RE: [PATCH] usb: gadget: f_fs: don't free buffer prematurely

From: Yang, Fei
Date: Wed Mar 20 2019 - 01:38:44 EST

Next message: Hsin-Yi Wang: "Re: [PATCH] gpu/drm: mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable()"
Previous message: Tim Schumacher: "Re: [PATCH] ath9k: Check for errors when reading SREV register"
In reply to: mgautam: "Re: [PATCH] usb: gadget: f_fs: don't free buffer prematurely"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> From: Fei Yang <fei.yang@xxxxxxxxx>
>>
>> The following kernel panic happens due to the io_data buffer gets
>> deallocated before the async io is completed. Add a check for the case
>> where io_data buffer should be deallocated by ffs_user_copy_worker.
>
> [snip]
>
> Please add tag - 'Fixes: 772a7a724f6 ("usb: gadget: f_fs: Allow scatter-gather buffers")
Sent [PATCH V2]

>> ---
>> drivers/usb/gadget/function/f_fs.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/usb/gadget/function/f_fs.c
>> b/drivers/usb/gadget/function/f_fs.c
>> index 20413c2..47be961 100644
>> --- a/drivers/usb/gadget/function/f_fs.c
>> +++ b/drivers/usb/gadget/function/f_fs.c
>> @@ -1133,7 +1133,8 @@ static ssize_t ffs_epfile_io(struct file *file,
>> struct ffs_io_data *io_data)
>> error_mutex:
>> mutex_unlock(&epfile->mutex);
>> error:
>> - ffs_free_buffer(io_data);
>> + if (ret != -EIOCBQUEUED) /* don't free if there is iocb queued */
>> + ffs_free_buffer(io_data);
>> return ret;
>> }

Next message: Hsin-Yi Wang: "Re: [PATCH] gpu/drm: mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable()"
Previous message: Tim Schumacher: "Re: [PATCH] ath9k: Check for errors when reading SREV register"
In reply to: mgautam: "Re: [PATCH] usb: gadget: f_fs: don't free buffer prematurely"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]