Thread (34 messages) 34 messages, 5 authors, 2021-02-26

Re: [PATCH v5 1/3] usb: serial: Add MaxLinear/Exar USB to Serial driver

From: Johan Hovold <johan@kernel.org>
Date: 2021-02-26 10:10:34
Also in: lkml 

On Thu, Feb 25, 2021 at 07:04:05PM +0100, Mauro Carvalho Chehab wrote:
Em Thu, 25 Feb 2021 18:58:20 +0100
Mauro Carvalho Chehab [off-list ref] escreveu:
quoted
While testing the xr_serial (as currently merged), I opted to apply
the patches on the top of vanilla Kernel 5.11 - as it sounds too risky
to use linux-next so early on a new development cycle :-)

There, I'm getting an OOPS:

	[   30.261291] BUG: kernel NULL pointer dereference, address: 00000000000000a8
	[   30.261375] #PF: supervisor write access in kernel mode
	[   30.261438] #PF: error_code(0x0002) - not-present page
	[   30.261500] PGD 0 P4D 0 
	[   30.261539] Oops: 0002 [#1] SMP PTI
	[   30.261586] CPU: 2 PID: 686 Comm: kworker/2:3 Not tainted 5.11.0+ #14
	[   30.261666] Hardware name:  /NUC5i7RYB, BIOS RYBDWi35.86A.0380.2019.0517.1530 05/17/2019
	[   30.261757] Workqueue: usb_hub_wq hub_event
	[   30.261816] RIP: 0010:mutex_lock+0x1e/0x40
quoted
	[   30.262796] Call Trace:
	[   30.262832]  usb_serial_disconnect+0x33/0x140
	[   30.262897]  usb_unbind_interface+0x8c/0x260
	[   30.262957]  device_release_driver_internal+0x103/0x1d0
	[   30.263026]  device_release_driver+0x12/0x20
	[   30.263083]  bus_remove_device+0xe1/0x150
	[   30.263140]  device_del+0x192/0x3f0
	[   30.263188]  ? usb_remove_ep_devs+0x1f/0x30
	[   30.263244]  usb_disable_device+0x95/0x1c0
	[   30.263300]  usb_disconnect+0xc0/0x270
	[   30.263350]  hub_event+0xa2e/0x1620

After adding this hack:

<snip>
--- a/drivers/usb/serial/usb-serial.c
+++ b/drivers/usb/serial/usb-serial.c
@@ -1081,6 +1081,11 @@ static void usb_serial_disconnect(struct usb_interface *interface)
        struct usb_serial_port *port;
        struct tty_struct *tty;
 
+       if (!serial) {
+               dev_err(dev, "%s: Serial pointer is NULL!!!\n", __func__);
+               return;
+       }
+
        usb_serial_console_disconnect(serial);
 
        mutex_lock(&serial->disc_mutex);
</snip>

It works fine:

	[  283.005625] xr_serial 2-1:1.1: xr_serial converter detected
	[  283.005868] usb 2-1: xr_serial converter now attached to ttyUSB0
	[  283.007284] printk: console [ttyUSB0] enabled
	[  284.444419] usb 2-1: USB disconnect, device number 5
	[  284.444520] xr_serial 2-1:1.0: usb_serial_disconnect: Serial pointer is NULL!!!
	[  284.444894] printk: console [ttyUSB0] disabled
	[  284.445091] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0
	[  284.445141] xr_disconnect
	[  284.445156] xr_serial 2-1:1.1: device disconnected

I'm not sure if the bug is at xr_serial or if it is inside usb-serial.c.

Any ideas?
Answering myself, as those devices may have two different interfaces
(one for control and another one for data), I suspect that the
driver needs to manually call usb_set_intfdata() after detecting the
data interface.
Thanks for reporting this.

I'm afraid it's a bit more involved than that; we'd need to add support
to USB-serial core for managing a sibling interface and either one being
disconnected first. This has implications for suspend as well.

I think we should just not claim the control interface for now since it
not currently used by the driver. I'll send a fix.

Johan
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help