd c6dc0d20 c6d8de7c 00000049 c6d8de50
[   29.805389] de40: 0049eb8a bf002254 60000093 ffffffff
[   29.810760] [<bf0020e8>] (gether_setup+0x0/0x220 [g_ether]) from [<bf00b02c>] (eth_bind+0x2c/0x200 [g_ether])
[   29.821258] [<bf00b000>] (eth_bind+0x0/0x200 [g_ether]) from [<bf005acc>] (composite_bind+0x18c/0x310 [g_ether])
[   29.831939]  r8:c7b1ee60 r7:bf006c38 r6:c06e84a4 r5:c72bc1c0 r4:bf006c38
[   29.839080] [<bf005940>] (composite_bind+0x0/0x310 [g_ether]) from [<c031ae00>] (usb_gadget_probe_driver+0xe8/0x2c0)
[   29.850158] [<c031ad18>] (usb_gadget_probe_driver+0x0/0x2c0) from [<bf00593c>] (usb_composite_probe+0x98/0x9c [g_ether])
[   29.861633] [<bf0058a4>] (usb_composite_probe+0x0/0x9c [g_ether]) from [<bf00b9d8>] (init+0x1c/0x24 [g_ether])
[   29.872131]  r5:000b9008 r4:000510e9
[   29.875915] [<bf00b9bc>] (init+0x0/0x24 [g_ether]) from [<c00473dc>] (do_one_initcall+0x3c/0x1c0)
[   29.885284] [<c00473a0>] (do_one_initcall+0x0/0x1c0) from [<c00bc9b8>] (sys_init_module+0xbc/0x1d0)
[   29.894805] [<c00bc8fc>] (sys_init_module+0x0/0x1d0) from [<c0053000>] (ret_fast_syscall+0x0/0x3c)
[   29.904205]  r7:00000080 r6:000510e9 r5:be991d14 r4:00097e8e
[   29.910217] Unable to handle kernel NULL pointer dereference at virtual address 00000008
[   29.918731] pgd = c6d94000
[   29.921569] [00000008] *pgd=86d5a031, *pte=00000000, *ppte=00000000
[   29.928192] Internal error: Oops: 17 [#1]
[   29.932403] last sysfs file: /sys/devices/platform/i2c_omap.3/i2c-3/i2c-dev/i2c-3/dev
[   29.940643] Modules linked in: g_ether(+)
[   29.944854] CPU: 0    Not tainted  (2.6.36-next-20101021+ #363)
[   29.951110] PC is at gether_setup+0x16c/0x220 [g_ether]
[   29.956573] LR is at 0x49eb8a
[   29.959686] pc : [<bf002254>]    lr : [<0049eb8a>]    psr: 60000093
[   29.959716] sp : c6d8de50  ip : 00000049  fp : c6d8de7c
[   29.971771] r10: c6dc0d20  r9 : c6dc0dfd  r8 : c6dc0800
[   29.977264] r7 : bf006ca0  r6 : c7b1ee60  r5 : bf006c38  r4 : c7b1ee80
[   29.984130] r3 : bf005f44  r2 : 00000000  r1 : 60000013  r0 : bf006ca0
[   29.990966] Flags: nZCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment user
[   29.998565] Control: 10c5387d  Table: 86d94019  DAC: 00000015
[   30.004608] Process insmod (pid: 546, stack limit = 0xc6d8c2f0)
[   30.010833] Stack: (0xc6d8de50 to 0xc6d8e000)
[   30.015411] de40:                                     00000000 bf006c38 c72bc1c0 c06e84a4
[   30.023986] de60: c72bc1c0 c7b1ee60 bf00b9bc c7b1ee80 c6d8deac c6d8de80 bf00b02c bf0020f4
[   30.032592] de80: c6d8deac c6d8de90 c00ff854 bf006c38 c72bc1c0 c06e84a4 bf006c38 c7b1ee60
[   30.041198] dea0: c6d8dedc c6d8deb0 bf005acc bf00b00c c00aec88 c00aea68 bf006a34 bf005940
[   30.049804] dec0: c7b1e180 c0c6ea54 80000013 c7b1ee60 c6d8df0c c6d8dee0 c031ae00 bf00594c
[   30.058380] dee0: c0421ad8 c00aec80 bf00b000 bf006c38 bf006b14 00000000 c0706ec0 00000000
[   30.066986] df00: c6d8df24 c6d8df10 bf00593c c031ad24 000510e9 000b9008 c6d8df34 c6d8df28
[   30.075592] df20: bf00b9d8 bf0058b0 c6d8df7c c6d8df38 c00473dc bf00b9c8 00000000 00000000
[   30.084167] df40: 00000000 000510e9 000b9008 bf006b14 00000000 000510e9 000b9008 bf006b14
[   30.092773] df60: 00000000 c00531c8 c6d8c000 00000000 c6d8dfa4 c6d8df80 c00bc9b8 c00473ac
[   30.101379] df80: c00aec88 c00aea68 00097e8e be991d14 000510e9 00000080 00000000 c6d8dfa8
[   30.109985] dfa0: c0053000 c00bc908 00097e8e be991d14 400f0008 000510e9 000b9008 00000001
[   30.118591] dfc0: 00097e8e be991d14 000510e9 00000080 00000000 be991d14 be991e1a 0000005b
[   30.127197] dfe0: be9919c0 be9919b0 0001a108 40301ec0 60000010 400f0008 00000000 00000000
[   30.135772] Backtrace:
[   30.138397] [<bf0020e8>] (gether_setup+0x0/0x220 [g_ether]) from [<bf00b02c>] (eth_bind+0x2c/0x200 [g_ether])
[   30.148864] [<bf00b000>] (eth_bind+0x0/0x200 [g_ether]) from [<bf005acc>] (composite_bind+0x18c/0x310 [g_ether])
[   30.159545]  r8:c7b1ee60 r7:bf006c38 r6:c06e84a4 r5:c72bc1c0 r4:bf006c38
[   30.166656] [<bf005940>] (composite_bind+0x0/0x310 [g_ether]) from [<c031ae00>] (usb_gadget_probe_driver+0xe8/0x2c0)
[   30.177764] [<c031ad18>] (usb_gadget_probe_driver+0x0/0x2c0) from [<bf00593c>] (usb_composite_probe+0x98/0x9c [g_ether])
[   30.189239] [<bf0058a4>] (usb_composite_probe+0x0/0x9c [g_ether]) from [<bf00b9d8>] (init+0x1c/0x24 [g_ether])
[   30.199737]  r5:000b9008 r4:000510e9
[   30.203521] [<bf00b9bc>] (init+0x0/0x24 [g_ether]) from [<c00473dc>] (do_one_initcall+0x3c/0x1c0)
[   30.212890] [<c00473a0>] (do_one_initcall+0x0/0x1c0) from [<c00bc9b8>] (sys_init_module+0xbc/0x1d0)
[   30.222412] [<c00bc8fc>] (sys_init_module+0x0/0x1d0) from [<c0053000>] (ret_fast_syscall+0x0/0x3c)
[   30.231811]  r7:00000080 r6:000510e9 r5:be991d14 r4:00097e8e
[   30.237823] Code: e58820d4 e59821c8 e10f1000 f10c0080 (e5923008)
[   30.244354] ---[ end trace e28ceaa3c9efe334 ]---
Segmentation fault

Cc: David Brownell <dbrownell@xxxxxxxxxxxxxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxx>
Cc: Tejun Heo <tj@xxxxxxxxxx>
Cc: Michal Nazarewicz <m.nazarewicz@xxxxxxxxxxx>
Cc: Andy Shevchenko <ext-andriy.shevchenko@xxxxxxxxx>
Cc: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Signed-off-by: Ming Lei <tom.leiming@xxxxxxxxx>
---
 drivers/usb/gadget/u_ether.c |   15 +++++++--------
 1 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/drivers/usb/gadget/u_ether.c b/drivers/usb/gadget/u_ether.c
index 6bb876d..30939aa 100644
--- a/drivers/usb/gadget/u_ether.c
+++ b/drivers/usb/gadget/u_ether.c
@@ -790,16 +790,8 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
 		memcpy(ethaddr, dev->host_mac, ETH_ALEN);
 
 	net->netdev_ops = &eth_netdev_ops;
-
 	SET_ETHTOOL_OPS(net, &ops);
 
-	/* two kinds of host-initiated state changes:
-	 *  - iff DATA transfer is active, carrier is "on"
-	 *  - tx queueing enabled if open *and* carrier is "on"
-	 */
-	netif_stop_queue(net);
-	netif_carrier_off(net);
-
 	dev->gadget = g;
 	SET_NETDEV_DEV(net, &g->dev);
 	SET_NETDEV_DEVTYPE(net, &gadget_type);
@@ -813,6 +805,13 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
 		INFO(dev, "HOST MAC %pM\n", dev->host_mac);
 
 		the_dev = dev;
+
+		/* two kinds of host-initiated state changes:
+		 *  - iff DATA transfer is active, carrier is "on"
+		 *  - tx queueing enabled if open *and* carrier is "on"
+		 */
+		netif_stop_queue(net);
+		netif_carrier_off(net);
 	}
 
 	return status;
-- 
1.7.3

--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux