Date: Thu, 05 May 2005 16:00:55 -0600 (MDT) From: Warner Losh <imp@bsdimp.com> To: julian@elischer.org Cc: usbcrash@oldach.net Subject: Re: recent USB MFCs cause panics Message-ID: <20050505.160055.78800132.imp@bsdimp.com> In-Reply-To: <427A9690.9080108@elischer.org> References: <427A8EF3.70003@elischer.org> <20050505.153302.71182158.imp@bsdimp.com> <427A9690.9080108@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
From: Julian Elischer <julian@elischer.org> Subject: Re: recent USB MFCs cause panics Date: Thu, 05 May 2005 14:56:32 -0700 > > > Warner Losh wrote: > > >From: Julian Elischer <julian@elischer.org> > >Subject: Re: recent USB MFCs cause panics > >Date: Thu, 05 May 2005 14:24:03 -0700 > > > > > > > >>Julian Elischer wrote: > >> > >>try: > >> > >>in usb_port.h > >>comment out line 425 (as below) > >> > >>422 > >> 423 #define config_detach(dev, flag) \ > >> 424 do { \ > >> 425 /* device_detach(dev); */ \ > >> 426 free(device_get_ivars(dev), M_USB); \ > >> 427 device_delete_child(device_get_parent(dev), dev); \ > >> 428 } while (0); > >> 429 > >> > >> > > > >Commenting it out is lame... I fixed this in current in uhub.c as > >well as here... Since 'dev' is 0 here, I'm unsure that commenting it > >out will fix the problem because the next line frees it.... > > > > > > yes I noticed that.. > the next line doesn't free it, it frees the ivars > which I don't think is the same thing.. if dev is NULL, then freeing the ivars from dev will still result in a NULL pointer dereference... > the problem is that the 5.0 code does the device_delete_child() (as you > see above) > where 4.x did it in the device_detach() > so with this merge I get the worst of both worlds.. > > the answer is to make uhub.c not call it's bus_child_detached() method > (as 5.0 doesn't) > or to make it a null function, as it clears the subdev entry which > causes this problem. Yes. I think that's the more correct fix. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050505.160055.78800132.imp>