2010-11-01 15:56:29

by Dmitry Artamonow

[permalink] [raw]
Subject: [PATCH] USB: gadget: fix ethernet gadget crash in gether_setup

Crash is triggered by commit e6484930d7 ("net: allocate tx queues in
register_netdevice"), which moved tx netqueue creation into register_netdev.
So now calling netif_stop_queue() before register_netdev causes an oops.
Move netif_stop_queue() after net device registration to fix crash.

Signed-off-by: Dmitry Artamonow <[email protected]>
---
drivers/usb/gadget/u_ether.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/drivers/usb/gadget/u_ether.c b/drivers/usb/gadget/u_ether.c
index 6bb876d..cb23355 100644
--- a/drivers/usb/gadget/u_ether.c
+++ b/drivers/usb/gadget/u_ether.c
@@ -797,7 +797,6 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
* - iff DATA transfer is active, carrier is "on"
* - tx queueing enabled if open *and* carrier is "on"
*/
- netif_stop_queue(net);
netif_carrier_off(net);

dev->gadget = g;
@@ -812,6 +811,7 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
INFO(dev, "MAC %pM\n", net->dev_addr);
INFO(dev, "HOST MAC %pM\n", dev->host_mac);

+ netif_stop_queue(net);
the_dev = dev;
}

--
1.7.0.4


2010-11-01 16:16:46

by Michał Mirosław

[permalink] [raw]
Subject: Re: [PATCH] USB: gadget: fix ethernet gadget crash in gether_setup

2010/10/28 Dmitry Artamonow <[email protected]>:
> Crash is triggered by commit e6484930d7 ("net: allocate tx queues in
> register_netdevice"), which moved tx netqueue creation into register_netdev.
> So now calling netif_stop_queue() before register_netdev causes an oops.
> Move netif_stop_queue() after net device registration to fix crash.
>
> Signed-off-by: Dmitry Artamonow <[email protected]>
> ---
> ?drivers/usb/gadget/u_ether.c | ? ?2 +-
> ?1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/usb/gadget/u_ether.c b/drivers/usb/gadget/u_ether.c
> index 6bb876d..cb23355 100644
> --- a/drivers/usb/gadget/u_ether.c
> +++ b/drivers/usb/gadget/u_ether.c
> @@ -797,7 +797,6 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
> ? ? ? ? * ?- iff DATA transfer is active, carrier is "on"
> ? ? ? ? * ?- tx queueing enabled if open *and* carrier is "on"
> ? ? ? ? */
> - ? ? ? netif_stop_queue(net);
> ? ? ? ?netif_carrier_off(net);
>
> ? ? ? ?dev->gadget = g;
> @@ -812,6 +811,7 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
> ? ? ? ? ? ? ? ?INFO(dev, "MAC %pM\n", net->dev_addr);
> ? ? ? ? ? ? ? ?INFO(dev, "HOST MAC %pM\n", dev->host_mac);
>
> + ? ? ? ? ? ? ? netif_stop_queue(net);
> ? ? ? ? ? ? ? ?the_dev = dev;
> ? ? ? ?}
>

What about a race between register_netdev() -> open() -> rest of
gether_setup() ? What is this netif_stop_queue() here needed for?

Best Regards,
Micha? Miros?aw

2010-11-01 16:22:25

by David Miller

[permalink] [raw]
Subject: Re: [PATCH] USB: gadget: fix ethernet gadget crash in gether_setup

From: Michał Mirosław <[email protected]>
Date: Mon, 1 Nov 2010 17:16:39 +0100

> 2010/10/28 Dmitry Artamonow <[email protected]>:
>> Crash is triggered by commit e6484930d7 ("net: allocate tx queues in
>> register_netdevice"), which moved tx netqueue creation into register_netdev.
>> So now calling netif_stop_queue() before register_netdev causes an oops.
>> Move netif_stop_queue() after net device registration to fix crash.
>>
>> Signed-off-by: Dmitry Artamonow <[email protected]>
>> ---
>>  drivers/usb/gadget/u_ether.c |    2 +-
>>  1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/drivers/usb/gadget/u_ether.c b/drivers/usb/gadget/u_ether.c
>> index 6bb876d..cb23355 100644
>> --- a/drivers/usb/gadget/u_ether.c
>> +++ b/drivers/usb/gadget/u_ether.c
>> @@ -797,7 +797,6 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
>>         *  - iff DATA transfer is active, carrier is "on"
>>         *  - tx queueing enabled if open *and* carrier is "on"
>>         */
>> -       netif_stop_queue(net);
>>        netif_carrier_off(net);
>>
>>        dev->gadget = g;
>> @@ -812,6 +811,7 @@ int gether_setup(struct usb_gadget *g, u8 ethaddr[ETH_ALEN])
>>                INFO(dev, "MAC %pM\n", net->dev_addr);
>>                INFO(dev, "HOST MAC %pM\n", dev->host_mac);
>>
>> +               netif_stop_queue(net);
>>                the_dev = dev;
>>        }
>>
>
> What about a race between register_netdev() -> open() -> rest of
> gether_setup() ? What is this netif_stop_queue() here needed for?

Nothing, it should be completely removed.
????{.n?+???????+%?????ݶ??w??{.n?+????{??G?????{ay?ʇڙ?,j??f???h?????????z_??(?階?ݢj"???m??????G????????????&???~???iO???z??v?^?m???? ????????I?