During my testing which consisted of disconnecting and reconnecting a Kinetis K60DN512 (MQX 4.0) USB port to Windows XP machine repeatedly, I was able to repeatedly generate a hard fault which locked up my processor.
I traced the defect to the khci_dev_main.c file specifically in the _usb_device_usbfs_service_tk_dne_intr function
My testing caused this function to be called with the direction set to USB_RECV. When this happened, It was possible to have
USB_XD_QUEUE_GET_HEAD(&state_ptr->EP_INFO[ep_num].xd_queue_recv,
&xd_ptr);
return the xd_ptr as a NULL. The code isn't hardened against this and it crashed.
By adding:
if (xd_ptr != NULL)
{
} <- put this before: " if ( _usb_device_usbfs_process_receive_request(state_ptr,ep_num,stat,&buffer_ptr)!=USB_OK)"
seems to prevent the crash, it needs to be reviewed by the developers, becasue I think a more elegant solution is needed.
a similar problem seems to be in _usb_device_usbfs_service_tk_dne_intr, but my testing didn't indicate that that function was being called on quick reconnects.
This problem also exists in MQX 3.8, but the file name is different
