usb: gadget: serial: fix possible Oops caused by calling kthread_stop(NULL)
Add check for NULL before calling kthread_stop().
There were cases in which gserial_console_exit() was called, but the
console thread was not started. This resulted in an invalid
kthread_stop(NULL) call.
Without this, the following Oops may occur:
BUG: unable to handle kernel
NULL pointer dereference at
0000000000000018
IP: [<
ffffffffb3ca1166>] kthread_stop+0x16/0x110
...
CPU: 2 PID: 853 Comm: rmmod Not tainted 4.9.0-rc5 #3
Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z77 Extreme3, BIOS P1.50 07/11/2013
task:
ffff880419f6a100 task.stack:
ffffc90002e8c000
RIP: 0010:[<
ffffffffb3ca1166>] [<
ffffffffb3ca1166>] kthread_stop+0x16/0x110
RSP: 0018:
ffffc90002e8fdb0 EFLAGS:
00010286
RAX:
0000000000000001 RBX:
0000000000000000 RCX:
0000000000000000
RDX:
0000000000000001 RSI:
0000000000000246 RDI:
0000000000000000
RBP:
ffffc90002e8fdc8 R08:
0000000000000000 R09:
0000000000000001
R10:
000000000000019d R11:
000000000000001f R12:
0000000000000000
R13:
ffff88041b8d8400 R14:
0000000000000001 R15:
000055fd59f5a1e0
FS:
00007f82500be700(0000) GS:
ffff88042f280000(0000) knlGS:
0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
CR2:
0000000000000018 CR3:
000000041bee2000 CR4:
00000000001406e0
Stack:
0000000000000000 ffffffffc0b8e720 ffff88041b8d8400 ffffc90002e8fdf0
ffffffffc0b8bb52 ffff88041a106300 0000000000000001 ffff880419fc2ea8
ffffc90002e8fe08 ffffffffc0aed749 ffffffffc0aef600 ffffc90002e8fe20
Call Trace:
[<
ffffffffc0b8bb52>] gserial_free_line+0x72/0xb0 [u_serial]
[<
ffffffffc0aed749>] acm_free_instance+0x19/0x30 [usb_f_acm]
[<
ffffffffc0b01b40>] usb_put_function_instance+0x20/0x30 [libcomposite]
[<
ffffffffc04a603b>] gs_unbind+0x3b/0x70 [g_serial]
[<
ffffffffc0b018d1>] __composite_unbind+0x61/0xb0 [libcomposite]
[<
ffffffffc0b01933>] composite_unbind+0x13/0x20 [libcomposite]
[<
ffffffffc08ef1ad>] usb_gadget_remove_driver+0x3d/0x90 [udc_core]
[<
ffffffffc08ef26e>] usb_gadget_unregister_driver+0x6e/0xc0 [udc_core]
[<
ffffffffc0aff6d2>] usb_composite_unregister+0x12/0x20 [libcomposite]
[<
ffffffffc04a6268>] cleanup+0x10/0xda8 [g_serial]
[<
ffffffffb3d0c0c2>] SyS_delete_module+0x192/0x270
[<
ffffffffb3c032a0>] ? exit_to_usermode_loop+0x90/0xb0
[<
ffffffffb4228a3b>] entry_SYSCALL_64_fastpath+0x1e/0xad
Code: 89 c6 e8 6e ff ff ff 48 89 df e8 06 bd fd ff 5b 5d c3 0f 1f 00 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 49 89 fc 53 0f 1f 44 00 00 <f0> 41 ff 44 24 18 4c 89 e7 e8 bc f1 ff ff 48 85 c0 48 89 c3 74
RIP [<
ffffffffb3ca1166>] kthread_stop+0x16/0x110
RSP <
ffffc90002e8fdb0>
CR2:
0000000000000018
---[ end trace
5b3336a407e1698c ]---
Signed-off-by: Felix Hädicke <felixhaedicke@web.de>
Tested-by: Peter Chen <peter.chen@nxp.com>
Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit