On Tue, 2008-12-09 at 09:54 -0500, John W. Linville wrote: > On Tue, Dec 09, 2008 at 03:46:39PM +0100, Johannes Berg wrote: > > On Tue, 2008-12-09 at 09:35 -0500, John W. Linville wrote: > > > On Tue, Dec 09, 2008 at 03:14:37PM +0100, Christian Lamparter wrote: > > > > Alan Stern found several flaws in p54usb's implementation and annotated: > > > > "usb_kill_urb() and similar routines do not expect an URB's completion > > > > routine to deallocate it. This is almost obvious -- if the URB is deallocated > > > > before the completion routine returns then there's no way for usb_kill_urb > > > > to detect when the URB actually is complete." > > > > > > > > This patch addresses all known limitations in the old implementation and fixes > > > > khub's "use-after-freed" hang, when SLUB debug's poisoning option is enabled. > > > > > > > > Signed-off-by: Christian Lamparter <chunkeey@xxxxxx> > > > > Cc: stable@xxxxxxxxxx > > > > > > That's a big patch for so late in the cycle. Is there a bugzilla open for it? > > > > No, but we can open one ;) It's strange, but nobody but me apparently > > found the bug so far, even though it has been in there forever. Might be > > due to slub debugging being disabled by default even if you enable > > SLUB_DEBUG in Kconfig (you also need to enable SLUB_DEBUG_ON) > > It might be helpful to have open a bug that includes a backtrace or something. There's no backtrace in that sense, it just hangs. I dumped it with sysrq-w but that wasn't too helpful... johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
