Hi, I'm not the usb-storage maintainer, can you please send a mail about this to linux-usb <linux-usb@xxxxxxxxxxxxxxx> with me in the CC? Thanks, Hans On 11/23/2014 03:59 AM, 白家驹 wrote: > Dear Sir, > > I'm very sorry to trouble you. > Recently I test 15 linux device drivers in runtime and find some potential bugs both in Linux 3.8.6 and Linux 3.17.2. > > The target file is drivers/usb/storage/usb.c, which is used to build usb_storage.ko. I hope you can help me check my findings: > > [1] In the normal process of usb_storage, INIT_DELAYED_WORK in usb_stor_probe1 (in storage_probe) and cancel_delayed_work_sync in quiesce_and_remove_host (in usb_stor_disconnect) is called in pairs. However, when INIT_DELAYED_WORK has been called and associate_dev is failed in usb_stor_probe1,"BadDevice" segment is executed immediately to halt the process, but cancel_delayed_work_sync is not called. > [2] The same situation with [1] will happen, when usb_alloc_coherent in associate_dev in usb_stor_probe1 is failed. > [3] The same situation with [1] will happen, when kmalloc in associate_dev in usb_stor_probe1 is failed. > [4] The same situation with [1] will happen, when get_device_info in usb_stor_probe1 is failed. > [5] The same situation with [1] will happen, when get_pipes in usb_stor_probe2 is failed. > [6] The same situation with [1] will happen, when usb_alloc_urb in usb_stor_acquire_resources is failed. > [7] The same situation with [1] will happen, when scsi_add_host in usb_stor_probe2 is failed. > > Could you help me check these findings? Thank you very much, and I'm looking forward to your reply. > > > -- > Best wishes! > Jia-Ju Bai > E-mail: baijiaju1990@xxxxxxx > Department of Computer Science and Technology, Tsinghua University > Address: Room 1-417, West Main, Tsinghua University, Haidian District, Beijing, 100084, China. > > > -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
