From: yuzheng ma Date: Wed, 15 Aug 2012 08:11:40 +0000 (+0800) Subject: usb: musb: host: fix for musb_start_urb Oops X-Git-Tag: Ubuntu-5.0.0-8.9~15322^2~5^2~7 X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=3067779b1566ae5fb6af40f03ae874ac47035523;p=mirror_ubuntu-disco-kernel.git usb: musb: host: fix for musb_start_urb Oops when using musb_urb_enqueue to submit three urbs to the same endpoint, when hep->hcpriv is NULL, qh will be allocated when the first urb is completed. When the IRQ completes the next two urbs, qh->hep->hcpriv will be set to NULL. Now the second urb get musb->lock and executes musb_schedule(), but next_urb(qh) is NULL, so musb_start_urb will Oops. [ balbi@ti.com : practically rewrote commit log so it makes sense ] Signed-off-by: mayuzheng Signed-off-by: Felipe Balbi --- diff --git a/drivers/usb/musb/musb_host.c b/drivers/usb/musb/musb_host.c index 4bb717d0bd41..1ae378d5fc6f 100644 --- a/drivers/usb/musb/musb_host.c +++ b/drivers/usb/musb/musb_host.c @@ -2049,7 +2049,7 @@ static int musb_urb_enqueue( * we only have work to do in the former case. */ spin_lock_irqsave(&musb->lock, flags); - if (hep->hcpriv) { + if (hep->hcpriv || !next_urb(qh)) { /* some concurrent activity submitted another urb to hep... * odd, rare, error prone, but legal. */