leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11bdc44093
linux/drivers/net/wireless
History
Reyad Attiyat 11bdc44093 mwifiex: usb: Fix double add error when submitting rx urb 
There is an error that can occur where the driver adds the same URB to USB submission list twice.
This happens since mwifiex_usb_submit_rem_rx can submit packets at same time as an rx urb complete callback.
This causes list corruption and is fixed by not setting the skb to NULL when submitting an rx packet.

[   84.461242] WARNING: CPU: 1 PID: 748 at lib/list_debug.c:36 __list_add+0xcb/0xd0()
[   84.461245] list_add double add: new=ffff8800c92b0c50, prev=ffff8800c92b0c50, next=ffff8800ced6c430.
[   84.461247] Modules linked in: rfcomm fuse cmac nf_conntrack_netbios_ns nf_conntrack_broadcast ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ebtable_nat ebtable_broute bridge stp llc ebtable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw ip6table_filter ip6_tables iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack bnep iptable_mangle iptable_security iptable_raw btusb btintel bluetooth mwifiex_usb mwifiex x86_pkg_temp_thermal cfg80211 coretemp r8712u(C) kvm_intel kvm hid_sensor_als hid_sensor_incl_3d hid_sensor_rotation hid_sensor_magn_3d hid_sensor_accel_3d hid_sensor_gyro_3d hid_sensor_trigger hid_sensor_iio_common industrialio_triggered_buffer kfifo_buf rfkill iTCO_wdt industrialio iTCO_vendor_support
[   84.461316]  crc32_pclmul crc32c_intel ghash_clmulni_intel microcode snd_hda_codec_realtek vfat snd_hda_codec_generic fat snd_hda_codec_hdmi snd_hda_intel snd_hda_controller uvcvideo snd_hda_codec videobuf2_vmalloc videobuf2_memops snd_hwdep videobuf2_core snd_hda_core joydev v4l2_common videodev hid_sensor_hub snd_seq hid_multitouch media snd_seq_device snd_pcm snd_timer mei_me snd i2c_i801 lpc_ich mei soundcore tpm_infineon tpm_tis tpm i2c_hid i2c_designware_platform i2c_designware_core nfsd auth_rpcgss nfs_acl lockd grace sunrpc sch_fq_codel i915 i2c_algo_bit drm_kms_helper drm xhci_pci xhci_hcd ehci_pci sd_mod ehci_hcd video
[   84.461383] CPU: 1 PID: 748 Comm: kworker/u9:0 Tainted: G         C      4.1.0-rc5+ #163
[   84.461386] Hardware name: Microsoft Corporation Surface Pro 2/Surface Pro 2, BIOS 2.05.0250 04/10/2015
[   84.461396] Workqueue: MWIFIEX_RX_WORK_QUEUE mwifiex_rx_work_queue [mwifiex]
[   84.461399]  ffffffff81a8150e ffff8801174cf8e8 ffffffff817df830 0000000000000000
[   84.461405]  ffff8801174cf938 ffff8801174cf928 ffffffff810a54ba ffff8800c86bd750
[   84.461410]  ffff8800c92b0c50 ffff8800c92b0c50 ffff8800ced6c430 ffff88010c057178
[   84.461416] Call Trace:
[   84.461421]  [<ffffffff817df830>] dump_stack+0x4f/0x7b
[   84.461428]  [<ffffffff810a54ba>] warn_slowpath_common+0x8a/0xc0
[   84.461432]  [<ffffffff810a5536>] warn_slowpath_fmt+0x46/0x50
[   84.461436]  [<ffffffff814109fb>] __list_add+0xcb/0xd0
[   84.461442]  [<ffffffff815c551a>] ? usb_hcd_link_urb_to_ep+0x2a/0xa0
[   84.461446]  [<ffffffff815c5570>] usb_hcd_link_urb_to_ep+0x80/0xa0
[   84.461459]  [<ffffffffa004318a>] prepare_transfer+0xaa/0x130 [xhci_hcd]
[   84.461470]  [<ffffffffa0044cf7>] xhci_queue_bulk_tx+0xb7/0x7a0 [xhci_hcd]
[   84.461480]  [<ffffffffa003b67f>] ? xhci_urb_enqueue+0x50f/0x660 [xhci_hcd]
[   84.461489]  [<ffffffffa003b67f>] ? xhci_urb_enqueue+0x50f/0x660 [xhci_hcd]
[   84.461498]  [<ffffffffa003b735>] xhci_urb_enqueue+0x5c5/0x660 [xhci_hcd]
[   84.461503]  [<ffffffff815c7ad3>] usb_hcd_submit_urb+0x93/0xa70
[   84.461507]  [<ffffffff8168dde8>] ? __alloc_skb+0x78/0x1f0
[   84.461511]  [<ffffffff8168d301>] ? __kmalloc_reserve.isra.26+0x31/0x90
[   84.461515]  [<ffffffff8168ddbc>] ? __alloc_skb+0x4c/0x1f0
[   84.461519]  [<ffffffff8168ddfc>] ? __alloc_skb+0x8c/0x1f0
[   84.461523]  [<ffffffff8168badd>] ? skb_dequeue+0x5d/0x80
[   84.461527]  [<ffffffff815c987e>] usb_submit_urb+0x42e/0x5f0
[   84.461531]  [<ffffffff816931d9>] ? __alloc_rx_skb+0x39/0x100
[   84.461536]  [<ffffffffa05aa372>] mwifiex_usb_submit_rx_urb+0xb2/0x170 [mwifiex_usb]
[   84.461542]  [<ffffffffa05aa5f5>] mwifiex_usb_submit_rem_rx_urbs+0x45/0x50 [mwifiex_usb]
[   84.461550]  [<ffffffffa07094be>] mwifiex_rx_work_queue+0x10e/0x140 [mwifiex]
[   84.461556]  [<ffffffff810c4429>] process_one_work+0x229/0x890
[   84.461559]  [<ffffffff810c438c>] ? process_one_work+0x18c/0x890
[   84.461565]  [<ffffffff810c4ae3>] worker_thread+0x53/0x470
[   84.461569]  [<ffffffff810c4a90>] ? process_one_work+0x890/0x890
[   84.461572]  [<ffffffff810cb162>] kthread+0xf2/0x110
[   84.461577]  [<ffffffff811031ad>] ? trace_hardirqs_on+0xd/0x10
[   84.461581]  [<ffffffff810cb070>] ? kthread_create_on_node+0x230/0x230
[   84.461586]  [<ffffffff817e9662>] ret_from_fork+0x42/0x70
[   84.461590]  [<ffffffff810cb070>] ? kthread_create_on_node+0x230/0x230
[   84.461593] ---[ end trace 65103af5e6fb3444 ]---

Signed-off-by: Reyad Attiyat <reyad.attiyat@gmail.com>
Acked-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
2015-07-21 16:50:40 +03:00
..
ath Merge ath-next from ath.git. 2015-07-21 11:36:56 +03:00
b43 Major changes: 2015-06-23 01:03:18 -07:00
b43legacy mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
brcm80211 Major changes: 2015-06-23 01:03:18 -07:00
cw1200 wireless: cw1200: Remove redundant spi driver bus initialization 2015-07-21 16:43:46 +03:00
hostap wireless: Use eth_<foo>_addr instead of memset 2015-03-03 17:01:36 -05:00
ipw2x00 ipw2100: fix timeout bug - always evaluated to 0 2015-07-11 19:49:31 +03:00
iwlegacy mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
iwlwifi mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
libertas cfg80211: properly send NL80211_ATTR_DISCONNECTED_BY_AP in disconnect 2015-05-26 15:21:27 +02:00
libertas_tf Minor merge needed, due to function move. 2015-07-01 10:49:25 -07:00
mediatek Major changes: 2015-06-23 01:03:18 -07:00
mwifiex mwifiex: usb: Fix double add error when submitting rx urb 2015-07-21 16:50:40 +03:00
orinoco Lots of updates for net-next; along with the usual flurry 2015-03-31 16:39:04 -04:00
p54 mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
prism54
rsi mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
rt2x00 Major changes: 2015-06-23 01:03:18 -07:00
rtl818x mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
rtlwifi rtlwifi: rtl8192cu: Remove rtl8723 code 2015-07-21 16:23:50 +03:00
ti Major changes: 2015-06-23 01:03:18 -07:00
zd1211rw mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
adm8211.c mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
adm8211.h
airo_cs.c
airo.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2015-04-15 09:00:47 -07:00
airo.h
at76c50x-usb.c mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
at76c50x-usb.h mac80211: remove support for IFF_PROMISC 2015-04-24 11:14:13 +02:00
atmel_cs.c
atmel_pci.c
atmel.c wireless: Use eth_<foo>_addr instead of memset 2015-03-03 17:01:36 -05:00
atmel.h
Kconfig add mt7601u driver 2015-05-28 11:33:20 +03:00
mac80211_hwsim.c mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
mac80211_hwsim.h
Makefile add mt7601u driver 2015-05-28 11:33:20 +03:00
mwl8k.c mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
ray_cs.c ray_cs: Change 1 to true for bool type variable. 2015-06-02 23:30:14 +03:00
ray_cs.h
rayctl.h
rndis_wlan.c new driver mt7601u for MediaTek Wi-Fi devices MT7601U 2015-06-03 23:44:57 -07:00
wl3501_cs.c
wl3501.h
zd1201.c
zd1201.h