On Tue, Dec 09, 2008 at 03:46:39PM +0100, Johannes Berg wrote: > On Tue, 2008-12-09 at 09:35 -0500, John W. Linville wrote: > > On Tue, Dec 09, 2008 at 03:14:37PM +0100, Christian Lamparter wrote: > > > Alan Stern found several flaws in p54usb's implementation and annotated: > > > "usb_kill_urb() and similar routines do not expect an URB's completion > > > routine to deallocate it. This is almost obvious -- if the URB is deallocated > > > before the completion routine returns then there's no way for usb_kill_urb > > > to detect when the URB actually is complete." > > > > > > This patch addresses all known limitations in the old implementation and fixes > > > khub's "use-after-freed" hang, when SLUB debug's poisoning option is enabled. > > > > > > Signed-off-by: Christian Lamparter <chunkeey@xxxxxx> > > > Cc: stable@xxxxxxxxxx > > > > That's a big patch for so late in the cycle. Is there a bugzilla open for it? > > No, but we can open one ;) It's strange, but nobody but me apparently > found the bug so far, even though it has been in there forever. Might be > due to slub debugging being disabled by default even if you enable > SLUB_DEBUG in Kconfig (you also need to enable SLUB_DEBUG_ON) It might be helpful to have open a bug that includes a backtrace or something. John -- John W. Linville Linux should be at the core linville@xxxxxxxxxxxxx of your literate lifestyle. -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
