From patchwork Thu Oct 12 06:03:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Philipp Hortmann X-Patchwork-Id: 151757 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id ib8csp1011773vqb; Wed, 11 Oct 2023 23:03:26 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHwqf36EdAVcH2UV6T2ix1M3J7TENT3iJ2D7hryfbh2JW9aBxpqDPq4MC39R7hmeLhvpRAq X-Received: by 2002:a17:90b:1d87:b0:27d:2261:73e4 with SMTP id pf7-20020a17090b1d8700b0027d226173e4mr466237pjb.2.1697090606478; Wed, 11 Oct 2023 23:03:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697090606; cv=none; d=google.com; s=arc-20160816; b=NRJToIJY4aXW4IBcoBVd0TIOrhw7jQrbC/hMplSectyH6ljwdJ0Mohn2ysBVvI3DQF UDLENePHlisMe84VFk3+GrbYCpP5bvAoFdf/VrsaumZ5aqA6fNgKAwgRzbgmZhm8fdTQ kMZKR2TCj9nczT98c1pIvCeZDau/tBdM2Mum1O4qNBW5RNASRdLTWzLM2dWqhYcVhFhz Dz2UWGuMk9Vd7ZLP1udzI6Qx1Vtwep0DlD8lYkabSTTOY1aJzp2KMfDfMZ5nAhJf8Mp2 KETDqzPe/tH1KJwGP6HmgPFniAmHFHVnBThus1djdz0iA8J/Co6575Y4/k+FS4ueEd9e IesQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:to :from:date:dkim-signature; bh=P51DOcc71lJTpG0lfeJ0M3wrbwZKUgR94Bu9pIZlYhc=; fh=Sw1rtAM+hKyOoOQVYiiLzcdjc4spg79Z/tN6UmWUAKs=; b=cm/DbVZiFAGqX+qkyIJt8JOsvgsRKxIKgc6SSEayHdOsimq4/+QH4pjff86IVQ51m0 WmzZ1pc26qc18vvr2EOiqnaPYa9BcTHYV8bhu8hfZdSHOzCA6CCc3cJyLoCBtYmGHclb hGvkYQgXitjHObkm5o0MU8RRy00EDcpdnVW/vx01J8KRtux6A0PdAYq5aYZTKSUpOCJ8 hkwAdRhl8fmaNZ6gXqJ2D45oulPY+Q5Osf13h7pGxcV9oRRcXzPUHE/XOZwUk2i8BKn0 tDqu1ZC7rNyxAxs/nrZM640/mGgEN95FdQo5moMh0jmsmzkqqYta8/EHSwUnDgYb0qky 9Yrw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=JCzz9nWM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id a14-20020a17090a688e00b0027b3755185dsi1495876pjd.99.2023.10.11.23.03.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 23:03:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=JCzz9nWM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id C7CD9820E52E; Wed, 11 Oct 2023 23:03:25 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377221AbjJLGDU (ORCPT + 19 others); Thu, 12 Oct 2023 02:03:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60100 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235318AbjJLGDQ (ORCPT ); Thu, 12 Oct 2023 02:03:16 -0400 Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F371DD9 for ; Wed, 11 Oct 2023 23:03:11 -0700 (PDT) Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-3232e96deaaso131065f8f.0 for ; Wed, 11 Oct 2023 23:03:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697090590; x=1697695390; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=P51DOcc71lJTpG0lfeJ0M3wrbwZKUgR94Bu9pIZlYhc=; b=JCzz9nWMGXPYgy9Q96T3NEC/dNaqlGKYG4dhyvq7+TDJBYFzmakk2lR9VJcZfJ8dqz bfS9dAsJImjofXhOSiq8jP+X2jKy1jzKLxEiKdMdnkuSlwxAt5TilGNb02g7GECvP3bd IBzKD/nK70MYbO2PX+alBPs8Ngj6zNUXkizXYxbY9D/2T6hNQeObZ0UbWhgdzbn+hCWY Cucdof/qubCZHFwRNFHQBk2jmr3paWrQMI3Huo307Xaoh+NEt17ZLWCd8ujcAzOwU+8q 4IrEWDUY2F9BaYxeGMJL68/78LOMtjYWThTYaXgWs6WLt3KkDS9ckM9B5krDJ8u/8P2i s/eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697090590; x=1697695390; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=P51DOcc71lJTpG0lfeJ0M3wrbwZKUgR94Bu9pIZlYhc=; b=AUJAGUouBxXY2r3ECcGnZASjA1zDD2TcokThyBIpZ/l4VeED6EMQ0XJpxsTnUwbYBE /oEIRIoE0VovdtwBEfkn+9zEFuj9jTFVaepmlX0ZSmkCuhokiYBsApl5nM4ThXgOaCCR 1RXqInebyplA1kjeNGYdyRfP68/zijdj99FHNWqZTZICZ8YX5caqyYOti/ukePDKyms/ cLBy/uc3cCpo9P6oC/e6s6aJj9UyPDkdthw+dB8X53GiS1flZe53bL9GCd17XX0fVdUA PmhkfFEYgC7tBLEds5W5nVj+jROsJar62RLplaYig0D6e5L5bS3il8vPAxgvkrUmIIDj YamA== X-Gm-Message-State: AOJu0YwlgKvQqfGODdHaG3lUQ8KijNclgfRzyvR65LCZXae460Ficu+u bRQbkw/Ko8T3tfN5T39Q+y4= X-Received: by 2002:a05:600c:1d03:b0:405:39bb:38a8 with SMTP id l3-20020a05600c1d0300b0040539bb38a8mr20228961wms.2.1697090589701; Wed, 11 Oct 2023 23:03:09 -0700 (PDT) Received: from matrix-ESPRIMO-P710 (p579356c7.dip0.t-ipconnect.de. [87.147.86.199]) by smtp.gmail.com with ESMTPSA id q6-20020adfb186000000b0032d87b13240sm3404038wra.73.2023.10.11.23.03.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 23:03:09 -0700 (PDT) Date: Thu, 12 Oct 2023 08:03:08 +0200 From: Philipp Hortmann To: Greg Kroah-Hartman , linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH 1/2] staging: rtl8192u: Fix missing alloc_workqueue() Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Wed, 11 Oct 2023 23:03:25 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1779528479760692391 X-GMAIL-MSGID: 1779528479760692391 Missing alloc_workqueue() leads to a crash of the system. Fixes: 1761a85c3bed ("staging: rtl8192u: Remove create_workqueue()") Signed-off-by: Philipp Hortmann --- Tested with rtl8192u (Belkin F5D8053) in Mode n (12.5 MB/s) Dump of Error: [ 1428.338077] ------------[ cut here ]------------ [ 1428.338079] WARNING: CPU: 2 PID: 6502 at kernel/workqueue.c:1938 __queue_delayed_work+0x77/0xb0 [ 1428.338086] Modules linked in: r8192u_usb(COE) cfg80211 lib80211 libarc4 xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c xt_addrtype iptable_filter bpfilter br_netfilter bridge stp llc overlay nls_iso8859_1 snd_hda_codec_hdmi intel_rapl_msr snd_hda_codec_conexant intel_rapl_common snd_hda_codec_generic x86_pkg_temp_thermal ledtrig_audio intel_powerclamp coretemp sch5627 mei_hdcp kvm_intel binfmt_misc kvm snd_hda_intel snd_intel_dspcfg i915 snd_intel_sdw_acpi crct10dif_pclmul ghash_clmulni_intel snd_hda_codec sha512_ssse3 aesni_intel snd_hda_core crypto_simd snd_hwdep cryptd snd_pcm sch56xx_common rapl snd_seq_midi intel_cstate snd_seq_midi_event input_leds joydev serio_raw drm_buddy snd_rawmidi ttm drm_display_helper snd_seq at24 snd_seq_device snd_timer cec rc_core snd mei_me soundcore mei drm_kms_helper i2c_algo_bit tpm_infineon mac_hid sch_fq_codel msr parport_pc ppdev lp parport drm ramoops reed_solomon efi_pstore [ 1428.338200] ip_tables x_tables autofs4 hid_generic usbhid hid crc32_pclmul i2c_i801 xhci_pci video ahci lpc_ich libahci i2c_smbus xhci_pci_renesas e1000e wmi [ 1428.338223] CPU: 2 PID: 6502 Comm: kworker/2:0 Tainted: G C OE 6.6.0-rc1+ #15 [ 1428.338226] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 R1.16.0 for D3161-A1x 10/29/2012 [ 1428.338229] Workqueue: events rtl819x_watchdog_wqcallback [r8192u_usb] [ 1428.338249] RIP: 0010:__queue_delayed_work+0x77/0xb0 [ 1428.338252] Code: c1 48 89 4a 60 81 ff 00 20 00 00 75 38 4c 89 cf e8 de 59 0d 00 5d c3 cc cc cc cc e8 b3 f5 ff ff 5d c3 cc cc cc cc 0f 0b eb bb <0f> 0b 48 81 7a 68 e0 61 6f 81 74 99 0f 0b 48 8b 42 58 48 85 c0 74 [ 1428.338255] RSP: 0000:ffffc9000c46bd08 EFLAGS: 00010046 [ 1428.338258] RAX: 0000000000000001 RBX: 0000000000000200 RCX: 0000000000000000 [ 1428.338260] RDX: ffff88820efacfe8 RSI: 0000000000000000 RDI: 0000000000002000 [ 1428.338262] RBP: ffffc9000c46bd08 R08: 0000000000000000 R09: ffff88820efad038 [ 1428.338264] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88820efacfe8 [ 1428.338265] R13: 0000000000000001 R14: 0000000000002000 R15: 0000000000000000 [ 1428.338267] FS: 0000000000000000(0000) GS:ffff888215c00000(0000) knlGS:0000000000000000 [ 1428.338270] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1428.338272] CR2: 0000557da4e0d8e5 CR3: 000000011361e001 CR4: 00000000001706e0 [ 1428.338274] Call Trace: [ 1428.338276] [ 1428.338280] ? show_regs+0x68/0x70 [ 1428.338284] ? __queue_delayed_work+0x77/0xb0 [ 1428.338287] ? __warn+0x8f/0x180 [ 1428.338291] ? __queue_delayed_work+0x77/0xb0 [ 1428.338296] ? report_bug+0x1f5/0x200 [ 1428.338303] ? handle_bug+0x46/0x80 [ 1428.338307] ? exc_invalid_op+0x19/0x70 [ 1428.338311] ? asm_exc_invalid_op+0x1b/0x20 [ 1428.338323] ? __queue_delayed_work+0x77/0xb0 [ 1428.338327] ? trace_hardirqs_off+0x4f/0xa0 [ 1428.338331] queue_delayed_work_on+0x8e/0x90 [ 1428.338337] hal_dm_watchdog+0x3f5/0x1420 [r8192u_usb] [ 1428.338356] rtl819x_watchdog_wqcallback+0x6b/0xb60 [r8192u_usb] [ 1428.338369] ? __this_cpu_preempt_check+0x13/0x20 [ 1428.338377] process_scheduled_works+0x308/0x580 [ 1428.338389] ? __pfx_worker_thread+0x10/0x10 [ 1428.338392] worker_thread+0x19b/0x360 [ 1428.338398] ? __pfx_worker_thread+0x10/0x10 [ 1428.338400] kthread+0x116/0x150 [ 1428.338405] ? __pfx_kthread+0x10/0x10 [ 1428.338411] ret_from_fork+0x3c/0x60 [ 1428.338414] ? __pfx_kthread+0x10/0x10 [ 1428.338419] ret_from_fork_asm+0x1b/0x30 [ 1428.338433] [ 1428.338435] irq event stamp: 3280 [ 1428.338436] hardirqs last enabled at (3279): [] console_unlock+0x101/0x120 [ 1428.338440] hardirqs last disabled at (3280): [] queue_delayed_work_on+0x74/0x90 [ 1428.338443] softirqs last enabled at (3272): [] __do_softirq+0x2cd/0x3b7 [ 1428.338447] softirqs last disabled at (3265): [] irq_exit_rcu+0xa0/0xe0 [ 1428.338450] ---[ end trace 0000000000000000 ]--- [ 1428.338456] BUG: kernel NULL pointer dereference, address: 00000000000001c0 [ 1428.338458] #PF: supervisor read access in kernel mode [ 1428.338460] #PF: error_code(0x0000) - not-present page [ 1428.338462] PGD 0 P4D 0 [ 1428.338464] Oops: 0000 [#1] PREEMPT SMP PTI [ 1428.338467] CPU: 2 PID: 6502 Comm: kworker/2:0 Tainted: G WC OE 6.6.0-rc1+ #15 [ 1428.338469] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 R1.16.0 for D3161-A1x 10/29/2012 [ 1428.338470] Workqueue: events rtl819x_watchdog_wqcallback [r8192u_usb] [ 1428.338483] RIP: 0010:__queue_work+0x38/0x610 [ 1428.338485] Code: 89 fe 41 55 41 54 49 89 d4 53 48 89 f3 48 83 ec 18 8b 0d 43 23 ce 01 85 c9 74 0f 65 8b 05 c0 af ae 7e 85 c0 0f 84 da 02 00 00 83 c0 01 00 00 00 80 01 00 0f 85 eb 02 00 00 e8 33 d6 0a 00 31 [ 1428.338488] RSP: 0000:ffffc9000c46bcb8 EFLAGS: 00010046 [ 1428.338490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 1428.338491] RDX: ffff88820efacfe8 RSI: 0000000000000000 RDI: 0000000000002000 [ 1428.338493] RBP: ffffc9000c46bcf8 R08: ffff88820efacff0 R09: ffff88820efad038 [ 1428.338494] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88820efacfe8 [ 1428.338496] R13: 0000000000000001 R14: 0000000000002000 R15: 0000000000000000 [ 1428.338497] FS: 0000000000000000(0000) GS:ffff888215c00000(0000) knlGS:0000000000000000 [ 1428.338499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1428.338500] CR2: 00000000000001c0 CR3: 000000011361e001 CR4: 00000000001706e0 [ 1428.338502] Call Trace: [ 1428.338503] [ 1428.338505] ? show_regs+0x68/0x70 [ 1428.338508] ? __die_body+0x20/0x70 [ 1428.338511] ? __die+0x2b/0x40 [ 1428.338514] ? page_fault_oops+0x160/0x480 [ 1428.338517] ? search_bpf_extables+0xad/0x160 [ 1428.338520] ? __queue_work+0x38/0x610 [ 1428.338523] ? search_exception_tables+0x5f/0x70 [ 1428.338526] ? kernelmode_fixup_or_oops+0xa2/0x120 [ 1428.338529] ? __bad_area_nosemaphore+0x197/0x250 [ 1428.338531] ? vprintk_default+0x1d/0x30 [ 1428.338535] ? bad_area_nosemaphore+0x16/0x20 [ 1428.338537] ? do_user_addr_fault+0x34d/0xa40 [ 1428.338539] ? debug_smp_processor_id+0x17/0x20 [ 1428.338541] ? exc_page_fault+0x3c/0x210 [ 1428.338545] ? __this_cpu_preempt_check+0x13/0x20 [ 1428.338548] ? exc_page_fault+0x84/0x210 [ 1428.338551] ? asm_exc_page_fault+0x27/0x30 [ 1428.338555] ? __queue_work+0x38/0x610 [ 1428.338559] __queue_delayed_work+0x6d/0xb0 [ 1428.338561] queue_delayed_work_on+0x8e/0x90 [ 1428.338565] hal_dm_watchdog+0x3f5/0x1420 [r8192u_usb] [ 1428.338579] rtl819x_watchdog_wqcallback+0x6b/0xb60 [r8192u_usb] [ 1428.338591] ? __this_cpu_preempt_check+0x13/0x20 [ 1428.338594] process_scheduled_works+0x308/0x580 [ 1428.338599] ? __pfx_worker_thread+0x10/0x10 [ 1428.338601] worker_thread+0x19b/0x360 [ 1428.338604] ? __pfx_worker_thread+0x10/0x10 [ 1428.338606] kthread+0x116/0x150 [ 1428.338609] ? __pfx_kthread+0x10/0x10 [ 1428.338612] ret_from_fork+0x3c/0x60 [ 1428.338615] ? __pfx_kthread+0x10/0x10 [ 1428.338618] ret_from_fork_asm+0x1b/0x30 [ 1428.338623] --- drivers/staging/rtl8192u/r8192U_core.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c index 0a60ef20107c..bf6d93de7a74 100644 --- a/drivers/staging/rtl8192u/r8192U_core.c +++ b/drivers/staging/rtl8192u/r8192U_core.c @@ -2024,6 +2024,12 @@ static void rtl8192_init_priv_task(struct net_device *dev) { struct r8192_priv *priv = ieee80211_priv(dev); + priv->priv_wq = alloc_workqueue("priv_wq", 0, 0); + if (!priv->priv_wq) { + pr_err("alloc_workqueue for priv->priv_wq failed\n"); + return; + } + INIT_WORK(&priv->reset_wq, rtl8192_restart); INIT_DELAYED_WORK(&priv->watch_dog_wq, From patchwork Thu Oct 12 06:03:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Philipp Hortmann X-Patchwork-Id: 151758 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id ib8csp1012048vqb; Wed, 11 Oct 2023 23:03:55 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGGD5HodKYVXXvl9D0+7iFrCNP+kumF7NYbhJxfl5Gdem78I95vRWwq61agtOjszdQPCkGA X-Received: by 2002:a05:6870:bacf:b0:1e9:8ab9:11ca with SMTP id js15-20020a056870bacf00b001e98ab911camr4738599oab.3.1697090635287; Wed, 11 Oct 2023 23:03:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697090635; cv=none; d=google.com; s=arc-20160816; b=dMI5UD3n9C6dzqvTaoqYvqG1X3bjZmziN8FE4+29Rom9AsG8C1Jso7JjFUN6VVHIvD Ugc0PrAoNnhsZmJp2lvnkECRCzEBh6qoTkJBG88woJjIyfQt/NMrpJdoq9idNlwEuool WWX5qijt1MFDhjkizcoOfR/x+SQMj2so++PA+O7F/TLOD69RZI4axiSfMRAimeE91Raj UAC1ocVFBNb2eXYReF7kDllEAejbSbKI23Tj9Th+eU2LDShq5rFmu+WEuE4fjneVbrjj PHXCMFDzQop4nfqzyAmnBr9Bgmzqx3HyF7RTC1Zq8UoKbO1vMpglQJneO9sEnpYHgr3K IX8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:to:from:date:dkim-signature; bh=KukZ0tzE84dJ5AJr1KRIaqdGGLYRgHtX61fFFpt8ADk=; fh=Sw1rtAM+hKyOoOQVYiiLzcdjc4spg79Z/tN6UmWUAKs=; b=LhjbDx2irhdehof2FUXd1NV58XbcfDQ3snJzi9ukX1DMl3dwG9CD4yS02N9u3fH9Xb E+LHjlYaYzitMHQtgZF4OgomHvakliknySfMzeAQ1vei0w/TGZEDNW1c6ZqdwCSLKR3j 399+DPxhpym65SPyZeR4OPD++UG5y/7QOEFwXDYhH5aZewR+fEMgHo0YfhSRDKeUZnUp wrQGPK7oO3lMtBuVpcr97hqEyf3yDntvoreQyAhQBkZNRLRad7KUX3VbduLv6sR8eO5H kHj2cMz2rwFs/6L4kc4w0jl+/TspzcjIXRkKG/2fbLPIelOqJ0ts3f/5m/Eq0u1yOEVH ctWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="C5/IzQIS"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id 19-20020a631753000000b00578a43e3b0bsi1505945pgx.655.2023.10.11.23.03.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 23:03:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b="C5/IzQIS"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id DC3FD80ECFB3; Wed, 11 Oct 2023 23:03:51 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377231AbjJLGDc (ORCPT + 19 others); Thu, 12 Oct 2023 02:03:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60224 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377308AbjJLGDX (ORCPT ); Thu, 12 Oct 2023 02:03:23 -0400 Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DEA83D3 for ; Wed, 11 Oct 2023 23:03:18 -0700 (PDT) Received: by mail-wr1-x433.google.com with SMTP id ffacd0b85a97d-3175e1bb38cso67864f8f.1 for ; Wed, 11 Oct 2023 23:03:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697090597; x=1697695397; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=KukZ0tzE84dJ5AJr1KRIaqdGGLYRgHtX61fFFpt8ADk=; b=C5/IzQIS4HVzbpXJj547WaUMKqHsXOtjhOlK6wpC9tAaJRI4Wd7KSsy3uyyFR8DvOL j58TJL2G252eutdTVUBdjlFaLzzr2ah8466aDV1vXazsDDfv7TvD4lYFlzaZxR3khr9e 9z15Oims8dZcpTPQHLheB87S5dqn1WIwBlydRsru9ltsJKLj/dUkClShwhArXvR7dQE2 6QGTNR2liQXn1TYlQR7Y0NMi/ZiMUdEX3StA6J0lTHk9gMmt1Aj7It6/GmexQKKrxV8r WENEKg6J1g4XLCNsVQCqMrzKQrXOQ+nyRXqdIheGNHhlN2kIF99HZlReUnWXN2yL2S/U Z4eQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697090597; x=1697695397; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=KukZ0tzE84dJ5AJr1KRIaqdGGLYRgHtX61fFFpt8ADk=; b=BJKWXpATkVZVLB8r+ufEtH+NTAJaQ0e0fxqw5Rkvb6D1AHuzQ1gfPirRPs8ZYssfuj tzaNJcjPpdYTgljKP+k1Y6+9eoW+drDybjRh7Deqj2d4AWid2borfXVc0aEpmqoA0G4x E6a6XOOtdbNAxUGq17BGXr78ZOW84BL8hlr3i2f3Aq6DjtU82/GSuQqc1irWizaRo8I3 rWTdQ7UgJRzBX/FMnNZNh14B6Rf9BGDi3lrfWkh+lNOzG5FlQWG4tdpEr76CyGJjKW05 Np3ZLdQCQSXUxMo3cqCSRZvMt6mMZ+QeuBfVMHiMLnT80WxFL0ylITY+nK0MWs+WAsew WZJA== X-Gm-Message-State: AOJu0YxM1rWmAcpkSx0PZZahs2I8OPY5jCMLzi+EXbKp2g2Lz1O2BWk3 wd3BT6EHRb7/uLesMXgCtRqzTVUJuJg= X-Received: by 2002:adf:a457:0:b0:32d:8be3:f3fe with SMTP id e23-20020adfa457000000b0032d8be3f3femr1153754wra.7.1697090597162; Wed, 11 Oct 2023 23:03:17 -0700 (PDT) Received: from matrix-ESPRIMO-P710 (p579356c7.dip0.t-ipconnect.de. [87.147.86.199]) by smtp.gmail.com with ESMTPSA id j16-20020adff010000000b0032008f99216sm17285530wro.96.2023.10.11.23.03.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 23:03:16 -0700 (PDT) Date: Thu, 12 Oct 2023 08:03:15 +0200 From: Philipp Hortmann To: Greg Kroah-Hartman , linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH 2/2] staging: rtl8192u: Fix sleeping kzalloc() called from invalid context Message-ID: <42f7b8728a5d9ada8c0432e1c11c30d13627fba7.1697089416.git.philipp.g.hortmann@gmail.com> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 11 Oct 2023 23:03:51 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1779528509621265671 X-GMAIL-MSGID: 1779528509621265671 Sleeping kzalloc() called from invalid context leads to a crash of the system. Fixes: 061e390b7c87f ("staging: rtl8192u: ieee80211_softmac: Move a large data struct onto the heap") Signed-off-by: Philipp Hortmann --- Tested with rtl8192u (Belkin F5D8053) in Mode n (12.5 MB/s) Dump of Error: [ 2141.025340] ================================ [ 2141.025341] WARNING: inconsistent lock state [ 2141.025343] 6.6.0-rc1+ #15 Tainted: G C OE [ 2141.025345] -------------------------------- [ 2141.025346] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. [ 2141.025348] gnome-shell/3018 [HC0[0]:SC1[1]:HE1:SE0] takes: [ 2141.025350] ffffffffbbe6b600 (fs_reclaim){+.?.}-{0:0}, at: __kmem_cache_alloc_node+0x48/0x720 [ 2141.025360] {SOFTIRQ-ON-W} state was registered at: [ 2141.025362] lock_acquire+0xdc/0x2c0 [ 2141.025368] fs_reclaim_acquire+0xaa/0xe0 [ 2141.025371] __kmem_cache_alloc_node+0x48/0x720 [ 2141.025374] __kmalloc_node+0x57/0x1a0 [ 2141.025376] alloc_cpumask_var_node+0x1f/0x30 [ 2141.025380] smp_prepare_cpus_common+0xce/0x180 [ 2141.025385] native_smp_prepare_cpus+0xe/0xd0 [ 2141.025387] kernel_init_freeable+0x284/0x560 [ 2141.025391] kernel_init+0x1a/0x140 [ 2141.025395] ret_from_fork+0x3c/0x60 [ 2141.025398] ret_from_fork_asm+0x1b/0x30 [ 2141.025402] irq event stamp: 53750354 [ 2141.025404] hardirqs last enabled at (53750354): [] _raw_spin_unlock_irqrestore+0x31/0x70 [ 2141.025408] hardirqs last disabled at (53750353): [] _raw_spin_lock_irqsave+0x84/0xa0 [ 2141.025411] softirqs last enabled at (53750290): [] __do_softirq+0x2cd/0x3b7 [ 2141.025415] softirqs last disabled at (53750323): [] irq_exit_rcu+0xa0/0xe0 [ 2141.025419] other info that might help us debug this: [ 2141.025420] Possible unsafe locking scenario: [ 2141.025422] CPU0 [ 2141.025423] ---- [ 2141.025424] lock(fs_reclaim); [ 2141.025426] [ 2141.025427] lock(fs_reclaim); [ 2141.025429] *** DEADLOCK *** [ 2141.025430] no locks held by gnome-shell/3018. [ 2141.025432] stack backtrace: [ 2141.025433] CPU: 2 PID: 3018 Comm: gnome-shell Tainted: G C OE 6.6.0-rc1+ #15 [ 2141.025436] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 R1.16.0 for D3161-A1x 10/29/2012 [ 2141.025438] Call Trace: [ 2141.025439] [ 2141.025441] dump_stack_lvl+0x5c/0xa0 [ 2141.025445] dump_stack+0x10/0x20 [ 2141.025447] print_usage_bug+0x22f/0x2c0 [ 2141.025452] mark_lock.part.0+0x6bf/0x8a0 [ 2141.025456] ? sched_clock_noinstr+0x9/0x10 [ 2141.025461] __lock_acquire+0xb75/0x1de0 [ 2141.025465] ? sched_clock_noinstr+0x9/0x10 [ 2141.025469] lock_acquire+0xdc/0x2c0 [ 2141.025473] ? __kmem_cache_alloc_node+0x48/0x720 [ 2141.025478] fs_reclaim_acquire+0xaa/0xe0 [ 2141.025481] ? __kmem_cache_alloc_node+0x48/0x720 [ 2141.025484] __kmem_cache_alloc_node+0x48/0x720 [ 2141.025487] ? ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025508] kmalloc_trace+0x2a/0xc0 [ 2141.025510] ? kmalloc_trace+0x2a/0xc0 [ 2141.025513] ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025527] ? ehci_urb_enqueue+0x12a/0x1020 [ 2141.025534] ieee80211_rx+0xf44/0x1e60 [r8192u_usb] [ 2141.025549] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025552] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025558] rtl8192_rx_nomal+0x583/0x1180 [r8192u_usb] [ 2141.025570] ? sched_clock_noinstr+0x9/0x10 [ 2141.025573] ? exc_page_fault+0x1b0/0x210 [ 2141.025580] rtl8192_irq_rx_tasklet+0x8a/0xc0 [r8192u_usb] [ 2141.025593] tasklet_action_common.isra.0+0x10a/0x290 [ 2141.025597] tasklet_action+0x2d/0x40 [ 2141.025600] __do_softirq+0xca/0x3b7 [ 2141.025605] irq_exit_rcu+0xa0/0xe0 [ 2141.025608] common_interrupt+0x68/0xe0 [ 2141.025611] asm_common_interrupt+0x27/0x40 [ 2141.025614] RIP: 0033:0x7f31fcbc5634 [ 2141.025617] Code: 89 c9 48 c7 c6 3f 00 00 00 48 d3 ef 48 85 ff 0f 84 96 fe ff ff 48 0f bc cf 0f b6 04 08 0f b6 14 0a 29 d0 c3 66 90 38 c8 75 1c <48> 83 c2 01 48 83 fa 40 0f 84 23 fe ff ff 0f b6 04 17 0f b6 0c 16 [ 2141.025620] RSP: 002b:00007fff36dad668 EFLAGS: 00000246 [ 2141.025623] RAX: 0000000000000072 RBX: 0000000000000000 RCX: 0000000000000072 [ 2141.025624] RDX: 0000000000000008 RSI: 0000563837956fc0 RDI: 000056383759c230 [ 2141.025626] RBP: 0000563837956fc0 R08: 000000000000e000 R09: 0000000000000000 [ 2141.025628] R10: 0000000000000001 R11: 00007f31fccca2e4 R12: 0000000000000012 [ 2141.025629] R13: 000056383759c270 R14: 0000563837e1a5a0 R15: 0000563837956fc0 [ 2141.025634] [ 2141.025644] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:306 [ 2141.025647] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3018, name: gnome-shell [ 2141.025650] preempt_count: 100, expected: 0 [ 2141.025651] RCU nest depth: 0, expected: 0 [ 2141.025653] INFO: lockdep is turned off. [ 2141.025654] Preemption disabled at: [ 2141.025655] [] __do_softirq+0x5e/0x3b7 [ 2141.025659] CPU: 2 PID: 3018 Comm: gnome-shell Tainted: G C OE 6.6.0-rc1+ #15 [ 2141.025662] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 R1.16.0 for D3161-A1x 10/29/2012 [ 2141.025663] Call Trace: [ 2141.025664] [ 2141.025666] dump_stack_lvl+0x7d/0xa0 [ 2141.025669] dump_stack+0x10/0x20 [ 2141.025672] __might_resched+0x1be/0x2e0 [ 2141.025676] __might_sleep+0x43/0x70 [ 2141.025679] __kmem_cache_alloc_node+0x568/0x720 [ 2141.025682] ? ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025698] kmalloc_trace+0x2a/0xc0 [ 2141.025700] ? kmalloc_trace+0x2a/0xc0 [ 2141.025703] ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025716] ? ehci_urb_enqueue+0x12a/0x1020 [ 2141.025721] ieee80211_rx+0xf44/0x1e60 [r8192u_usb] [ 2141.025735] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025738] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025744] rtl8192_rx_nomal+0x583/0x1180 [r8192u_usb] [ 2141.025756] ? sched_clock_noinstr+0x9/0x10 [ 2141.025758] ? exc_page_fault+0x1b0/0x210 [ 2141.025765] rtl8192_irq_rx_tasklet+0x8a/0xc0 [r8192u_usb] [ 2141.025778] tasklet_action_common.isra.0+0x10a/0x290 [ 2141.025782] tasklet_action+0x2d/0x40 [ 2141.025785] __do_softirq+0xca/0x3b7 [ 2141.025790] irq_exit_rcu+0xa0/0xe0 [ 2141.025793] common_interrupt+0x68/0xe0 [ 2141.025796] asm_common_interrupt+0x27/0x40 [ 2141.025798] RIP: 0033:0x7f31fcbc5634 [ 2141.025800] Code: 89 c9 48 c7 c6 3f 00 00 00 48 d3 ef 48 85 ff 0f 84 96 fe ff ff 48 0f bc cf 0f b6 04 08 0f b6 14 0a 29 d0 c3 66 90 38 c8 75 1c <48> 83 c2 01 48 83 fa 40 0f 84 23 fe ff ff 0f b6 04 17 0f b6 0c 16 [ 2141.025802] RSP: 002b:00007fff36dad668 EFLAGS: 00000246 [ 2141.025804] RAX: 0000000000000072 RBX: 0000000000000000 RCX: 0000000000000072 [ 2141.025806] RDX: 0000000000000008 RSI: 0000563837956fc0 RDI: 000056383759c230 [ 2141.025807] RBP: 0000563837956fc0 R08: 000000000000e000 R09: 0000000000000000 [ 2141.025809] R10: 0000000000000001 R11: 00007f31fccca2e4 R12: 0000000000000012 [ 2141.025811] R13: 000056383759c270 R14: 0000563837e1a5a0 R15: 0000563837956fc0 [ 2141.025815] --- .../rtl8192u/ieee80211/ieee80211_softmac.c | 19 ++++++++----------- drivers/staging/rtl8192u/r8192U.h | 1 + drivers/staging/rtl8192u/r8192U_core.c | 6 ++++++ 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c b/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c index 92001cb36730..ff5d6f5aeed1 100644 --- a/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c +++ b/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c @@ -12,6 +12,7 @@ * Copyright who own it's copyright. */ #include "ieee80211.h" +#include "../r8192U.h" #include #include @@ -1892,6 +1893,8 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *ieee, struct sk_buff *skb, u16 stype) { struct rtl_80211_hdr_3addr *header = (struct rtl_80211_hdr_3addr *)skb->data; + struct net_device *dev = ieee->dev; + struct r8192_priv *priv = ieee80211_priv(dev); u16 errcode; int aid; struct ieee80211_assoc_response_frame *assoc_resp; @@ -1917,12 +1920,7 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *ieee, struct sk_buff *skb, if ((ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE) && ieee->state == IEEE80211_ASSOCIATING_AUTHENTICATED && ieee->iw_mode == IW_MODE_INFRA) { - struct ieee80211_network *network; - - network = kzalloc(sizeof(*network), GFP_KERNEL); - if (!network) - return -ENOMEM; - + memset(priv->network, 0, sizeof(struct ieee80211_network)); errcode = assoc_parse(ieee, skb, &aid); if (!errcode) { ieee->state = IEEE80211_LINKED; @@ -1934,15 +1932,15 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *ieee, struct sk_buff *skb, assoc_resp = (struct ieee80211_assoc_response_frame *)skb->data; if (ieee80211_parse_info_param(ieee, assoc_resp->info_element,\ rx_stats->len - sizeof(*assoc_resp), \ - network, rx_stats)) { + priv->network, rx_stats)) { return 1; } else { //filling the PeerHTCap. //maybe not necessary as we can get its info from current_network. - memcpy(ieee->pHTInfo->PeerHTCapBuf, network->bssht.bdHTCapBuf, network->bssht.bdHTCapLen); - memcpy(ieee->pHTInfo->PeerHTInfoBuf, network->bssht.bdHTInfoBuf, network->bssht.bdHTInfoLen); + memcpy(ieee->pHTInfo->PeerHTCapBuf, priv->network->bssht.bdHTCapBuf, priv->network->bssht.bdHTCapLen); + memcpy(ieee->pHTInfo->PeerHTInfoBuf, priv->network->bssht.bdHTInfoBuf, priv->network->bssht.bdHTInfoLen); } if (ieee->handle_assoc_response) - ieee->handle_assoc_response(ieee->dev, (struct ieee80211_assoc_response_frame *)header, network); + ieee->handle_assoc_response(ieee->dev, (struct ieee80211_assoc_response_frame *)header, priv->network); } ieee80211_associate_complete(ieee); } else { @@ -1957,7 +1955,6 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *ieee, struct sk_buff *skb, else ieee80211_associate_abort(ieee); } - kfree(network); } break; diff --git a/drivers/staging/rtl8192u/r8192U.h b/drivers/staging/rtl8192u/r8192U.h index ff0ada00bf41..672bd19e4db7 100644 --- a/drivers/staging/rtl8192u/r8192U.h +++ b/drivers/staging/rtl8192u/r8192U.h @@ -908,6 +908,7 @@ typedef struct r8192_priv { struct ChnlAccessSetting ChannelAccessSetting; struct work_struct reset_wq; + struct ieee80211_network *network; /**********************************************************/ /* For rtl819xUsb */ diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c index bf6d93de7a74..060475017d0d 100644 --- a/drivers/staging/rtl8192u/r8192U_core.c +++ b/drivers/staging/rtl8192u/r8192U_core.c @@ -1990,6 +1990,10 @@ static int rtl8192_init_priv_variable(struct net_device *dev) if (!priv->pFirmware) return -ENOMEM; + priv->network = kzalloc(sizeof(*priv->network), GFP_KERNEL); + if (!priv->network) + return -ENOMEM; + /* rx related queue */ skb_queue_head_init(&priv->rx_queue); skb_queue_head_init(&priv->skb_queue); @@ -4572,6 +4576,8 @@ static int rtl8192_usb_probe(struct usb_interface *intf, fail: kfree(priv->pFirmware); priv->pFirmware = NULL; + kfree(priv->network); + priv->network = NULL; rtl8192_usb_deleteendpoints(dev); msleep(10); free_ieee80211(dev);