Re: 2.6.36-rc7: NULL pointer dereference in ehci_clear_tt_buffer_complete
From: Alan Stern
Date: Thu Oct 14 2010 - 10:25:59 EST
On Thu, 14 Oct 2010, Stefan Richter wrote:
> Alan Stern wrote:
> > Stefan, is it possible for you to tell whether this really does work?
>
> That will be hard. So far I was unable to reproduce the oops; still running
> unmodified 2.6.36-rc7.
Was this on an SMP machine? If yes, the untested patch below may help
trigger the oops. To use it, insert (but don't mount) a memory card
into the card reader, and use dd to copy a large amount of data from
the card to /dev/null. While that's running, unplug either the monitor
or the card reader. You may want to do this at a VT console so you can
see directly when the delay occurs.
Alan Stern
Index: usb-2.6/drivers/usb/core/message.c
===================================================================
--- usb-2.6.orig/drivers/usb/core/message.c
+++ usb-2.6/drivers/usb/core/message.c
@@ -323,8 +323,13 @@ static void sg_complete(struct urb *urb)
/* on the last completion, signal usb_sg_wait() */
io->bytes += urb->actual_length;
io->count--;
- if (!io->count)
+ if (!io->count) {
+ if (status == -ECONNRESET) {
+ printk(KERN_ERR "Delaying for test\n");
+ mdelay(600);
+ }
complete(&io->complete);
+ }
spin_unlock(&io->lock);
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/