There have been a number of reports of people getting an oops on system shutdown by people using the user space driver for the Alcatel speedtouch USB modem. The driver uses the proc interface coded in devio.c. I have tracked down the problem. This discussion applies to 2.4 kernels. I did not look at 2.5.
(1) THE OOPS. The oops occurs because destroy_all_async is calling usb_unlink_urb on pending urbs after the uhci (in my case) hub driver has been removed. Using a driver that has been removed is not good! The call to destroy_all_async is from usbdev_release. Here is the basic question: How is it possible to have pending urbs after hub removal? After all, doesn't driver_disconnect get called when the hub is removed (driver_disconnect empties the pending list)? The answer is: not necessarily. (2) THE MECHANISM. The user space driver (a) opens the proc file (usbdev_open) (b) claims the interrupt endpoint (as a side effect, this means that driver_disconnect will be called on hub removal) (c) submits an interrupt urb. This urb will not complete for a long time. The urb is in the async pending list. (d) releases the interface (as a side effect, this means that driver_disconnect will NOT be called on hub removal). Note that the urb is still in the async pending list. (e) time passes. System shutdown begins. The uhci hub is removed. driver_disconnect is not called because no interface is claimed. (f) the user space driver closes the proc file (usbdev_release). usbdev_release calls destroy_all_async. The interrupt urb is still on the async pending list. usb_unlink_urb is called. But the hub driver no longer exists. Bang! (3) FURTHER PROBLEMS. Other bad things are possible. For example, what is to stop the user space driver submitting an urb at point (f)? As far as I can see there is nothing to stop this - and submitting an urb to a no longer existing hub driver is not good! (4) QUESTIONS. (a) When the hub driver is removed, why is the interrupt urb not forced to complete with an error? This would solve the current oops (though it does not deal with problem 3). (b) When you release an interface, should not all urbs you submitted be forced to complete? (5) SOLUTIONS. To deal with the current oops, I suggest that when an interface is released, all pending urbs be forced to complete with an error. However, this does not help with problem 3. I don't know what to do about that. Any ideas? Ciao, Duncan. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ [EMAIL PROTECTED] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
