On Tue, 10 Jul 2012, Venu Byravarasu wrote: > Thanks Alan for your comments. > > On Monday 09 July 2012 08:04 PM, Alan Stern wrote: > > On Mon, 9 Jul 2012, Venu Byravarasu wrote: > > > >> In functions itd_complete & sitd_complete, a pointer > >> by name stream may get dereferenced after freeing it, when > >> iso_stream_put is called with stream->refcount = 2. > > I don't understand the problem. Did you actually see this happen or is > > it only theoretical? > > Yes it is a theoretical problem, as complained by Coverity. > As per the logic you explained above, this change is not needed. > However coverity was complaining as below: > > /kernel/drivers/usb/host/ehci-sched.c 1777 USE_AFTER_FREE Dereferencing > freed pointer "stream" > > Hence to pacify coverity, this change is done. > Please let me know if you see any other better way to handle it. This seems to be a false positive from Coverity. In any case, I'm about to submit some patches which get rid of the reference counting entirely. So let's not worry about this. Alan Stern -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
