Hi, I put a printk before the check and this is what I got udc: at91_udc version 3 May 2006 g_ether gadget: using random host ethernet address usb0: MAC a2:46:1a:43:ea:9f usb0: HOST MAC de:bd:69:82:1d:68 g_ether gadget: Ethernet Gadget, version: Memorial Day 2008 g_ether gadget: g_ether ready TCP: cubic registered NET: Registered protocol family 17 input: gpio-keys as /devices/platform/gpio-keys/input/input0 g_ether gadget: full-speed config #2: RNDIS In at91_ep_enable. desc=c38a2350, ep->ep.desc=c38a2350 bad ep or descriptor In at91_ep_enable. desc=c38a2360, ep->ep.desc=c38a2360 bad ep or descriptor ------------[ cut here ]------------ WARNING: at drivers/usb/gadget/u_ether.c:941 rndis_disable+0x28/0x48() [<c000dd68>] (unwind_backtrace+0x0/0xe4) from [<c00150c0>] (warn_slowpath_common+0x48/0x60) [<c00150c0>] (warn_slowpath_common+0x48/0x60) from [<c001517c>] (warn_slowpath_null+0x18/0x1c) [<c001517c>] (warn_slowpath_null+0x18/0x1c) from [<c0129004>] (rndis_disable+0x28/0x48) [<c0129004>] (rndis_disable+0x28/0x48) from [<c0125490>] (reset_config.clone.32+0x30/0x5c) [<c0125490>] (reset_config.clone.32+0x30/0x5c) from [<c0126bfc>] (composite_setup+0x6cc/0xa0c) [<c0126bfc>] (composite_setup+0x6cc/0xa0c) from [<c0123c5c>] (at91_udc_irq+0x5dc/0x79c) [<c0123c5c>] (at91_udc_irq+0x5dc/0x79c) from [<c0040efc>] (handle_irq_event_percpu+0x30/0x1a0) [<c0040efc>] (handle_irq_event_percpu+0x30/0x1a0) from [<c0041094>] (handle_irq_event+0x28/0x38) [<c0041094>] (handle_irq_event+0x28/0x38) from [<c004308c>] (handle_level_irq+0xbc/0xcc) [<c004308c>] (handle_level_irq+0xbc/0xcc) from [<c004093c>] (generic_handle_irq+0x30/0x44) [<c004093c>] (generic_handle_irq+0x30/0x44) from [<c000a0b4>] (handle_IRQ+0x60/0x98) [<c000a0b4>] (handle_IRQ+0x60/0x98) from [<c0008e38>] (__irq_svc+0x38/0x60) [<c0008e38>] (__irq_svc+0x38/0x60) from [<c000a1b0>] (default_idle+0x2c/0x34) [<c000a1b0>] (default_idle+0x2c/0x34) from [<c000a2cc>] (cpu_idle+0x7c/0xdc) [<c000a2cc>] (cpu_idle+0x7c/0xdc) from [<c02186c8>] (start_kernel+0x23c/0x27c) [<c02186c8>] (start_kernel+0x23c/0x27c) from [<20008040>] (0x20008040) ---[ end trace 23c64a1fe388174b ]--- This is after reverting commit f3d8bf34c2c925867322197096ed501ceab8085a but without changing the "|| !desc || ep->ep.desc" line in at91_udc.c Either removing the line as Fabio suggested or adding the ! makes it work. As soon as i have time i will try to figure out why the above warning happens. Best regards, Mário Isidoro -----Original Message----- From: Sebastian Andrzej Siewior [mailto:sebastian@xxxxxxxxxxxxx] Sent: terça-feira, 10 de Julho de 2012 16:37 To: Mario Jorge Isidoro Cc: Fabio Porcedda; Sebastian Andrzej Siewior; balbi@xxxxxx; gregkh@xxxxxxxxxxxxxxxxxxx; linux-usb@xxxxxxxxxxxxxxx; Nicolas Ferre; Ido Shayevitz; Jean-Christophe PLAGNIOL-VILLARD Subject: Re: NULL pointer dereference in at91_udc on start of connection On Tue, Jul 10, 2012 at 03:54:06PM +0100, Mario Jorge Isidoro wrote: > I've found that the following change also works, if someone doesn't want to simply eliminate the check > diff --git a/drivers/usb/gadget/at91_udc.c b/drivers/usb/gadget/at91_udc.c > index 7687ccd..33a6999 100644 > --- a/drivers/usb/gadget/at91_udc.c > +++ b/drivers/usb/gadget/at91_udc.c > @@ -475,7 +475,7 @@ static int at91_ep_enable(struct usb_ep *_ep, > unsigned long flags; > > if (!_ep || !ep > - || !desc || ep->ep.desc > + || !desc || !ep->ep.desc This check ensures that you do not try to enable an endpoint twice. Once enabled, ep->ep.desc should be set. > || _ep->name == ep0name ep.desc is always NULL for ep0 and this one should not be enabled. Therefore you have this check here. > || desc->bDescriptorType != USB_DT_ENDPOINT > || (maxpacket = usb_endpoint_maxp(desc)) == 0 That means with this change you should not get any endpoints enabled and it should not work at all. Can you acknowledge this? The crash happens in composite_setup() mind to figure out what is beeing accessed here? > Best regards, > Mário Isidoro > Sebastian -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
