On 2 January 2017 at 22:57, Mathias Nyman <mathias.nyman@xxxxxxxxxxxxxxx> wrote: > On 27.12.2016 05:07, Baolin Wang wrote: >> >> Hi, >> >> On 21 December 2016 at 21:00, Mathias Nyman >> <mathias.nyman@xxxxxxxxxxxxxxx> wrote: >>> >>> On 21.12.2016 04:22, Baolin Wang wrote: >>>> >>>> >>>> Hi Mathias, >>>> >>>> On 20 December 2016 at 23:13, Mathias Nyman >>>> <mathias.nyman@xxxxxxxxxxxxxxx> wrote: >>>>> >>>>> >>>>> On 20.12.2016 09:30, Baolin Wang wrote: >>>>> ... >>>>> >>>>> Alright, I gathered all current work related to xhci races and timeouts >>>>> and put them into a branch: >>>>> >>>>> git://git.kernel.org/pub/scm/linux/kernel/git/mnyman/xhci.git >>>>> timeout_race_fixes >>>>> >>>>> Its based on 4.9 >>>>> It includes a few other patches just to avoid conflicts and make my >>>>> life >>>>> easier >>>>> >>>>> Interesting patches are: >>>>> >>>>> ee4eb91 xhci: remove unnecessary check for pending timer >>>>> 0cba67d xhci: detect stop endpoint race using pending timer instead of >>>>> counter. >>>>> 4f2535f xhci: Handle command completion and timeout race >>>>> b9d00d7 usb: host: xhci: Fix possible wild pointer when handling abort >>>>> command >>>>> 529a5a0 usb: xhci: fix possible wild pointer >>>>> 4766555 xhci: Fix race related to abort operation >>>>> de834a3 xhci: Use delayed_work instead of timer for command timeout >>>>> 69973b8 Linux 4.9 >>>>> >>>>> The fixes for command queue races will go to usb-linus and stable, the >>>>> reworks for stop ep watchdog timer will go to usb-next. >>>> >>>> >>>> >>>> How about applying below patch in your 'timeout_race_fixes' branch? >>>> [PATCH] usb: host: xhci: Clean up commands when stop endpoint command is >>>> timeout >>>> https://lkml.org/lkml/2016/12/13/94 >>>> >>> >>> usb_hc_died() should eventyally end up calling xhci_mem_cleanup() >>> which will cleanup the command queue. But I need to look into that >> >> >> usb_hc_died() did not call xhci_mem_cleanup() to clean up command >> queue, it just disconnects all children devices attached on the dying >> hub. I did not find where it will clean up the command queue when >> issuing usb_hc_died(). Also before issuing usb_hc_died() in >> xhci_handle_command_timeout(), we will call >> xhci_cleanup_command_queue(). I think it should same as in >> xhci_stop_endpoint_command_watchdog(). >> > > You're right, it doesn't call xhci_mem_cleanup. > Need to look at this after getting first series of fixes to usb-linus Thanks. -- Baolin.wang Best Regards -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
