Hi, On Mon, Nov 8, 2010 at 8:08 PM, Blaise Gassend <blaise@xxxxxxxxxxxxxxxx> wrote: >>>>> + if (!test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags) || >>>>> + !test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags)) >>>>> + goto submit_entry; >>>>> + >>>>> if (test_bit(ENTRY_DATA_IO_FAILED, &entry->flags)) >>>>> goto submit_entry; >> I don't see how this could cause a crash, I know there are still issues >> around this function, but how can the usage of 2 if-statement cause a crash? > > What I meant here is that submit_entry does not kill the queue entry > if data IO failed, which could result in an infinite loop if a > disconnected device is causing the data IO case to be hit rather than > one of the two previous ones. The case that IO failure continuously occurs, while the device is still plugged, isn't covered by this patch. However if the device was unplugged then DEVICE_STATE_PRESENT would be cleared either on the first return of the URB, or on the second in case of a race condition. In either case, it will not pass the first if-statement when the device was unplugged, so it doesn't matter anymore what the entry->flags indicate. Ivo -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
