Hi,
Here's a patch against 2.4.6-pre1 that fixes a bluetooth driver problem
when a device is unplugged while the stack is running. Somehow this
patch fell through the cracks with the last bluetooth patch that got
sent.
thanks,
greg k-h
diff -Nru a/drivers/usb/bluetooth.c b/drivers/usb/bluetooth.c
--- a/drivers/usb/bluetooth.c Tue Jun 5 14:02:34 2001
+++ b/drivers/usb/bluetooth.c Tue Jun 5 14:02:34 2001
@@ -1,7 +1,7 @@
/*
* bluetooth.c Version 0.10
*
- * Copyright (c) 2000 Greg Kroah-Hartman <[EMAIL PROTECTED]>
+ * Copyright (c) 2000, 2001 Greg Kroah-Hartman <[EMAIL PROTECTED]>
* Copyright (c) 2000 Mark Douglas Corner <[EMAIL PROTECTED]>
*
* USB Bluetooth driver, based on the Bluetooth Spec version 1.0B
@@ -15,6 +15,10 @@
* - Added a buffer to the control_urb_pool which fixes a memory leak
* when the device is removed from the system.
*
+ * (2001/05/28) Version 0.9 gkh
+ * Fixed problem with bluetooth==NULL for bluetooth_read_bulk_callback
+ * which was found by both the CHECKER project and Mikko Rahkonen.
+ *
* (08/04/2001) gb
* Identify version on module load.
*
@@ -863,21 +867,6 @@
unsigned int packet_size;
int result;
-#ifdef BTBUGGYHARDWARE
- if ((count == 4) && (data[0] == 0x00) && (data[1] == 0x00)
- && (data[2] == 0x00) && (data[3] == 0x00)) {
- urb->actual_length = 0;
- FILL_BULK_URB(bluetooth->read_urb, bluetooth->dev,
- usb_rcvbulkpipe(bluetooth->dev,
bluetooth->bulk_in_endpointAddress),
- bluetooth->bulk_in_buffer,
bluetooth->bulk_in_buffer_size,
- bluetooth_read_bulk_callback, bluetooth);
- result = usb_submit_urb(bluetooth->read_urb);
- if (result)
- err (__FUNCTION__ " - failed resubmitting read urb, error %d",
result);
-
- return;
- }
-#endif
dbg(__FUNCTION__);
@@ -905,6 +894,21 @@
printk ("\n");
}
#endif
+#ifdef BTBUGGYHARDWARE
+ if ((count == 4) && (data[0] == 0x00) && (data[1] == 0x00)
+ && (data[2] == 0x00) && (data[3] == 0x00)) {
+ urb->actual_length = 0;
+ FILL_BULK_URB(bluetooth->read_urb, bluetooth->dev,
+ usb_rcvbulkpipe(bluetooth->dev,
+bluetooth->bulk_in_endpointAddress),
+ bluetooth->bulk_in_buffer,
+bluetooth->bulk_in_buffer_size,
+ bluetooth_read_bulk_callback, bluetooth);
+ result = usb_submit_urb(bluetooth->read_urb);
+ if (result)
+ err (__FUNCTION__ " - failed resubmitting read urb, error %d",
+result);
+
+ return;
+ }
+#endif
/* We add a packet type identifier to the beginning of each
HCI frame. This makes the data in the tty look like a
serial USB devices. Each HCI frame can be broken across
@@ -952,6 +956,9 @@
}
exit:
+ if (!bluetooth || !bluetooth->active)
+ return;
+
FILL_BULK_URB(bluetooth->read_urb, bluetooth->dev,
usb_rcvbulkpipe(bluetooth->dev,
bluetooth->bulk_in_endpointAddress),
bluetooth->bulk_in_buffer, bluetooth->bulk_in_buffer_size,
