On Tue, 3 Sep 2019, Alan Stern wrote:
> On Tue, 3 Sep 2019, David Howells wrote:
>
> > Guenter Roeck <linux@xxxxxxxxxxxx> wrote:
> >
> > > > > This added call to usbdev_remove() results in a crash when running
> > > > > the qemu "tosa" emulation. Removing the call fixes the problem.
> > > >
> > > > Yeah - I'm going to drop the bus notification messages for now.
> > > >
> > > It is not the bus notification itself causing problems. It is the
> > > call to usbdev_remove().
> >
> > Unfortunately, I don't know how to fix it and don't have much time to
> > investigate it right now - and it's something that can be added back later.
>
> The cause of your problem is quite simple:
>
> static int usbdev_notify(struct notifier_block *self,
> unsigned long action, void *dev)
> {
> switch (action) {
> case USB_DEVICE_ADD:
> + post_usb_device_notification(dev, NOTIFY_USB_DEVICE_ADD, 0);
> break;
> case USB_DEVICE_REMOVE:
> + post_usb_device_notification(dev, NOTIFY_USB_DEVICE_REMOVE, 0);
> + usbdev_remove(dev);
> + break;
> + case USB_BUS_ADD:
> + post_usb_bus_notification(dev, NOTIFY_USB_BUS_ADD, 0);
> + break;
> + case USB_BUS_REMOVE:
> + post_usb_bus_notification(dev, NOTIFY_USB_BUS_REMOVE, 0);
> usbdev_remove(dev);
> break;
> }
>
> The original code had usbdev_remove(dev) under the USB_DEVICE_REMOVE
> case. The patch mistakenly moves it, putting it under the
------------------------------^^^^^
Sorry, I should have said "duplicates" it.
Alan Stern
> USB_BUS_REMOVE case.
>
> If the usbdev_remove() call were left where it was originally, the
> problem would be solved.
>
> Alan Stern
