Oliver, The callback came from this function:
static void read_rxcmd_callback(struct urb *urb) { struct usb_serial_port *port = (struct usb_serial_port *)urb->context; int result; dbg("%s - enter", __FUNCTION__); dbg("%s - urb->status = %d", __FUNCTION__, urb->status); if (urb->status) { dbg("%s - urb->status = %d", __FUNCTION__, urb->status); /* error stop all */ return; } usb_fill_bulk_urb(port->read_urb, port->serial->dev, usb_rcvbulkpipe(port->serial->dev, port->bulk_in_endpointAddress), port->read_urb->transfer_buffer, 256, iuu_uart_read_callback, port); result = usb_submit_urb(port->read_urb, GFP_ATOMIC); dbg("%s - submit result = %d", __FUNCTION__, result); return; } And dbg("%s - submit result = %d", __FUNCTION__, result) alwys display result = 0... I don't understand how it could happens... Now with this check I have another problem: a oops "unable to handle kernel paging request" in another module ... I can't explain why... My code is running during 1 to 5 minutes but suddenly I have a kernel panic that doesn't appear to come from my module. I begin to be nuts because I try to understand this for a week without any clue to understand. The panic always show the EIP that have nothing to see with my module. One of the panic was due to a null deference and this is why I have added this check and the difference is that de kernel ca run 3 to 5 minutes ( Before it was only for 10 to 60 seconds )... So I progress but it is a nonsense to search like that. Even with Sysrq + t, I don’t' see anything that can explain the problem. Alain -----Message d'origine----- De : Oliver Neukum [mailto:[EMAIL PROTECTED] Envoyé : dimanche 29 juillet 2007 21:42 À : linux-usb-devel@lists.sourceforge.net Cc : [EMAIL PROTECTED] Objet : Re: [linux-usb-devel] [PATCH] USB Pegasus driver - avoid a potential NULL pointer dereference. Am Sonntag 29 Juli 2007 schrieb [EMAIL PROTECTED]: > I have the same problem in my development.. > > Somewhere in my code: > > unsigned char *data = urb->transfer_buffer ; > .... > if ( data == NULL ) > dbg("%s - data is NULL !!!",__FUNCTION__ ); > > if ( urb->actual_length == 1 && data != NULL ) > len = (int) data[0]; > > > If I don’t do this check in a usb callback function, I have kernel panic > deference to null pointer ! > But the fun stuff in this story is that I never see the debug " data is NULL > !!! " so This never happen if I do this check.... urb->transfer_buffer is set by the caller. Usbcore should never change it. What do you set it to? Regards Oliver ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ linux-usb-devel@lists.sourceforge.net To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel