diff options
| author | Abhishek Aggarwal <aaggarwal@nvidia.com> | 2010-04-14 11:40:20 +0530 |
|---|---|---|
| committer | Gary King <gking@nvidia.com> | 2010-04-14 18:10:35 -0700 |
| commit | 15dd321ef1de7508952438128b4138927c48dd25 (patch) | |
| tree | 356fa42cb0b3252bc2380be6e4eb77d607f2d291 | |
| parent | 038437e4e1975d9aec6a8385d52b24efac428289 (diff) | |
usb gadget: Implementing checks to fix NULL pointer dereference exception
In LDK, no gadget driver gets registered with the udc driver and thus
udc->driver is not initialized and is NULL. Accessing members of
udc->driver in the execution path of fsl_udc_irq() results in NULL
pointer dereference exception.
Fixing it by implementing NULL value checks for udc->driver at
appropriate places.
Bug 671801: [Mobile LDK\Harmony] wake up from LP1 freezes the device
Bug 671807: [Mobile LDK\Harmony\LP1] Wake-up by USB mini-b cable is not
working
Change-Id: I502ad8b4ba804bc82ec95af739e71ccfb11493d7
Reviewed-on: http://git-master/r/1110
Tested-by: Abhishek Aggarwal <aaggarwal@nvidia.com>
Reviewed-by: Hanumanth Venkateswa Moganty <vmoganty@nvidia.com>
Tested-by: Hanumanth Venkateswa Moganty <vmoganty@nvidia.com>
Reviewed-by: Gary King <gking@nvidia.com>
| -rwxr-xr-x | drivers/usb/gadget/fsl_udc_core.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/drivers/usb/gadget/fsl_udc_core.c b/drivers/usb/gadget/fsl_udc_core.c index f30912b62fca..48dcbd19cae1 100755 --- a/drivers/usb/gadget/fsl_udc_core.c +++ b/drivers/usb/gadget/fsl_udc_core.c @@ -1432,8 +1432,8 @@ static void setup_received_irq(struct fsl_udc *udc, udc->ep0_dir = (setup->bRequestType & USB_DIR_IN) ? USB_DIR_IN : USB_DIR_OUT; spin_unlock(&udc->lock); - if (udc->driver->setup(&udc->gadget, - &udc->local_setup_buff) < 0) + if (udc->driver && (udc->driver->setup(&udc->gadget, + &udc->local_setup_buff) < 0)) ep0stall(udc); spin_lock(&udc->lock); udc->ep0_state = (setup->bRequestType & USB_DIR_IN) @@ -1442,8 +1442,8 @@ static void setup_received_irq(struct fsl_udc *udc, /* No data phase, IN status from gadget */ udc->ep0_dir = USB_DIR_IN; spin_unlock(&udc->lock); - if (udc->driver->setup(&udc->gadget, - &udc->local_setup_buff) < 0) + if (udc->driver && (udc->driver->setup(&udc->gadget, + &udc->local_setup_buff) < 0)) ep0stall(udc); spin_lock(&udc->lock); udc->ep0_state = WAIT_FOR_OUT_STATUS; @@ -1683,7 +1683,7 @@ static void suspend_irq(struct fsl_udc *udc) udc->usb_state = USB_STATE_SUSPENDED; /* report suspend to the driver, serial.c does not support this */ - if (udc->driver->suspend) + if (udc->driver && udc->driver->suspend) udc->driver->suspend(&udc->gadget); } @@ -1693,7 +1693,7 @@ static void bus_resume(struct fsl_udc *udc) udc->resume_state = 0; /* report resume to the driver, serial.c does not support this */ - if (udc->driver->resume) + if (udc->driver && udc->driver->resume) udc->driver->resume(&udc->gadget); } @@ -1707,7 +1707,8 @@ static int reset_queues(struct fsl_udc *udc) /* report disconnect; the driver is already quiesced */ spin_unlock(&udc->lock); - udc->driver->disconnect(&udc->gadget); + if (udc->driver) + udc->driver->disconnect(&udc->gadget); spin_lock(&udc->lock); return 0; |