On Tue, 2008-12-09 at 09:35 -0500, John W. Linville wrote: > On Tue, Dec 09, 2008 at 03:14:37PM +0100, Christian Lamparter wrote: > > Alan Stern found several flaws in p54usb's implementation and annotated: > > "usb_kill_urb() and similar routines do not expect an URB's completion > > routine to deallocate it. This is almost obvious -- if the URB is deallocated > > before the completion routine returns then there's no way for usb_kill_urb > > to detect when the URB actually is complete." > > > > This patch addresses all known limitations in the old implementation and fixes > > khub's "use-after-freed" hang, when SLUB debug's poisoning option is enabled. > > > > Signed-off-by: Christian Lamparter <chunkeey@xxxxxx> > > Cc: stable@xxxxxxxxxx > > That's a big patch for so late in the cycle. Is there a bugzilla open for it? No, but we can open one ;) It's strange, but nobody but me apparently found the bug so far, even though it has been in there forever. Might be due to slub debugging being disabled by default even if you enable SLUB_DEBUG in Kconfig (you also need to enable SLUB_DEBUG_ON) johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
