On Sat, Aug 18, 2012 at 08:16:12PM -0400, Alan Stern wrote: > On Sat, 18 Aug 2012, Alan Stern wrote: > > > > Looking at the output of usbmon, the kernel re-uses URB addresses. Is it > > > possible that the urb is freed while the instruction is in > > > *implement()*? > > > > In fact, the usbhid driver does not free any URBs until it is unbound > > from the device. It keeps a circular queue of URBs and uses them in > > sequence, over and over. > > Correction: The usbhid driver keeps a circular queue of report > structures and related data and uses _them_ in sequence, over and over. > There is only one URB, which gets used for all the reports. > > More accurately, there is one URB for the interrupt-IN endpoint, one > URB for the interrupt-OUT endpoint (if there is one), and one URB for > endpoint 0. Each URB gets used for all the reports on its endpoint. > > One thing to look out for: Evidently usbhid_submit_report() does not > check the HID_DISCONNECTED flag and will happily allow reports to be > submitted after usbhid_stop() returns. This appears to be a bug. It > could account for the behavior you're seeing. This makes sense. This could be what I am seeing. I am trying to write a patch for this but I'm wondering how do I test this issue? It is quite hard to reproduce, so is there a way I can force the HID to disconnect? Thanks, Amit -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
