Date: Sat, 02 Feb 2002 13:00:03 +0900 From: FUJIMOTO Kou <fujimoto@j.dendai.ac.jp> To: freebsd-current@freebsd.org Subject: uhub detach causes page fault --- workaround Message-ID: <3C5B6443.99B2E65A@j.dendai.ac.jp>
index | next in thread | raw e-mail
[-- Attachment #1 --]
After cvsup at 2002/01/29, I met kernel page fault when
detaching USB hub.
My USB configuration is same as I reported once in -current ML
message id <3B677C89.D72AA4C8@j.dendai.ac.jp>.
With vmcore and gdb I found the page fault occurs at
usb_add_event() in /sys/dev/usb/usb.c(1.53 2002/01/28), line 690:
TAILQ_INSERT_TAIL(&usb_events, ueq, next);
In "for" loop just above the line, ueq seems to be set to NULL
but TAILQ_INSERT_TAIL assumes that ueq is non-NULL.
I changed the code to avoid "for" loop and now my system works fine.
However, this fault doesn't occur when detaching USB mice or
keyboards, so I guess it's not a good solution to patch usb.c.
Any ideas and suggestions are appreciated.
--
FUJIMOTO Kou, Dept. of Information Sciences, Tokyo Denki Univ.
[-- Attachment #2 --]
--- src/sys/dev/usb/usb.c.orig Fri Feb 1 18:25:06 2002
+++ src/sys/dev/usb/usb.c Sat Feb 2 02:07:49 2002
@@ -670,7 +670,7 @@
TIMEVAL_TO_TIMESPEC(&thetime, &ueq->ue.ue_time);
s = splusb();
- if (USB_EVENT_IS_DETACH(type)) {
+ if (USB_EVENT_IS_DETACH(type) && TAILQ_FIRST(&usb_events) != NULL) {
for (ueq = TAILQ_FIRST(&usb_events); ueq; ueq = ueq_next) {
ueq_next = TAILQ_NEXT(ueq, next);
if (ueq->ue.u.ue_driver.ue_cookie.cookie ==
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C5B6443.99B2E65A>