Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752105Ab0HRJNk (ORCPT ); Wed, 18 Aug 2010 05:13:40 -0400 Received: from mail-wy0-f174.google.com ([74.125.82.174]:43623 "EHLO mail-wy0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750757Ab0HRJNg convert rfc822-to-8bit (ORCPT ); Wed, 18 Aug 2010 05:13:36 -0400 DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding; b=UVSHM9GMmrC7mtqpIsrMVNp1WpWOpa8nFPS76s20dN55KnR3SqT5TIKT7peCO7Oi22 Mspq1F5ZH2Kq21T7sEqTW/ZZDtSOnvS6BUi0r0baWB6DVM4s9dtjbE2kOuuiGe7fOrQM iR3Zqd8w47DdNot52ya7YFdjuPZj1QwbKAROE= MIME-Version: 1.0 Reply-To: trapdoor6@gmail.com In-Reply-To: References: <201008180325.17816.rjw@sisk.pl> Date: Wed, 18 Aug 2010 10:13:35 +0100 Message-ID: Subject: Re: [REGRESSION, bisected] 2.6.36-rc1 - suspend issues From: trapDoor To: Jiri Kosina Cc: osnix0@googlemail.com, andrea.gelmini@gelma.net, "Rafael J. Wysocki" , LKML , arnd@arndb.de, trapDoor Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 4166 Lines: 101 On Wed, Aug 18, 2010 at 9:46 AM, Jiri Kosina wrote: > On Wed, 18 Aug 2010, trapDoor wrote: > >> > Could you please verify whether the patch below (which is currently queued >> > in my tree and I am planning to push it to Linus soon, as it fixes memory >> > corruption) fixes your issue? Thanks. >> > >> > commit 9c9e54a8df0be48aa359744f412377cc55c3b7d2 >> > Author: Jiri Kosina >> > Date: ? Fri Aug 13 12:19:45 2010 +0200 >> > >> > ? ?HID: hiddev: fix memory corruption due to invalid intfdata >> > >> > ? ?Commit bd25f4dd6972755579d0 ("HID: hiddev: use usb_find_interface, >> > ? ?get rid of BKL") introduced using of private intfdata in hiddev for >> > ? ?purpose of storing hiddev pointer. >> > >> > ? ?This is a problem, because intf pointer is already being set to struct >> > ? ?hid_device pointer by HID core. This obviously lead to memory corruptions >> > ? ?at device disconnect time, such as >> > >> > ? ?WARNING: at lib/kobject.c:595 kobject_put+0x37/0x4b() >> > ? ?kobject: '(null)' (ffff88011e9cd898): is not initialized, yet kobject_put() is being called. >> > >> > ? ?Convert hiddev into accessing hiddev through struct hid_device which is >> > ? ?in intfdata already. >> > >> > ? ?Reported-and-tested-by: Markus Trippelsdorf >> > ? ?Reported-and-tested-by: Heinz Diehl >> > ? ?Reported-and-tested-by: Alan Ott >> > ? ?Signed-off-by: Jiri Kosina >> > >> > diff --git a/drivers/hid/usbhid/hiddev.c b/drivers/hid/usbhid/hiddev.c >> > index f285017..0a29c51 100644 >> > --- a/drivers/hid/usbhid/hiddev.c >> > +++ b/drivers/hid/usbhid/hiddev.c >> > @@ -266,13 +266,15 @@ static int hiddev_open(struct inode *inode, struct file *file) >> > ?{ >> > ? ? ? ?struct hiddev_list *list; >> > ? ? ? ?struct usb_interface *intf; >> > + ? ? ? struct hid_device *hid; >> > ? ? ? ?struct hiddev *hiddev; >> > ? ? ? ?int res; >> > >> > ? ? ? ?intf = usb_find_interface(&hiddev_driver, iminor(inode)); >> > ? ? ? ?if (!intf) >> > ? ? ? ? ? ? ? ?return -ENODEV; >> > - ? ? ? hiddev = usb_get_intfdata(intf); >> > + ? ? ? hid = usb_get_intfdata(intf); >> > + ? ? ? hiddev = hid->hiddev; >> > >> > ? ? ? ?if (!(list = kzalloc(sizeof(struct hiddev_list), GFP_KERNEL))) >> > ? ? ? ? ? ? ? ?return -ENOMEM; >> > @@ -890,7 +892,6 @@ int hiddev_connect(struct hid_device *hid, unsigned int force) >> > ? ? ? ?hid->hiddev = hiddev; >> > ? ? ? ?hiddev->hid = hid; >> > ? ? ? ?hiddev->exist = 1; >> > - ? ? ? usb_set_intfdata(usbhid->intf, usbhid); >> > ? ? ? ?retval = usb_register_dev(usbhid->intf, &hiddev_class); >> > ? ? ? ?if (retval) { >> > ? ? ? ? ? ? ? ?err_hid("Not able to get a minor for this device."); >> > >> >> Yes. That patch fixes my problem too. Tested on top of the current >> tree [2.6.36-rc1-00051-g3b89f56]. Thanks! > > Thanks a lot for prompt testing. > >> One little thing though. There is a message about 2 lines offset when >> patching. Succeeded anyway but I've never got such messages before so >> I thought it would be better to mention it: >> >> patch -p1 <../patches/hid.git-9c9e54a8df0be48aa359744f412377cc55c3b7d2.patch >> patching file drivers/hid/usbhid/hiddev.c >> Hunk #2 succeeded at 890 (offset -2 lines). >> >> I downloaded the patch from >> http://git.kernel.org/?p=linux/kernel/git/jikos/hid.git;a=commitdiff;h=9c9e54a8df0be48aa359744f412377cc55c3b7d2 >> to make sure I had the original indentations etc. preserved (Gmail >> tends to mess up with lines). > > Yeah, that's fine. It just means that the patch has been generated on a > slightly different version of the file, which makes the line numbers be > off a bit, but patch, git and friends can cope with this easily. > Thanks for confirming. Andrea, Gabriel Would you please check if Jiri's patch solves the problem on your end as well? Just to make 100% sure we can close related bugzilla call. -- Regards Tomasz B. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/