Recently when I check xHCI code, find that some functions try to get EP index
from a Command Completion Event TRB via TRB_TO_EP_INDEX() macro.
This is totally wrong. The macro definition is:
#define TRB_TO_EP_INDEX(p) p) & (0x1f << 16)) >> 16) -
1)
TRB_TO_EP_INDEX only
> On Mon, Aug 05, 2013 at 08:07:25AM +0000, Du, ChangbinX wrote:
> > Recently when I check xHCI code, find that some functions try to get EP
> > index
> > from a Command Completion Event TRB via TRB_TO_EP_INDEX() macro.
> >
> > This is totally wrong. The macro d
From: "Du, Changbin"
In cdc_ncm_bind() function, it call cdc_ncm_bind_common() to setup usb.
But cdc_ncm_bind_common() may meet error and cause usbnet_disconnect()
be called which calls free_netdev(net). Thus usbnet structure(alloced
with net_device structure) will be freed,too.
So we cannot call
> From: Bjørn Mork [mailto:bj...@mork.no]
> Sent: Tuesday, October 29, 2013 4:41 PM
> To: Du, ChangbinX
> Cc: oli...@neukum.org; linux-usb@vger.kernel.org; net...@vger.kernel.org;
> linux-ker...@vger.kernel.org
> Subject: Re: [PATCH] net/cdc_ncm: fix null pointer panic at
>From 7e827a0d300e084f74c65122baa5e3193f9a7f18 Mon Sep 17 00:00:00 2001
From: "Du, Changbin"
Date: Mon, 16 Dec 2013 20:32:13 +0800
Subject: [PATCH] usb/gadget: should use u16 type variable to store MaxPower
The MaxPower field is of u16 type. So using u8 type variable can break
data (high byte los
>From ee48b3736d437af79d4fe858cdf64f241c76c339 Mon Sep 17 00:00:00 2001
From: "Du, Changbin"
Date: Wed, 18 Dec 2013 16:47:21 +0800
Subject: [PATCH] usb/core: fix NULL pointer dereference in
recursively_mark_NOTATTACHED
usb_hub_to_struct_hub() can return NULL if the hub without active
configurati
> From: Alan Stern [mailto:st...@rowland.harvard.edu]
> Sent: Monday, December 23, 2013 11:13 PM
> To: Du, ChangbinX
> Cc: gre...@linuxfoundation.org; sarah.a.sh...@linux.intel.com; Lan, Tianyu;
> burzalod...@gmail.com; linux-usb@vger.kernel.org;
> linux-ker...@vger.kernel
> On Tue, 24 Dec 2013, Alan Stern wrote:
> I think this will fix it. Take a close look and do some careful testing.
>
> Alan Stern
>
> Index: usb-3.13/drivers/usb/core/hub.c
> ==
> =
> --- usb-3.13.orig/drivers/usb/core/hub.c
> +++
> > On Tue, 24 Dec 2013, Alan Stern wrote:
> > I think this will fix it. Take a close look and do some careful testing.
> >
> > Alan Stern
> >
> > Index: usb-3.13/drivers/usb/core/hub.c
> >
> ==
> > --- usb-3.13.orig/drivers/usb/core/hub.c
>
> On Thu, 26 Dec 2013, Du, ChangbinX wrote:
>
> > I can reproduce issue by adding a delay just after
> > usb_set_intfdata(intf, NULL) (echo -1 > bConfigurationValue to trigger
> hub_dissconnect())without your patch.
> >
> > After patch applied, cannot reprod
> > Changbin, after looking more closely I realized there was a second
> > aspect to this race: recursively_mark_NOTATTACHED uses hub->ports[i]
> > while hub_disconnect removes the port devices. You ought to be able
> > to cause an oops by inserting a delay just after the loop where
> > usb_hub_re
Hi, All,
As described in runtime_pm.txt for pm_wq:
The power management work queue pm_wq in which bus types and device
drivers can put their PM-related work items. It is strongly recommended that
pm_wq be used for queuing all work items related to runtime PM, because
this allows them to be synchron
> On Fri, 15 Aug 2014, Du, ChangbinX wrote:
> > If my analysis is correct, could you share your ideas for this issue?
>
> Hasn't this already been fixed? See commit d6236f6d1d88 (xhci: Fix runtime
> suspended xhci from blocking system suspend).
>
> Alan Stern
Hi, S
> Commit d6236f6d1d88 prevents the roothub resuming work item from being
> queued.
>
> > 4) We force system suspending process aborted (by modifying code) just
> after the usb
> > Device suspend callback is invoked.
> > 5) Then PM core will call resume callback of the usb device to recovery. On
14 matches
Mail list logo
