Hah, nevermind, I just saw your patch added email.
Sarah Sharp
On Thu, Dec 22, 2011 at 03:33:10PM -0800, Sarah Sharp wrote:
> Greg,
>
> The oops that this patch fixes should be applied to 3.2.
>
> Are we late enough in the release cycle that I should send this patch as
> an update for 3.3 with a note for stable? Or do you think Linus will
> pull from you one more time before 3.2?
>
> Sarah Sharp
>
> On Sun, Dec 18, 2011 at 08:49:41PM -0600, Serge Hallyn wrote:
> > Quoting Alan Stern (stern@xxxxxxxxxxxxxxxxxxx):
> > > On Fri, 16 Dec 2011, Sarah Sharp wrote:
> > >
> > > > When running the Point Grey "flycap" program for their USB 3.0 camera
> > > > (which was running as a USB 2.0 device for some reason), I trigger this
> > > > oops whenever I try to open a video stream:
> > > ...
> > > > markup_oops.pl says the oops is in put_cred:
> > > ...
> > >
> > > > This bug seems to have been introduced by commit
> > > > d178bc3a708f39cbfefc3fab37032d3f2511b4ec "user namespace: usb: make usb
> > > > urbs user namespace aware (v2)"
> > > >
> > > > I'm not sure if this is right fix, but it does stop the oops.
> > > >
> > > > Unfortunately, the Point Grey software still refuses to work, but it's a
> > > > closed source app, so I can't fix it.
> > > >
> > > > Signed-off-by: Sarah Sharp <sarah.a.sharp@xxxxxxxxxxxxxxx>
> > > > Cc: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx>
> >
> > Thanks, Sarah.
> >
> > Acked-by: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx>
> >
> > > > ---
> > > > drivers/usb/core/devio.c | 3 ++-
> > > > 1 files changed, 2 insertions(+), 1 deletions(-)
> > > >
> > > > diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
> > > > index d8cf06f..3af5e2d 100644
> > > > --- a/drivers/usb/core/devio.c
> > > > +++ b/drivers/usb/core/devio.c
> > > > @@ -286,7 +286,8 @@ static struct async *alloc_async(unsigned int numisoframes)
> > > > static void free_async(struct async *as)
> > > > {
> > > > put_pid(as->pid);
> > > > - put_cred(as->cred);
> > > > + if (as->cred)
> > > > + put_cred(as->cred);
> > > > kfree(as->urb->transfer_buffer);
> > > > kfree(as->urb->setup_packet);
> > > > usb_free_urb(as->urb);
> > >
> > > This is a reasonable fix. It turns out there are a couple of error
> > > paths by which a struct async can be freed before its .cred member has
> > > been set. The alternative fix is to move the statement initializing
> > > as->cred up earlier, before those errors occur. But what you did is
> > > probably more robust.
> > >
> > > The most likely error, which didn't exist when commit d178bc3a708f39
> > > was written, is that the usbfs memory limit was exceeded. You can see
> > > if increasing that limit helps "flycap" at all. (The other error path
> > > happens when kmalloc fails to get enough memory for the URB's transfer
> > > buffer.)
> > >
> > > Alan Stern
> > >
> --
> To unsubscribe from this list: send the line "unsubscribe linux-usb" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
