Hi. We found an infinite loop inside the function hw_ep_set_halt (drivers/usb/chipidea/udc.c) if a cablle is repeatedly connnected/disconnected while ping through RNDIS with chipidea USB device. Using ftrace tracing, we found that hw_ep_set_halt is called due to error return of hw_ep_prime(drivers/usb/chipidea/udc.c:202) which is called from isr_tr_complete_handler -> isr_setup_status_phase -> _ep_queue. The comment of function hw_ep_prime says (execute without interruption) but timer interrupt is occurred while hw_ep_prime is executing. We believe that the interrupt causes an error return of hw_ep_prime. We tried to protect hw_ep_prime from irqs and then no case of the infinite loop is occurred. I want ask if it is appropriate way that turning off irq inside (threaded) irq handlers. And should we explicitly turn off irqs before calling hw_ep_prime? Thanks. -- 황재호, Jay Hwang, linux team manager of RTst 010-7242-1593
