From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 66B09199920 for ; Mon, 22 Dec 2025 21:03:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.44 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766437438; cv=none; b=jeQQYy8m5Kd8gtIsbN3Szu1loprEKTTPUO7jXj2jjQB1dY2TMOF4XxCQJw21L35V6tuQilKIRN6v7gdbNhyP6kEL1/8Pc9SBloL+XQ0uDvdO6pV5QbapIAosJRBO+HjRl3+Zi5BzHGzKpCxYbBsMgb5tF9x6Uvv/Mh2Gz+NhqMA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766437438; c=relaxed/simple; bh=ynD3arwby6V/KqV7hrOczp4BwDvjE//j21Lgcvm7R4I=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=jXWtJcA+s7adWeBnldFg4XlkgBqIiv0ieF1G+WTlsODACHDhLMJEEH0wZAwZO1kTEYIwt/ZKBVifRxkGYA4zxo2LqsPf2H6FVDTPNE7+LFusGvQAEyMlfBJ2SfV7aFQlJX/s/vuVLJo0TF4ZswP10vb9iXkwno/QJ/by00lycuo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=nVgISnRg; arc=none smtp.client-ip=209.85.208.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="nVgISnRg" Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-64b4f730a02so7019341a12.0 for ; Mon, 22 Dec 2025 13:03:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1766437435; x=1767042235; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=RqrZhz5hNHuUJVwMsRd92pz7dsqODXSfwgpNROedcTU=; b=nVgISnRgN9b/3Sv9PkOAcZv6n0UalbM5KMjrM+3Q/AnZhJGfJwPPxjJotkvd2Hyqv8 pyaP/rlwpila1KO+/H4OWCnEIer0mDNCmLFJVxFVI9HhEcoo1/sN1KSsAtt6led2HYw5 JHQ7rThWPeoR/qai98l9vS/rA51PSleQhORBDAKZxhWzZz/j/SIdd0d2PAbAror1BPs3 rLeg94Tm+Z7j2/uuEO8H0W0Hfxy4rQOF9bue4mXdp7bJ8QxXpEhg3En8Apb2wZd7tIWy UrKJVe7i6Er2kMfJwm1ej59GFYYZdLxILFL5m3o9EKdXH+WHPnIcN8EMtKogpqnSoEeV FBUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1766437435; x=1767042235; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=RqrZhz5hNHuUJVwMsRd92pz7dsqODXSfwgpNROedcTU=; b=FoXomT/7UUFEE//cPQTTMhY1fZWsPEh4aFdDMrs86zw7fzjI8xO7j5q4oz7gV3hbiw ADGUL2QSXgAqp/tvEB+HcQeuUhl3ZrCsPT9tpR051RsqTOw6lbNs3JvYsFx8arNTq2Rb MaTJPhaR9Ot/TgW6YR8U94VhI2rw951wpaSxyT2opDAy0Kb+cZCXDlsKOK7q4BKsxoOz TqERQAAM4iRkpS2aSZOQkmu/GOhpPyA3fNhD8u9mq/LVxLJ6O7ExnVK1vOjemBKDfwzO ESBICo0PLR8bgpdwei0UN4aechXktWCOGWteMN3BlB15Rdz3HRJRnB+okWoxbq/rH9nX SqDA== X-Forwarded-Encrypted: i=1; AJvYcCW6PvAVPyMprJJpHXVJocnP2joOoqNISSlrPfUPp29BUV3lYaAWJGO4gWK+tRNoOjmbnS8s2re0zFq+zuU=@vger.kernel.org X-Gm-Message-State: AOJu0YyGyyMAVfclGZSp8thJ7yA8thIoyAaNxqDr5GO7+c3DL5k2B7kX E5N5ecTEoGgdpR734g/kOhvwvx3vgZBJ7KNalF2FFAK/87ZuseihKFCQ X-Gm-Gg: AY/fxX5lGX0Xz23r+3b+BC3lIji+AQ+XXvVBn9FKe31LRZyVG5vj7pmRnL9e3pOVB4F 0oxvGyUrr4wdraVv2Yl3Bs43dK1+hewLtyptgzJLa+uMnjb2+2Z+axr/SV6RLY8lPBQJauzPJW5 6zcAiMQl1mJYy+AsnfAN+DtwES1pDIDkXKZfSL/qlXTd39BOHRbuMDlS5rE9vIFTxatw0hfxu4O uiGgz3EzzqS8JbReu3JzgI+Xa45qZhUd4jee67yD0kqf1Jp3N3MSFzP2eprNBCU+NneBwu8gkrC eI1dRCNEJAPmNbG3HfM7qtXQzCkd0a0QBxwvon41RZKpuGCItDMf5ekwaUHVXhcIbDeKvL2htT4 NSVCd+CYDIlcfHyYLBfpn1K/wQFw3jdKABDD8V+SlPsdxPbRpqWkWOM9+D9Uusyt0CS6GVkBT5p BvWea+fYLDg6vCOhH5oLDus8c= X-Google-Smtp-Source: AGHT+IFlKlJMROFShWbrbuI31GpPfSCzU+aaDYmWnKkz/wmMSUjnoBOc/p0pmuc4IdWv02MlaTuUSg== X-Received: by 2002:a17:907:3e1c:b0:b70:af93:b32d with SMTP id a640c23a62f3a-b80371db10fmr1277984866b.53.1766437434508; Mon, 22 Dec 2025 13:03:54 -0800 (PST) Received: from foxbook (bfd193.neoplus.adsl.tpnet.pl. [83.28.41.193]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b8037de1421sm1198821166b.41.2025.12.22.13.03.53 (version=TLS1_2 cipher=AES128-SHA bits=128/128); Mon, 22 Dec 2025 13:03:54 -0800 (PST) Date: Mon, 22 Dec 2025 22:03:49 +0100 From: Michal Pecio To: Alan Stern Cc: =?UTF-8?B?6IOh6L+e5Yuk?= , Greg Kroah-Hartman , Lee Jones , Mathias Nyman , Mathias Nyman , Sarah Sharp , "linux-usb@vger.kernel.org" , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH] usb: xhci: check Null pointer in segment alloc Message-ID: <20251222220349.2d6c1a43.michal.pecio@gmail.com> In-Reply-To: <38822950-6d69-4ad6-be28-fb8f328c8ae5@rowland.harvard.edu> References: <4935bdf5-4d36-45c3-9bcd-9d14606dd54e@linux.intel.com> <20251220141510.1bc1ef19.michal.pecio@gmail.com> <20251222064252.GA1196800@google.com> <2025122253-stopper-tweed-6e68@gregkh> <20251222085543.4d7430d5.michal.pecio@gmail.com> <20251222174934.4c9b62d2.michal.pecio@gmail.com> <38822950-6d69-4ad6-be28-fb8f328c8ae5@rowland.harvard.edu> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Mon, 22 Dec 2025 12:03:45 -0500, Alan Stern wrote: > There's not supposed to be an inappropriate time for doing an > autoresume. > By the time the sound device's resume routine runs, the HC should be > fully resumed. OK, if "should" means "supposed to" then somebody needs to check it. Is this the HCD_FLAG_HW_ACCESSIBLE flag by any chance? I see that devices recursively call bus_resume() before resuming, and this fails with -ESHUTDOWN if the flag is unset, which seems to prevent device resume from progressing further and crashing. Is this what is meant to happen in such case? So I guess it's not happening because xhci_resume() sets this flag right away and then it may drop the lock and start deallocating memory to reset everything. So we can "successfully" complete bus_resume() and allow USB devices to resume while HC resume is still in progress. Looks dodgy and I suspect this is the bug.