From: "yurii.pidhornyi" <yurii.pidhor...@globallogic.com>
It was revealed that when the fastboot_tx_write_str function is called
without the previously initialized fastboot_func->in_req->complete field,
a copy of in_req will be sent to the I/O requests queue without
an initialized field.
Moving a piece of code with the initializing of the
fastboot_func->in_req->complete field above transmit_tx allows to solve
this problem.
Fixes: 65c96757fe9 "usb: fastboot: Convert USB f_fastboot to shared fastboot"
Signed-off-by: yurii.pidhornyi <yurii.pidhor...@globallogic.com>
---
drivers/usb/gadget/f_fastboot.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c
index 9d9dfb95a5..f36d371099 100644
--- a/drivers/usb/gadget/f_fastboot.c
+++ b/drivers/usb/gadget/f_fastboot.c
@@ -438,8 +438,6 @@ static void rx_handler_command(struct usb_ep *ep, struct
usb_request *req)
req->length = rx_bytes_expected(ep);
}
- fastboot_tx_write_str(response);
-
if (!strncmp("OKAY", response, 4)) {
switch (cmd) {
case FASTBOOT_COMMAND_BOOT:
@@ -457,6 +455,8 @@ static void rx_handler_command(struct usb_ep *ep, struct
usb_request *req)
}
}
+ fastboot_tx_write_str(response);
+
*cmdbuf = '\0';
req->actual = 0;
usb_ep_queue(ep, req, 0);
--
2.17.1
