Question on MLK-9618-2

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Question on MLK-9618-2

813 Views
todd_blanchard
Contributor I

(commit f21e960aba9618c527650cfe3a69cc3ea583ac2a)

What is the purpose of the above commit? The details surrounding it are vague, and it is not in mainline. This commit contains a blatant use-after-free:

usb_remove_hcd(hcd);
usb_put_hcd(hcd); <-- FREE
if (ci->platdata->reg_vbus && !ci_otg_is_fsm_mode(ci) &&
   (ci->platdata->flags & CI_HDRC_IMX_VBUS_EARLY_ON))
      regulator_disable(ci->platdata->reg_vbus);
+ if (hcd->self.is_b_host)
+ hcd->self.is_b_host = 0; <-- use-after free

Enabling SLUB_DEBUG exposes the use-after-free, and I have confirmed this is causing corruption in other, random 1024 byte slabs.

I would just revert the commit, but would like to know the problem it is trying to solve.

Thx

0 Kudos
3 Replies

628 Views
jimmychan
NXP TechSupport
NXP TechSupport
This patch sets and clear is_b_host flag of usb_bus when start and stop host in chipidea host driver.
0 Kudos

628 Views
todd_blanchard
Contributor I

--> "This patch sets and clear is_b_host flag of usb_bus when start and stop host in chipidea host driver."

I gathered that. But why? What problem did it solve, and why is this not on mainline (other than the obvious reason that it corrupts random slab entries)?

0 Kudos

628 Views
jimmychan
NXP TechSupport
NXP TechSupport

Could you tell me more information of your issue?

Which BSP are you using? what is the version of BSP?

Which processor are you using?

What issue you met ? is there any error message or log message?

0 Kudos