From nobody Thu Dec 18 19:41:24 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B3E09CDB47E for ; Thu, 12 Oct 2023 06:03:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377246AbjJLGDV (ORCPT ); Thu, 12 Oct 2023 02:03:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60100 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235318AbjJLGDQ (ORCPT ); Thu, 12 Oct 2023 02:03:16 -0400 Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F371DD9 for ; Wed, 11 Oct 2023 23:03:11 -0700 (PDT) Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-3232e96deaaso131065f8f.0 for ; Wed, 11 Oct 2023 23:03:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697090590; x=1697695390; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=P51DOcc71lJTpG0lfeJ0M3wrbwZKUgR94Bu9pIZlYhc=; b=JCzz9nWMGXPYgy9Q96T3NEC/dNaqlGKYG4dhyvq7+TDJBYFzmakk2lR9VJcZfJ8dqz bfS9dAsJImjofXhOSiq8jP+X2jKy1jzKLxEiKdMdnkuSlwxAt5TilGNb02g7GECvP3bd IBzKD/nK70MYbO2PX+alBPs8Ngj6zNUXkizXYxbY9D/2T6hNQeObZ0UbWhgdzbn+hCWY Cucdof/qubCZHFwRNFHQBk2jmr3paWrQMI3Huo307Xaoh+NEt17ZLWCd8ujcAzOwU+8q 4IrEWDUY2F9BaYxeGMJL68/78LOMtjYWThTYaXgWs6WLt3KkDS9ckM9B5krDJ8u/8P2i s/eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697090590; x=1697695390; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=P51DOcc71lJTpG0lfeJ0M3wrbwZKUgR94Bu9pIZlYhc=; b=AUJAGUouBxXY2r3ECcGnZASjA1zDD2TcokThyBIpZ/l4VeED6EMQ0XJpxsTnUwbYBE /oEIRIoE0VovdtwBEfkn+9zEFuj9jTFVaepmlX0ZSmkCuhokiYBsApl5nM4ThXgOaCCR 1RXqInebyplA1kjeNGYdyRfP68/zijdj99FHNWqZTZICZ8YX5caqyYOti/ukePDKyms/ cLBy/uc3cCpo9P6oC/e6s6aJj9UyPDkdthw+dB8X53GiS1flZe53bL9GCd17XX0fVdUA PmhkfFEYgC7tBLEds5W5nVj+jROsJar62RLplaYig0D6e5L5bS3il8vPAxgvkrUmIIDj YamA== X-Gm-Message-State: AOJu0YwlgKvQqfGODdHaG3lUQ8KijNclgfRzyvR65LCZXae460Ficu+u bRQbkw/Ko8T3tfN5T39Q+y4= X-Google-Smtp-Source: AGHT+IGIvf+tjlkPYziwdHAnytKW6Q7tiOb8d132sIfdRL9BEIekn7hxdfNJuTgA1fOscFyTYMivkQ== X-Received: by 2002:a05:600c:1d03:b0:405:39bb:38a8 with SMTP id l3-20020a05600c1d0300b0040539bb38a8mr20228961wms.2.1697090589701; Wed, 11 Oct 2023 23:03:09 -0700 (PDT) Received: from matrix-ESPRIMO-P710 (p579356c7.dip0.t-ipconnect.de. [87.147.86.199]) by smtp.gmail.com with ESMTPSA id q6-20020adfb186000000b0032d87b13240sm3404038wra.73.2023.10.11.23.03.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 23:03:09 -0700 (PDT) Date: Thu, 12 Oct 2023 08:03:08 +0200 From: Philipp Hortmann To: Greg Kroah-Hartman , linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH 1/2] staging: rtl8192u: Fix missing alloc_workqueue() Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Missing alloc_workqueue() leads to a crash of the system. Fixes: 1761a85c3bed ("staging: rtl8192u: Remove create_workqueue()") Signed-off-by: Philipp Hortmann --- Tested with rtl8192u (Belkin F5D8053) in Mode n (12.5 MB/s) Dump of Error: [ 1428.338077] ------------[ cut here ]------------ [ 1428.338079] WARNING: CPU: 2 PID: 6502 at kernel/workqueue.c:1938 __queue= _delayed_work+0x77/0xb0 [ 1428.338086] Modules linked in: r8192u_usb(COE) cfg80211 lib80211 libarc4= xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_a= lgo iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c= xt_addrtype iptable_filter bpfilter br_netfilter bridge stp llc overlay nl= s_iso8859_1 snd_hda_codec_hdmi intel_rapl_msr snd_hda_codec_conexant intel_= rapl_common snd_hda_codec_generic x86_pkg_temp_thermal ledtrig_audio intel_= powerclamp coretemp sch5627 mei_hdcp kvm_intel binfmt_misc kvm snd_hda_inte= l snd_intel_dspcfg i915 snd_intel_sdw_acpi crct10dif_pclmul ghash_clmulni_i= ntel snd_hda_codec sha512_ssse3 aesni_intel snd_hda_core crypto_simd snd_hw= dep cryptd snd_pcm sch56xx_common rapl snd_seq_midi intel_cstate snd_seq_mi= di_event input_leds joydev serio_raw drm_buddy snd_rawmidi ttm drm_display_= helper snd_seq at24 snd_seq_device snd_timer cec rc_core snd mei_me soundco= re mei drm_kms_helper i2c_algo_bit tpm_infineon mac_hid sch_fq_codel msr pa= rport_pc ppdev lp parport drm ramoops reed_solomon efi_pstore [ 1428.338200] ip_tables x_tables autofs4 hid_generic usbhid hid crc32_pcl= mul i2c_i801 xhci_pci video ahci lpc_ich libahci i2c_smbus xhci_pci_renesas= e1000e wmi [ 1428.338223] CPU: 2 PID: 6502 Comm: kworker/2:0 Tainted: G C OE = 6.6.0-rc1+ #15 [ 1428.338226] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 = R1.16.0 for D3161-A1x 10/29/2012 [ 1428.338229] Workqueue: events rtl819x_watchdog_wqcallback [r8192u_usb] [ 1428.338249] RIP: 0010:__queue_delayed_work+0x77/0xb0 [ 1428.338252] Code: c1 48 89 4a 60 81 ff 00 20 00 00 75 38 4c 89 cf e8 de = 59 0d 00 5d c3 cc cc cc cc e8 b3 f5 ff ff 5d c3 cc cc cc cc 0f 0b eb bb <0f= > 0b 48 81 7a 68 e0 61 6f 81 74 99 0f 0b 48 8b 42 58 48 85 c0 74 [ 1428.338255] RSP: 0000:ffffc9000c46bd08 EFLAGS: 00010046 [ 1428.338258] RAX: 0000000000000001 RBX: 0000000000000200 RCX: 00000000000= 00000 [ 1428.338260] RDX: ffff88820efacfe8 RSI: 0000000000000000 RDI: 00000000000= 02000 [ 1428.338262] RBP: ffffc9000c46bd08 R08: 0000000000000000 R09: ffff88820ef= ad038 [ 1428.338264] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88820ef= acfe8 [ 1428.338265] R13: 0000000000000001 R14: 0000000000002000 R15: 00000000000= 00000 [ 1428.338267] FS: 0000000000000000(0000) GS:ffff888215c00000(0000) knlGS:= 0000000000000000 [ 1428.338270] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1428.338272] CR2: 0000557da4e0d8e5 CR3: 000000011361e001 CR4: 00000000001= 706e0 [ 1428.338274] Call Trace: [ 1428.338276] [ 1428.338280] ? show_regs+0x68/0x70 [ 1428.338284] ? __queue_delayed_work+0x77/0xb0 [ 1428.338287] ? __warn+0x8f/0x180 [ 1428.338291] ? __queue_delayed_work+0x77/0xb0 [ 1428.338296] ? report_bug+0x1f5/0x200 [ 1428.338303] ? handle_bug+0x46/0x80 [ 1428.338307] ? exc_invalid_op+0x19/0x70 [ 1428.338311] ? asm_exc_invalid_op+0x1b/0x20 [ 1428.338323] ? __queue_delayed_work+0x77/0xb0 [ 1428.338327] ? trace_hardirqs_off+0x4f/0xa0 [ 1428.338331] queue_delayed_work_on+0x8e/0x90 [ 1428.338337] hal_dm_watchdog+0x3f5/0x1420 [r8192u_usb] [ 1428.338356] rtl819x_watchdog_wqcallback+0x6b/0xb60 [r8192u_usb] [ 1428.338369] ? __this_cpu_preempt_check+0x13/0x20 [ 1428.338377] process_scheduled_works+0x308/0x580 [ 1428.338389] ? __pfx_worker_thread+0x10/0x10 [ 1428.338392] worker_thread+0x19b/0x360 [ 1428.338398] ? __pfx_worker_thread+0x10/0x10 [ 1428.338400] kthread+0x116/0x150 [ 1428.338405] ? __pfx_kthread+0x10/0x10 [ 1428.338411] ret_from_fork+0x3c/0x60 [ 1428.338414] ? __pfx_kthread+0x10/0x10 [ 1428.338419] ret_from_fork_asm+0x1b/0x30 [ 1428.338433] [ 1428.338435] irq event stamp: 3280 [ 1428.338436] hardirqs last enabled at (3279): [] conso= le_unlock+0x101/0x120 [ 1428.338440] hardirqs last disabled at (3280): [] queue= _delayed_work_on+0x74/0x90 [ 1428.338443] softirqs last enabled at (3272): [] __do_= softirq+0x2cd/0x3b7 [ 1428.338447] softirqs last disabled at (3265): [] irq_e= xit_rcu+0xa0/0xe0 [ 1428.338450] ---[ end trace 0000000000000000 ]--- [ 1428.338456] BUG: kernel NULL pointer dereference, address: 0000000000000= 1c0 [ 1428.338458] #PF: supervisor read access in kernel mode [ 1428.338460] #PF: error_code(0x0000) - not-present page [ 1428.338462] PGD 0 P4D 0 [ 1428.338464] Oops: 0000 [#1] PREEMPT SMP PTI [ 1428.338467] CPU: 2 PID: 6502 Comm: kworker/2:0 Tainted: G WC OE = 6.6.0-rc1+ #15 [ 1428.338469] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 = R1.16.0 for D3161-A1x 10/29/2012 [ 1428.338470] Workqueue: events rtl819x_watchdog_wqcallback [r8192u_usb] [ 1428.338483] RIP: 0010:__queue_work+0x38/0x610 [ 1428.338485] Code: 89 fe 41 55 41 54 49 89 d4 53 48 89 f3 48 83 ec 18 8b = 0d 43 23 ce 01 85 c9 74 0f 65 8b 05 c0 af ae 7e 85 c0 0f 84 da 02 00 00 83 c0 01 00 00 00 80 01 00 0f 85 eb 02 00 00 e8 33 d6 0a 00 31 [ 1428.338488] RSP: 0000:ffffc9000c46bcb8 EFLAGS: 00010046 [ 1428.338490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000000= 00001 [ 1428.338491] RDX: ffff88820efacfe8 RSI: 0000000000000000 RDI: 00000000000= 02000 [ 1428.338493] RBP: ffffc9000c46bcf8 R08: ffff88820efacff0 R09: ffff88820ef= ad038 [ 1428.338494] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88820ef= acfe8 [ 1428.338496] R13: 0000000000000001 R14: 0000000000002000 R15: 00000000000= 00000 [ 1428.338497] FS: 0000000000000000(0000) GS:ffff888215c00000(0000) knlGS:= 0000000000000000 [ 1428.338499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1428.338500] CR2: 00000000000001c0 CR3: 000000011361e001 CR4: 00000000001= 706e0 [ 1428.338502] Call Trace: [ 1428.338503] [ 1428.338505] ? show_regs+0x68/0x70 [ 1428.338508] ? __die_body+0x20/0x70 [ 1428.338511] ? __die+0x2b/0x40 [ 1428.338514] ? page_fault_oops+0x160/0x480 [ 1428.338517] ? search_bpf_extables+0xad/0x160 [ 1428.338520] ? __queue_work+0x38/0x610 [ 1428.338523] ? search_exception_tables+0x5f/0x70 [ 1428.338526] ? kernelmode_fixup_or_oops+0xa2/0x120 [ 1428.338529] ? __bad_area_nosemaphore+0x197/0x250 [ 1428.338531] ? vprintk_default+0x1d/0x30 [ 1428.338535] ? bad_area_nosemaphore+0x16/0x20 [ 1428.338537] ? do_user_addr_fault+0x34d/0xa40 [ 1428.338539] ? debug_smp_processor_id+0x17/0x20 [ 1428.338541] ? exc_page_fault+0x3c/0x210 [ 1428.338545] ? __this_cpu_preempt_check+0x13/0x20 [ 1428.338548] ? exc_page_fault+0x84/0x210 [ 1428.338551] ? asm_exc_page_fault+0x27/0x30 [ 1428.338555] ? __queue_work+0x38/0x610 [ 1428.338559] __queue_delayed_work+0x6d/0xb0 [ 1428.338561] queue_delayed_work_on+0x8e/0x90 [ 1428.338565] hal_dm_watchdog+0x3f5/0x1420 [r8192u_usb] [ 1428.338579] rtl819x_watchdog_wqcallback+0x6b/0xb60 [r8192u_usb] [ 1428.338591] ? __this_cpu_preempt_check+0x13/0x20 [ 1428.338594] process_scheduled_works+0x308/0x580 [ 1428.338599] ? __pfx_worker_thread+0x10/0x10 [ 1428.338601] worker_thread+0x19b/0x360 [ 1428.338604] ? __pfx_worker_thread+0x10/0x10 [ 1428.338606] kthread+0x116/0x150 [ 1428.338609] ? __pfx_kthread+0x10/0x10 [ 1428.338612] ret_from_fork+0x3c/0x60 [ 1428.338615] ? __pfx_kthread+0x10/0x10 [ 1428.338618] ret_from_fork_asm+0x1b/0x30 [ 1428.338623] --- drivers/staging/rtl8192u/r8192U_core.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl81= 92u/r8192U_core.c index 0a60ef20107c..bf6d93de7a74 100644 --- a/drivers/staging/rtl8192u/r8192U_core.c +++ b/drivers/staging/rtl8192u/r8192U_core.c @@ -2024,6 +2024,12 @@ static void rtl8192_init_priv_task(struct net_device= *dev) { struct r8192_priv *priv =3D ieee80211_priv(dev); =20 + priv->priv_wq =3D alloc_workqueue("priv_wq", 0, 0); + if (!priv->priv_wq) { + pr_err("alloc_workqueue for priv->priv_wq failed\n"); + return; + } + INIT_WORK(&priv->reset_wq, rtl8192_restart); =20 INIT_DELAYED_WORK(&priv->watch_dog_wq, --=20 2.42.0 From nobody Thu Dec 18 19:41:24 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D667CDB46E for ; Thu, 12 Oct 2023 06:03:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377202AbjJLGDd (ORCPT ); Thu, 12 Oct 2023 02:03:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60224 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377308AbjJLGDX (ORCPT ); Thu, 12 Oct 2023 02:03:23 -0400 Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DEA83D3 for ; Wed, 11 Oct 2023 23:03:18 -0700 (PDT) Received: by mail-wr1-x433.google.com with SMTP id ffacd0b85a97d-3175e1bb38cso67864f8f.1 for ; Wed, 11 Oct 2023 23:03:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697090597; x=1697695397; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=KukZ0tzE84dJ5AJr1KRIaqdGGLYRgHtX61fFFpt8ADk=; b=C5/IzQIS4HVzbpXJj547WaUMKqHsXOtjhOlK6wpC9tAaJRI4Wd7KSsy3uyyFR8DvOL j58TJL2G252eutdTVUBdjlFaLzzr2ah8466aDV1vXazsDDfv7TvD4lYFlzaZxR3khr9e 9z15Oims8dZcpTPQHLheB87S5dqn1WIwBlydRsru9ltsJKLj/dUkClShwhArXvR7dQE2 6QGTNR2liQXn1TYlQR7Y0NMi/ZiMUdEX3StA6J0lTHk9gMmt1Aj7It6/GmexQKKrxV8r WENEKg6J1g4XLCNsVQCqMrzKQrXOQ+nyRXqdIheGNHhlN2kIF99HZlReUnWXN2yL2S/U Z4eQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697090597; x=1697695397; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=KukZ0tzE84dJ5AJr1KRIaqdGGLYRgHtX61fFFpt8ADk=; b=BJKWXpATkVZVLB8r+ufEtH+NTAJaQ0e0fxqw5Rkvb6D1AHuzQ1gfPirRPs8ZYssfuj tzaNJcjPpdYTgljKP+k1Y6+9eoW+drDybjRh7Deqj2d4AWid2borfXVc0aEpmqoA0G4x E6a6XOOtdbNAxUGq17BGXr78ZOW84BL8hlr3i2f3Aq6DjtU82/GSuQqc1irWizaRo8I3 rWTdQ7UgJRzBX/FMnNZNh14B6Rf9BGDi3lrfWkh+lNOzG5FlQWG4tdpEr76CyGJjKW05 Np3ZLdQCQSXUxMo3cqCSRZvMt6mMZ+QeuBfVMHiMLnT80WxFL0ylITY+nK0MWs+WAsew WZJA== X-Gm-Message-State: AOJu0YxM1rWmAcpkSx0PZZahs2I8OPY5jCMLzi+EXbKp2g2Lz1O2BWk3 wd3BT6EHRb7/uLesMXgCtRqzTVUJuJg= X-Google-Smtp-Source: AGHT+IFB2oSKIwYOcPSVuc0SCaCm/kBAADGpf7YVFPSak9Ctn5S/X9uqzQq9jYYiYEg0JCubzmoy3A== X-Received: by 2002:adf:a457:0:b0:32d:8be3:f3fe with SMTP id e23-20020adfa457000000b0032d8be3f3femr1153754wra.7.1697090597162; Wed, 11 Oct 2023 23:03:17 -0700 (PDT) Received: from matrix-ESPRIMO-P710 (p579356c7.dip0.t-ipconnect.de. [87.147.86.199]) by smtp.gmail.com with ESMTPSA id j16-20020adff010000000b0032008f99216sm17285530wro.96.2023.10.11.23.03.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 23:03:16 -0700 (PDT) Date: Thu, 12 Oct 2023 08:03:15 +0200 From: Philipp Hortmann To: Greg Kroah-Hartman , linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [RFC PATCH 2/2] staging: rtl8192u: Fix sleeping kzalloc() called from invalid context Message-ID: <42f7b8728a5d9ada8c0432e1c11c30d13627fba7.1697089416.git.philipp.g.hortmann@gmail.com> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Sleeping kzalloc() called from invalid context leads to a crash of the system. Fixes: 061e390b7c87f ("staging: rtl8192u: ieee80211_softmac: Move a large d= ata struct onto the heap") Signed-off-by: Philipp Hortmann --- Tested with rtl8192u (Belkin F5D8053) in Mode n (12.5 MB/s) Dump of Error: [ 2141.025340] =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D [ 2141.025341] WARNING: inconsistent lock state [ 2141.025343] 6.6.0-rc1+ #15 Tainted: G C OE [ 2141.025345] -------------------------------- [ 2141.025346] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. [ 2141.025348] gnome-shell/3018 [HC0[0]:SC1[1]:HE1:SE0] takes: [ 2141.025350] ffffffffbbe6b600 (fs_reclaim){+.?.}-{0:0}, at: __kmem_cache_= alloc_node+0x48/0x720 [ 2141.025360] {SOFTIRQ-ON-W} state was registered at: [ 2141.025362] lock_acquire+0xdc/0x2c0 [ 2141.025368] fs_reclaim_acquire+0xaa/0xe0 [ 2141.025371] __kmem_cache_alloc_node+0x48/0x720 [ 2141.025374] __kmalloc_node+0x57/0x1a0 [ 2141.025376] alloc_cpumask_var_node+0x1f/0x30 [ 2141.025380] smp_prepare_cpus_common+0xce/0x180 [ 2141.025385] native_smp_prepare_cpus+0xe/0xd0 [ 2141.025387] kernel_init_freeable+0x284/0x560 [ 2141.025391] kernel_init+0x1a/0x140 [ 2141.025395] ret_from_fork+0x3c/0x60 [ 2141.025398] ret_from_fork_asm+0x1b/0x30 [ 2141.025402] irq event stamp: 53750354 [ 2141.025404] hardirqs last enabled at (53750354): [] _= raw_spin_unlock_irqrestore+0x31/0x70 [ 2141.025408] hardirqs last disabled at (53750353): [] _= raw_spin_lock_irqsave+0x84/0xa0 [ 2141.025411] softirqs last enabled at (53750290): [] _= _do_softirq+0x2cd/0x3b7 [ 2141.025415] softirqs last disabled at (53750323): [] i= rq_exit_rcu+0xa0/0xe0 [ 2141.025419] other info that might help us debug this: [ 2141.025420] Possible unsafe locking scenario: [ 2141.025422] CPU0 [ 2141.025423] ---- [ 2141.025424] lock(fs_reclaim); [ 2141.025426] [ 2141.025427] lock(fs_reclaim); [ 2141.025429] *** DEADLOCK *** [ 2141.025430] no locks held by gnome-shell/3018. [ 2141.025432] stack backtrace: [ 2141.025433] CPU: 2 PID: 3018 Comm: gnome-shell Tainted: G C OE = 6.6.0-rc1+ #15 [ 2141.025436] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 = R1.16.0 for D3161-A1x 10/29/2012 [ 2141.025438] Call Trace: [ 2141.025439] [ 2141.025441] dump_stack_lvl+0x5c/0xa0 [ 2141.025445] dump_stack+0x10/0x20 [ 2141.025447] print_usage_bug+0x22f/0x2c0 [ 2141.025452] mark_lock.part.0+0x6bf/0x8a0 [ 2141.025456] ? sched_clock_noinstr+0x9/0x10 [ 2141.025461] __lock_acquire+0xb75/0x1de0 [ 2141.025465] ? sched_clock_noinstr+0x9/0x10 [ 2141.025469] lock_acquire+0xdc/0x2c0 [ 2141.025473] ? __kmem_cache_alloc_node+0x48/0x720 [ 2141.025478] fs_reclaim_acquire+0xaa/0xe0 [ 2141.025481] ? __kmem_cache_alloc_node+0x48/0x720 [ 2141.025484] __kmem_cache_alloc_node+0x48/0x720 [ 2141.025487] ? ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025508] kmalloc_trace+0x2a/0xc0 [ 2141.025510] ? kmalloc_trace+0x2a/0xc0 [ 2141.025513] ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025527] ? ehci_urb_enqueue+0x12a/0x1020 [ 2141.025534] ieee80211_rx+0xf44/0x1e60 [r8192u_usb] [ 2141.025549] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025552] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025558] rtl8192_rx_nomal+0x583/0x1180 [r8192u_usb] [ 2141.025570] ? sched_clock_noinstr+0x9/0x10 [ 2141.025573] ? exc_page_fault+0x1b0/0x210 [ 2141.025580] rtl8192_irq_rx_tasklet+0x8a/0xc0 [r8192u_usb] [ 2141.025593] tasklet_action_common.isra.0+0x10a/0x290 [ 2141.025597] tasklet_action+0x2d/0x40 [ 2141.025600] __do_softirq+0xca/0x3b7 [ 2141.025605] irq_exit_rcu+0xa0/0xe0 [ 2141.025608] common_interrupt+0x68/0xe0 [ 2141.025611] asm_common_interrupt+0x27/0x40 [ 2141.025614] RIP: 0033:0x7f31fcbc5634 [ 2141.025617] Code: 89 c9 48 c7 c6 3f 00 00 00 48 d3 ef 48 85 ff 0f 84 96 = fe ff ff 48 0f bc cf 0f b6 04 08 0f b6 14 0a 29 d0 c3 66 90 38 c8 75 1c <48= > 83 c2 01 48 83 fa 40 0f 84 23 fe ff ff 0f b6 04 17 0f b6 0c 16 [ 2141.025620] RSP: 002b:00007fff36dad668 EFLAGS: 00000246 [ 2141.025623] RAX: 0000000000000072 RBX: 0000000000000000 RCX: 00000000000= 00072 [ 2141.025624] RDX: 0000000000000008 RSI: 0000563837956fc0 RDI: 00005638375= 9c230 [ 2141.025626] RBP: 0000563837956fc0 R08: 000000000000e000 R09: 00000000000= 00000 [ 2141.025628] R10: 0000000000000001 R11: 00007f31fccca2e4 R12: 00000000000= 00012 [ 2141.025629] R13: 000056383759c270 R14: 0000563837e1a5a0 R15: 00005638379= 56fc0 [ 2141.025634] [ 2141.025644] BUG: sleeping function called from invalid context at includ= e/linux/sched/mm.h:306 [ 2141.025647] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3018,= name: gnome-shell [ 2141.025650] preempt_count: 100, expected: 0 [ 2141.025651] RCU nest depth: 0, expected: 0 [ 2141.025653] INFO: lockdep is turned off. [ 2141.025654] Preemption disabled at: [ 2141.025655] [] __do_softirq+0x5e/0x3b7 [ 2141.025659] CPU: 2 PID: 3018 Comm: gnome-shell Tainted: G C OE = 6.6.0-rc1+ #15 [ 2141.025662] Hardware name: FUJITSU ESPRIMO P710/D3161-A1, BIOS V4.6.5.3 = R1.16.0 for D3161-A1x 10/29/2012 [ 2141.025663] Call Trace: [ 2141.025664] [ 2141.025666] dump_stack_lvl+0x7d/0xa0 [ 2141.025669] dump_stack+0x10/0x20 [ 2141.025672] __might_resched+0x1be/0x2e0 [ 2141.025676] __might_sleep+0x43/0x70 [ 2141.025679] __kmem_cache_alloc_node+0x568/0x720 [ 2141.025682] ? ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025698] kmalloc_trace+0x2a/0xc0 [ 2141.025700] ? kmalloc_trace+0x2a/0xc0 [ 2141.025703] ieee80211_rx_frame_softmac+0x2d3/0x1a10 [r8192u_usb] [ 2141.025716] ? ehci_urb_enqueue+0x12a/0x1020 [ 2141.025721] ieee80211_rx+0xf44/0x1e60 [r8192u_usb] [ 2141.025735] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025738] ? __lock_acquire+0xbf3/0x1de0 [ 2141.025744] rtl8192_rx_nomal+0x583/0x1180 [r8192u_usb] [ 2141.025756] ? sched_clock_noinstr+0x9/0x10 [ 2141.025758] ? exc_page_fault+0x1b0/0x210 [ 2141.025765] rtl8192_irq_rx_tasklet+0x8a/0xc0 [r8192u_usb] [ 2141.025778] tasklet_action_common.isra.0+0x10a/0x290 [ 2141.025782] tasklet_action+0x2d/0x40 [ 2141.025785] __do_softirq+0xca/0x3b7 [ 2141.025790] irq_exit_rcu+0xa0/0xe0 [ 2141.025793] common_interrupt+0x68/0xe0 [ 2141.025796] asm_common_interrupt+0x27/0x40 [ 2141.025798] RIP: 0033:0x7f31fcbc5634 [ 2141.025800] Code: 89 c9 48 c7 c6 3f 00 00 00 48 d3 ef 48 85 ff 0f 84 96 = fe ff ff 48 0f bc cf 0f b6 04 08 0f b6 14 0a 29 d0 c3 66 90 38 c8 75 1c <48= > 83 c2 01 48 83 fa 40 0f 84 23 fe ff ff 0f b6 04 17 0f b6 0c 16 [ 2141.025802] RSP: 002b:00007fff36dad668 EFLAGS: 00000246 [ 2141.025804] RAX: 0000000000000072 RBX: 0000000000000000 RCX: 00000000000= 00072 [ 2141.025806] RDX: 0000000000000008 RSI: 0000563837956fc0 RDI: 00005638375= 9c230 [ 2141.025807] RBP: 0000563837956fc0 R08: 000000000000e000 R09: 00000000000= 00000 [ 2141.025809] R10: 0000000000000001 R11: 00007f31fccca2e4 R12: 00000000000= 00012 [ 2141.025811] R13: 000056383759c270 R14: 0000563837e1a5a0 R15: 00005638379= 56fc0 [ 2141.025815] --- .../rtl8192u/ieee80211/ieee80211_softmac.c | 19 ++++++++----------- drivers/staging/rtl8192u/r8192U.h | 1 + drivers/staging/rtl8192u/r8192U_core.c | 6 ++++++ 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c b/drive= rs/staging/rtl8192u/ieee80211/ieee80211_softmac.c index 92001cb36730..ff5d6f5aeed1 100644 --- a/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c +++ b/drivers/staging/rtl8192u/ieee80211/ieee80211_softmac.c @@ -12,6 +12,7 @@ * Copyright who own it's copyright. */ #include "ieee80211.h" +#include "../r8192U.h" =20 #include #include @@ -1892,6 +1893,8 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *i= eee, struct sk_buff *skb, u16 stype) { struct rtl_80211_hdr_3addr *header =3D (struct rtl_80211_hdr_3addr *)skb-= >data; + struct net_device *dev =3D ieee->dev; + struct r8192_priv *priv =3D ieee80211_priv(dev); u16 errcode; int aid; struct ieee80211_assoc_response_frame *assoc_resp; @@ -1917,12 +1920,7 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *= ieee, struct sk_buff *skb, if ((ieee->softmac_features & IEEE_SOFTMAC_ASSOCIATE) && ieee->state =3D=3D IEEE80211_ASSOCIATING_AUTHENTICATED && ieee->iw_mode =3D=3D IW_MODE_INFRA) { - struct ieee80211_network *network; - - network =3D kzalloc(sizeof(*network), GFP_KERNEL); - if (!network) - return -ENOMEM; - + memset(priv->network, 0, sizeof(struct ieee80211_network)); errcode =3D assoc_parse(ieee, skb, &aid); if (!errcode) { ieee->state =3D IEEE80211_LINKED; @@ -1934,15 +1932,15 @@ ieee80211_rx_frame_softmac(struct ieee80211_device = *ieee, struct sk_buff *skb, assoc_resp =3D (struct ieee80211_assoc_response_frame *)skb->data; if (ieee80211_parse_info_param(ieee, assoc_resp->info_element,\ rx_stats->len - sizeof(*assoc_resp), \ - network, rx_stats)) { + priv->network, rx_stats)) { return 1; } else { //filling the PeerHTCap. //maybe not necessary as we can get its inf= o from current_network. - memcpy(ieee->pHTInfo->PeerHTCapBuf, network->bssht.bdHTCapBuf, netwo= rk->bssht.bdHTCapLen); - memcpy(ieee->pHTInfo->PeerHTInfoBuf, network->bssht.bdHTInfoBuf, net= work->bssht.bdHTInfoLen); + memcpy(ieee->pHTInfo->PeerHTCapBuf, priv->network->bssht.bdHTCapBuf,= priv->network->bssht.bdHTCapLen); + memcpy(ieee->pHTInfo->PeerHTInfoBuf, priv->network->bssht.bdHTInfoBu= f, priv->network->bssht.bdHTInfoLen); } if (ieee->handle_assoc_response) - ieee->handle_assoc_response(ieee->dev, (struct ieee80211_assoc_respo= nse_frame *)header, network); + ieee->handle_assoc_response(ieee->dev, (struct ieee80211_assoc_respo= nse_frame *)header, priv->network); } ieee80211_associate_complete(ieee); } else { @@ -1957,7 +1955,6 @@ ieee80211_rx_frame_softmac(struct ieee80211_device *i= eee, struct sk_buff *skb, else ieee80211_associate_abort(ieee); } - kfree(network); } break; =20 diff --git a/drivers/staging/rtl8192u/r8192U.h b/drivers/staging/rtl8192u/r= 8192U.h index ff0ada00bf41..672bd19e4db7 100644 --- a/drivers/staging/rtl8192u/r8192U.h +++ b/drivers/staging/rtl8192u/r8192U.h @@ -908,6 +908,7 @@ typedef struct r8192_priv { =20 struct ChnlAccessSetting ChannelAccessSetting; struct work_struct reset_wq; + struct ieee80211_network *network; =20 /**********************************************************/ /* For rtl819xUsb */ diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl81= 92u/r8192U_core.c index bf6d93de7a74..060475017d0d 100644 --- a/drivers/staging/rtl8192u/r8192U_core.c +++ b/drivers/staging/rtl8192u/r8192U_core.c @@ -1990,6 +1990,10 @@ static int rtl8192_init_priv_variable(struct net_dev= ice *dev) if (!priv->pFirmware) return -ENOMEM; =20 + priv->network =3D kzalloc(sizeof(*priv->network), GFP_KERNEL); + if (!priv->network) + return -ENOMEM; + /* rx related queue */ skb_queue_head_init(&priv->rx_queue); skb_queue_head_init(&priv->skb_queue); @@ -4572,6 +4576,8 @@ static int rtl8192_usb_probe(struct usb_interface *in= tf, fail: kfree(priv->pFirmware); priv->pFirmware =3D NULL; + kfree(priv->network); + priv->network =3D NULL; rtl8192_usb_deleteendpoints(dev); msleep(10); free_ieee80211(dev); --=20 2.42.0