Re: [PATCH v3] USB:gadget: Fix a warning while loading g_mass_storage
From: Michal Nazarewicz
Date: Fri Jun 13 2014 - 05:45:04 EST
On Mon, Jun 09 2014, Wei.Yang@xxxxxxxxxxxxx wrote:
> From: Yang Wei <Wei.Yang@xxxxxxxxxxxxx>
>
> While loading g_mass_storage module, the following warning
> is triggered.
>
> WARNING: at drivers/usb/gadget/composite.c:
> usb_composite_setup_continue: Unexpected call
> Modules linked in: fat vfat minix nls_cp437 nls_iso8859_1 g_mass_storage
> [<800179cc>] (unwind_backtrace+0x0/0x104) from [<80619608>] (dump_stack+0x20/0x24)
> [<80619608>] (dump_stack+0x20/0x24) from [<80025100>] (warn_slowpath_common+0x64/0x74)
> [<80025100>] (warn_slowpath_common+0x64/0x74) from [<800251cc>] (warn_slowpath_fmt+0x40/0x48)
> [<800251cc>] (warn_slowpath_fmt+0x40/0x48) from [<7f047774>] (usb_composite_setup_continue+0xb4/0xbc [g_mass_storage])
> [<7f047774>] (usb_composite_setup_continue+0xb4/0xbc [g_mass_storage]) from [<7f047ad4>] (handle_exception+0x358/0x3e4 [g_mass_storage])
> [<7f047ad4>] (handle_exception+0x358/0x3e4 [g_mass_storage]) from [<7f048080>] (fsg_main_thread+0x520/0x157c [g_mass_storage])
> [<7f048080>] (fsg_main_thread+0x520/0x157c [g_mass_storage]) from [<8004bc90>] (kthread+0x98/0x9c)
> [<8004bc90>] (kthread+0x98/0x9c) from [<8000faec>] (kernel_thread_exit+0x0/0x8)
>
> The root cause is that the existing code fails to take into
> account the possibility that common->new_fsg can change while
> do_set_interface() is running, because the spinlock isn't held
> at this point.
common->new_fsg is not protected by common->lock so this justification
is not valid.
>
> Signed-off-by: Yang Wei <Wei.Yang@xxxxxxxxxxxxx>
> Signed-off-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
> ---
> drivers/usb/gadget/f_mass_storage.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> Hi Alan,
>
> Thanks for your review, there are a few changes in v3:
>
> 1) Fix a coding style issue.
> 2) Refine the commit log
>
> Regards
> Wei
>
> diff --git a/drivers/usb/gadget/f_mass_storage.c b/drivers/usb/gadget/f_mass_storage.c
> index b963939..0cd8f21 100644
> --- a/drivers/usb/gadget/f_mass_storage.c
> +++ b/drivers/usb/gadget/f_mass_storage.c
> @@ -2342,6 +2342,7 @@ static void handle_exception(struct fsg_common *common)
> struct fsg_buffhd *bh;
> enum fsg_state old_state;
> struct fsg_lun *curlun;
> + struct fsg_dev *new_fsg;
> unsigned int exception_req_tag;
>
> /*
> @@ -2421,6 +2422,7 @@ static void handle_exception(struct fsg_common *common)
> }
> common->state = FSG_STATE_IDLE;
> }
> + new_fsg = common->new_fsg;
Also, because common->new_fsg is not protected by common->lock, doing
this under a lock is kinda pointless.
> spin_unlock_irq(&common->lock);
>
> /* Carry out any extra actions required for the exception */
> @@ -2460,8 +2462,8 @@ static void handle_exception(struct fsg_common *common)
> break;
>
> case FSG_STATE_CONFIG_CHANGE:
> - do_set_interface(common, common->new_fsg);
> - if (common->new_fsg)
> + do_set_interface(common, new_fsg);
> + if (new_fsg)
> usb_composite_setup_continue(common->cdev);
As far as I can tell, it's safe to move the assignment to new_fsg here,
e.g.:
new_fsg = common->new_fsg;
do_set_interface(common, new_fsg);
if (new_fsg)
usb_composite_setup_continue(common->cdev);
> break;
But perhaps new_fsg should be protected by the lock. I think valid fix
(which I did not test in *any* way) will be this:
-------------- >8 ------------------------------------------------------------