[PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[Roderick Colenbrander]

Many devices use userspace bluetooth stacks like BlueZ or Bluedroid in combination
with uhid. If any of these stacks is used with a HID device for which the driver
performs a HID request as part .probe (or technically another HID operation),
this results in a deadlock situation. The deadlock results in a 5 second timeout
for I/O operations in HID drivers, so isn't fatal, but none of the I/O operations
have a chance of succeeding.

The root cause for the problem is that uhid only allows for one request to be
processed at a time per uhid instance and locks out other operations. This means
that if a user space is creating a new HID device through 'UHID_CREATE', which
ultimately triggers '.probe' through the HID layer. Then any HID request e.g. a
read for calibration data would trigger a HID operation on uhid again, but it
won't go out to userspace, because it is still stuck in UHID_CREATE.
In addition bluetooth stacks are typically single threaded, so they wouldn't be
able to handle any requests while waiting on uhid.

Lucikly the UHID spec is somewhat flexible and allows for fixing the issue,
without breaking user space. The idea which the patch implements as discussed
with David Herrmann is to decouple adding of a hid device (which triggers .probe)
from UHID_CREATE. The work will kick off roughly once UHID_CREATE completed (or
else will wait a tiny bit of time in .probe for a lock). A HID driver has to call
HID to call 'hid_hw_start()' as part of .probe once it is ready for I/O, which
triggers UHID_START to user space. Any HID operations should function now within
.probe and won't deadlock because userspace is stuck on UHID_CREATE.

We verified this patch on Bluedroid with Android 6.0 and on desktop Linux with
BlueZ stacks. Prior to the patch they had the deadlock issue.

Signed-off-by: Roderick Colenbrander <roderick.colenbrander@sony.com>
Cc: stable@vger.kernel.org
---
 drivers/hid/uhid.c | 33 ++++++++++++++++++++++++---------
 1 file changed, 24 insertions(+), 9 deletions(-)

diff --git a/drivers/hid/uhid.c b/drivers/hid/uhid.c
index 16b6f11..99ec3ff 100644
--- a/drivers/hid/uhid.c
+++ b/drivers/hid/uhid.c
@@ -51,10 +51,26 @@ struct uhid_device {
 	u32 report_id;
 	u32 report_type;
 	struct uhid_event report_buf;
+	struct work_struct worker;
 };
 
 static struct miscdevice uhid_misc;
 
+static void uhid_device_add_worker(struct work_struct *work)
+{
+	struct uhid_device *uhid = container_of(work, struct uhid_device, worker);
+	int ret;
+
+	ret = hid_add_device(uhid->hid);
+	if (ret) {
+		hid_err(uhid->hid, "Cannot register HID device: error %d\n", ret);
+
+		hid_destroy_device(uhid->hid);
+		uhid->hid = NULL;
+		uhid->running = false;
+	}
+}
+
 static void uhid_queue(struct uhid_device *uhid, struct uhid_event *ev)
 {
 	__u8 newhead;
@@ -498,18 +514,14 @@ static int uhid_dev_create2(struct uhid_device *uhid,
 	uhid->hid = hid;
 	uhid->running = true;
 
-	ret = hid_add_device(hid);
-	if (ret) {
-		hid_err(hid, "Cannot register HID device\n");
-		goto err_hid;
-	}
+	/* Adding of a HID device is done through a worker, to allow HID drivers
+	 * which use feature requests during .probe to work, without they would
+	 * be blocked on devlock, which is held by uhid_char_write.
+	 */
+	schedule_work(&uhid->worker);
 
 	return 0;
 
-err_hid:
-	hid_destroy_device(hid);
-	uhid->hid = NULL;
-	uhid->running = false;
 err_free:
 	kfree(uhid->rd_data);
 	uhid->rd_data = NULL;
@@ -550,6 +562,8 @@ static int uhid_dev_destroy(struct uhid_device *uhid)
 	uhid->running = false;
 	wake_up_interruptible(&uhid->report_wait);
 
+	cancel_work_sync(&uhid->worker);
+
 	hid_destroy_device(uhid->hid);
 	kfree(uhid->rd_data);
 
@@ -612,6 +626,7 @@ static int uhid_char_open(struct inode *inode, struct file *file)
 	init_waitqueue_head(&uhid->waitq);
 	init_waitqueue_head(&uhid->report_wait);
 	uhid->running = false;
+	INIT_WORK(&uhid->worker, uhid_device_add_worker);
 
 	file->private_data = uhid;
 	nonseekable_open(inode, file);
-- 
2.5.5

RE: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[Colenbrander, Roelof]

Hi,

The patch in this thread is part of input work I'm doing with my team and will hopefully be the first of many, but we are new to the linux-input project. We shared this patch first in April and again about 2 weeks ago in May, but we haven't received any feedback so far. Originally the discussion leading to this patch was partially on linux-input, but then privately with David and he suggested the direction the patch took. I think the resulting patch is clean and self explanatory. We have tested the patch on various devices without issues. For us this patch fixes an important problem and we would like to get it included in the upstream kernel.

Thanks,
Roderick Colenbrander
Gaikai Inc, a Sony Interactive Entertainment Company
________________________________________
From: Roderick Colenbrander [roderick.colenbrander@sony.com]
Sent: Wednesday, May 18, 2016 1:11 PM
To: dh.herrmann@googlemail.com; jikos@kernel.org
Cc: benjamin.tissoires@redhat.com; linux-input@vger.kernel.org; linux-kernel@vger.kernel.org; Colenbrander, Roelof; stable@vger.kernel.org
Subject: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

Many devices use userspace bluetooth stacks like BlueZ or Bluedroid in combination
with uhid. If any of these stacks is used with a HID device for which the driver
performs a HID request as part .probe (or technically another HID operation),
this results in a deadlock situation. The deadlock results in a 5 second timeout
for I/O operations in HID drivers, so isn't fatal, but none of the I/O operations
have a chance of succeeding.

The root cause for the problem is that uhid only allows for one request to be
processed at a time per uhid instance and locks out other operations. This means
that if a user space is creating a new HID device through 'UHID_CREATE', which
ultimately triggers '.probe' through the HID layer. Then any HID request e.g. a
read for calibration data would trigger a HID operation on uhid again, but it
won't go out to userspace, because it is still stuck in UHID_CREATE.
In addition bluetooth stacks are typically single threaded, so they wouldn't be
able to handle any requests while waiting on uhid.

Lucikly the UHID spec is somewhat flexible and allows for fixing the issue,
without breaking user space. The idea which the patch implements as discussed
with David Herrmann is to decouple adding of a hid device (which triggers .probe)
from UHID_CREATE. The work will kick off roughly once UHID_CREATE completed (or
else will wait a tiny bit of time in .probe for a lock). A HID driver has to call
HID to call 'hid_hw_start()' as part of .probe once it is ready for I/O, which
triggers UHID_START to user space. Any HID operations should function now within
.probe and won't deadlock because userspace is stuck on UHID_CREATE.

We verified this patch on Bluedroid with Android 6.0 and on desktop Linux with
BlueZ stacks. Prior to the patch they had the deadlock issue.

Signed-off-by: Roderick Colenbrander <roderick.colenbrander@sony.com>
Cc: stable@vger.kernel.org
---
 drivers/hid/uhid.c | 33 ++++++++++++++++++++++++---------
 1 file changed, 24 insertions(+), 9 deletions(-)

diff --git a/drivers/hid/uhid.c b/drivers/hid/uhid.c
index 16b6f11..99ec3ff 100644
--- a/drivers/hid/uhid.c
+++ b/drivers/hid/uhid.c
@@ -51,10 +51,26 @@ struct uhid_device {
        u32 report_id;
        u32 report_type;
        struct uhid_event report_buf;
+       struct work_struct worker;
 };

 static struct miscdevice uhid_misc;

+static void uhid_device_add_worker(struct work_struct *work)
+{
+       struct uhid_device *uhid = container_of(work, struct uhid_device, worker);
+       int ret;
+
+       ret = hid_add_device(uhid->hid);
+       if (ret) {
+               hid_err(uhid->hid, "Cannot register HID device: error %d\n", ret);
+
+               hid_destroy_device(uhid->hid);
+               uhid->hid = NULL;
+               uhid->running = false;
+       }
+}
+
 static void uhid_queue(struct uhid_device *uhid, struct uhid_event *ev)
 {
        __u8 newhead;
@@ -498,18 +514,14 @@ static int uhid_dev_create2(struct uhid_device *uhid,
        uhid->hid = hid;
        uhid->running = true;

-       ret = hid_add_device(hid);
-       if (ret) {
-               hid_err(hid, "Cannot register HID device\n");
-               goto err_hid;
-       }
+       /* Adding of a HID device is done through a worker, to allow HID drivers
+        * which use feature requests during .probe to work, without they would
+        * be blocked on devlock, which is held by uhid_char_write.
+        */
+       schedule_work(&uhid->worker);

        return 0;

-err_hid:
-       hid_destroy_device(hid);
-       uhid->hid = NULL;
-       uhid->running = false;
 err_free:
        kfree(uhid->rd_data);
        uhid->rd_data = NULL;
@@ -550,6 +562,8 @@ static int uhid_dev_destroy(struct uhid_device *uhid)
        uhid->running = false;
        wake_up_interruptible(&uhid->report_wait);

+       cancel_work_sync(&uhid->worker);
+
        hid_destroy_device(uhid->hid);
        kfree(uhid->rd_data);

@@ -612,6 +626,7 @@ static int uhid_char_open(struct inode *inode, struct file *file)
        init_waitqueue_head(&uhid->waitq);
        init_waitqueue_head(&uhid->report_wait);
        uhid->running = false;
+       INIT_WORK(&uhid->worker, uhid_device_add_worker);

        file->private_data = uhid;
        nonseekable_open(inode, file);
--
2.5.5

Re: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[Greg KH]

On Tue, May 31, 2016 at 09:10:36PM +0000, Colenbrander, Roelof wrote:
> Hi,
> 
> The patch in this thread is part of input work I'm doing with my team
> and will hopefully be the first of many, but we are new to the
> linux-input project. We shared this patch first in April and again
> about 2 weeks ago in May, but we haven't received any feedback so far.

It's been the middle of the merge window for the past 2 weeks, where no
new code is usually reviewed or handled at all.  Give the maintainers a
bit of time to catch up.

thanks,

greg k-h

Re: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[Jiri Kosina]

On Wed, 18 May 2016, Roderick Colenbrander wrote:

> Many devices use userspace bluetooth stacks like BlueZ or Bluedroid in combination
> with uhid. If any of these stacks is used with a HID device for which the driver
> performs a HID request as part .probe (or technically another HID operation),
> this results in a deadlock situation. The deadlock results in a 5 second timeout
> for I/O operations in HID drivers, so isn't fatal, but none of the I/O operations
> have a chance of succeeding.
> 
> The root cause for the problem is that uhid only allows for one request to be
> processed at a time per uhid instance and locks out other operations. This means
> that if a user space is creating a new HID device through 'UHID_CREATE', which
> ultimately triggers '.probe' through the HID layer. Then any HID request e.g. a
> read for calibration data would trigger a HID operation on uhid again, but it
> won't go out to userspace, because it is still stuck in UHID_CREATE.
> In addition bluetooth stacks are typically single threaded, so they wouldn't be
> able to handle any requests while waiting on uhid.
> 
> Lucikly the UHID spec is somewhat flexible and allows for fixing the issue,
> without breaking user space. The idea which the patch implements as discussed
> with David Herrmann is to decouple adding of a hid device (which triggers .probe)
> from UHID_CREATE. The work will kick off roughly once UHID_CREATE completed (or
> else will wait a tiny bit of time in .probe for a lock). A HID driver has to call
> HID to call 'hid_hw_start()' as part of .probe once it is ready for I/O, which
> triggers UHID_START to user space. Any HID operations should function now within
> .probe and won't deadlock because userspace is stuck on UHID_CREATE.
> 
> We verified this patch on Bluedroid with Android 6.0 and on desktop Linux with
> BlueZ stacks. Prior to the patch they had the deadlock issue.
> 
> Signed-off-by: Roderick Colenbrander <roderick.colenbrander@sony.com>

Thanks for the fix. I've applied it to 
hid.git#for-4.8/uhid-offload-hid-device-add

-- 
Jiri Kosina
SUSE Labs

Re: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[Roderick Colenbrander]

Please ignore this revision of the patch, there was a small merge
conflict on my end.

On Thu, Apr 21, 2016 at 2:15 PM, kbuild test robot <lkp@intel.com> wrote:
> Hi,
>
> [auto build test WARNING on hid/for-next]
> [also build test WARNING on v4.6-rc4 next-20160421]
> [if your patch is applied to the wrong git tree, please drop us a note to help improving the system]
>
> url:    https://github.com/0day-ci/linux/commits/roderick-gaikai-com/HID-uhid-Fixes-a-bug-with-userspace-bluetooth-stacks-which-causes-hangs-during-certain-operations/20160422-050505
> base:   https://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid.git for-next
> config: x86_64-randconfig-x003-201616 (attached as .config)
> reproduce:
>         # save the attached .config to linux build tree
>         make ARCH=x86_64
>
> All warnings (new ones prefixed by >>):
>
>    In file included from arch/x86/include/asm/atomic.h:4:0,
>                     from include/linux/atomic.h:4,
>                     from drivers/hid/uhid.c:13:
>    drivers/hid/uhid.c: In function 'uhid_event_from_user':
>    drivers/hid/uhid.c:403:6: error: implicit declaration of function 'is_compat_task' [-Werror=implicit-function-declaration]
>      if (is_compat_task()) {
>          ^
>    include/linux/compiler.h:151:30: note: in definition of macro '__trace_if'
>      if (__builtin_constant_p(!!(cond)) ? !!(cond) :   \
>                                  ^
>>> drivers/hid/uhid.c:403:2: note: in expansion of macro 'if'
>      if (is_compat_task()) {
>      ^
>    cc1: some warnings being treated as errors
>
> vim +/if +403 drivers/hid/uhid.c
>
>    387          __u8 phys[64];
>    388          __u8 uniq[64];
>    389
>    390          compat_uptr_t rd_data;
>    391          __u16 rd_size;
>    392
>    393          __u16 bus;
>    394          __u32 vendor;
>    395          __u32 product;
>    396          __u32 version;
>    397          __u32 country;
>    398  } __attribute__((__packed__));
>    399
>    400  static int uhid_event_from_user(const char __user *buffer, size_t len,
>    401                                  struct uhid_event *event)
>    402  {
>  > 403          if (is_compat_task()) {
>    404                  u32 type;
>    405
>    406                  if (get_user(type, buffer))
>    407                          return -EFAULT;
>    408
>    409                  if (type == UHID_CREATE) {
>    410                          /*
>    411                           * This is our messed up request with compat pointer.
>
> ---
> 0-DAY kernel test infrastructure                Open Source Technology Center
> https://lists.01.org/pipermail/kbuild-all                   Intel Corporation



-- 
Roderick Colenbrander
Manager of Software Engineering
Gaikai, a Sony Computer Entertainment Company
roderick@gaikai.com

Re: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[kbuild test robot]

[-- Attachment #1: Type: text/plain, Size: 2191 bytes --]

Hi,

[auto build test WARNING on hid/for-next]
[also build test WARNING on v4.6-rc4 next-20160421]
[if your patch is applied to the wrong git tree, please drop us a note to help improving the system]

url:    https://github.com/0day-ci/linux/commits/roderick-gaikai-com/HID-uhid-Fixes-a-bug-with-userspace-bluetooth-stacks-which-causes-hangs-during-certain-operations/20160422-050505
base:   https://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid.git for-next
config: x86_64-randconfig-x003-201616 (attached as .config)
reproduce:
        # save the attached .config to linux build tree
        make ARCH=x86_64 

All warnings (new ones prefixed by >>):

   In file included from arch/x86/include/asm/atomic.h:4:0,
                    from include/linux/atomic.h:4,
                    from drivers/hid/uhid.c:13:
   drivers/hid/uhid.c: In function 'uhid_event_from_user':
   drivers/hid/uhid.c:403:6: error: implicit declaration of function 'is_compat_task' [-Werror=implicit-function-declaration]
     if (is_compat_task()) {
         ^
   include/linux/compiler.h:151:30: note: in definition of macro '__trace_if'
     if (__builtin_constant_p(!!(cond)) ? !!(cond) :   \
                                 ^
>> drivers/hid/uhid.c:403:2: note: in expansion of macro 'if'
     if (is_compat_task()) {
     ^
   cc1: some warnings being treated as errors

vim +/if +403 drivers/hid/uhid.c

   387		__u8 phys[64];
   388		__u8 uniq[64];
   389	
   390		compat_uptr_t rd_data;
   391		__u16 rd_size;
   392	
   393		__u16 bus;
   394		__u32 vendor;
   395		__u32 product;
   396		__u32 version;
   397		__u32 country;
   398	} __attribute__((__packed__));
   399	
   400	static int uhid_event_from_user(const char __user *buffer, size_t len,
   401					struct uhid_event *event)
   402	{
 > 403		if (is_compat_task()) {
   404			u32 type;
   405	
   406			if (get_user(type, buffer))
   407				return -EFAULT;
   408	
   409			if (type == UHID_CREATE) {
   410				/*
   411				 * This is our messed up request with compat pointer.

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/octet-stream, Size: 19792 bytes --]

Re: [PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[kbuild test robot]

[-- Attachment #1: Type: text/plain, Size: 1420 bytes --]

Hi,

[auto build test ERROR on hid/for-next]
[also build test ERROR on v4.6-rc4 next-20160421]
[if your patch is applied to the wrong git tree, please drop us a note to help improving the system]

url:    https://github.com/0day-ci/linux/commits/roderick-gaikai-com/HID-uhid-Fixes-a-bug-with-userspace-bluetooth-stacks-which-causes-hangs-during-certain-operations/20160422-050505
base:   https://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid.git for-next
config: x86_64-randconfig-x010-201616 (attached as .config)
reproduce:
        # save the attached .config to linux build tree
        make ARCH=x86_64 

All errors (new ones prefixed by >>):

   drivers/hid/uhid.c: In function 'uhid_event_from_user':
>> drivers/hid/uhid.c:403:6: error: implicit declaration of function 'is_compat_task' [-Werror=implicit-function-declaration]
     if (is_compat_task()) {
         ^
   cc1: some warnings being treated as errors

vim +/is_compat_task +403 drivers/hid/uhid.c

   397		__u32 country;
   398	} __attribute__((__packed__));
   399	
   400	static int uhid_event_from_user(const char __user *buffer, size_t len,
   401					struct uhid_event *event)
   402	{
 > 403		if (is_compat_task()) {
   404			u32 type;
   405	
   406			if (get_user(type, buffer))

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/octet-stream, Size: 23725 bytes --]

[PATCH] HID: uhid: Fixes a bug with userspace bluetooth stacks, which causes hangs during certain operations

[roderick]

From: Roderick Colenbrander <roderick.colenbrander@sony.com>

Many devices use userspace bluetooth stacks like BlueZ or Bluedroid in combination
with uhid. If any of these stacks is used with a HID device for which the driver
performs a HID request as part .probe (or technically another HID operation),
this results in a deadlock situation. The deadlock results in a 5 second timeout
for I/O operations in HID drivers, so isn't fatal, but none of the I/O operations
have a chance of succeeding.

The root cause for the problem is that uhid only allows for one request to be
processed at a time per uhid instance and locks out other operations. This means
that if a user space is creating a new HID device through 'UHID_CREATE', which
ultimately triggers '.probe' through the HID layer. Then any HID request e.g. a
read for calibration data would trigger a HID operation on uhid again, but it
won't go out to userspace, because it is still stuck in UHID_CREATE.
In addition bluetooth stacks are typically single threaded, so they wouldn't be
able to handle any requests while waiting on uhid.

Lucikly the UHID spec is somewhat flexible and allows for fixing the issue,
without breaking user space. The idea which the patch implements as discussed
with David Herrmann is to decouple adding of a hid device (which triggers .probe)
from UHID_CREATE. The work will kick off roughly once UHID_CREATE completed (or
else will wait a tiny bit of time in .probe for a lock). A HID driver has to call
HID to call 'hid_hw_start()' as part of .probe once it is ready for I/O, which
triggers UHID_START to user space. Any HID operations should function now within
.probe and won't deadlock because userspace is stuck on UHID_CREATE.

We verified this patch on Bluedroid with Android 6.0 and on desktop Linux with
BlueZ stacks. Prior to the patch they had the deadlock issue.

Signed-off-by: Roderick Colenbrander <roderick.colenbrander@sony.com>
Cc: stable@vger.kernel.org
---
 drivers/hid/uhid.c | 35 +++++++++++++++++++++++++----------
 1 file changed, 25 insertions(+), 10 deletions(-)

diff --git a/drivers/hid/uhid.c b/drivers/hid/uhid.c
index 16b6f11..1a2032c 100644
--- a/drivers/hid/uhid.c
+++ b/drivers/hid/uhid.c
@@ -51,10 +51,26 @@ struct uhid_device {
 	u32 report_id;
 	u32 report_type;
 	struct uhid_event report_buf;
+	struct work_struct worker;
 };
 
 static struct miscdevice uhid_misc;
 
+static void uhid_device_add_worker(struct work_struct *work)
+{
+	struct uhid_device *uhid = container_of(work, struct uhid_device, worker);
+	int ret;
+
+	ret = hid_add_device(uhid->hid);
+	if (ret) {
+		hid_err(uhid->hid, "Cannot register HID device: error %d\n", ret);
+
+		hid_destroy_device(uhid->hid);
+		uhid->hid = NULL;
+		uhid->running = false;
+	}
+}
+
 static void uhid_queue(struct uhid_device *uhid, struct uhid_event *ev)
 {
 	__u8 newhead;
@@ -384,7 +400,7 @@ struct uhid_create_req_compat {
 static int uhid_event_from_user(const char __user *buffer, size_t len,
 				struct uhid_event *event)
 {
-	if (in_compat_syscall()) {
+	if (is_compat_task()) {
 		u32 type;
 
 		if (get_user(type, buffer))
@@ -498,18 +514,14 @@ static int uhid_dev_create2(struct uhid_device *uhid,
 	uhid->hid = hid;
 	uhid->running = true;
 
-	ret = hid_add_device(hid);
-	if (ret) {
-		hid_err(hid, "Cannot register HID device\n");
-		goto err_hid;
-	}
+	/* Adding of a HID device is done through a worker, to allow HID drivers
+	 * which use feature requests during .probe to work, without they would
+	 * be blocked on devlock, which is held by uhid_char_write.
+	 */
+	schedule_work(&uhid->worker);
 
 	return 0;
 
-err_hid:
-	hid_destroy_device(hid);
-	uhid->hid = NULL;
-	uhid->running = false;
 err_free:
 	kfree(uhid->rd_data);
 	uhid->rd_data = NULL;
@@ -550,6 +562,8 @@ static int uhid_dev_destroy(struct uhid_device *uhid)
 	uhid->running = false;
 	wake_up_interruptible(&uhid->report_wait);
 
+	cancel_work_sync(&uhid->worker);
+
 	hid_destroy_device(uhid->hid);
 	kfree(uhid->rd_data);
 
@@ -612,6 +626,7 @@ static int uhid_char_open(struct inode *inode, struct file *file)
 	init_waitqueue_head(&uhid->waitq);
 	init_waitqueue_head(&uhid->report_wait);
 	uhid->running = false;
+	INIT_WORK(&uhid->worker, uhid_device_add_worker);
 
 	file->private_data = uhid;
 	nonseekable_open(inode, file);
-- 
2.5.5