Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
From: young dave
Date: Wed Jun 06 2007 - 01:56:14 EST
Hi,
2007/6/6, Christoph Lameter <clameter@xxxxxxx>:
Note that the corruption seems to have its cause in a decrement done at
offset 16 into the object pointing to the refcount in struct hci_dev. So
it looks like the refcount was decremented after the object was freed.
sysfs related?
I noticed in hci_core.c:
hci_dev_close call hci_dev_do_close , then call hci_dev_put
but in hci_dev_do_close also call hci_dev_put
Maybe this is the reason, by apply the below patch the bug seems
doesn't exist, but the strange thing is the 2.4.22-rc4 seems works, I
will test once more to see the result.
Signed-off-by: dave young <hidave.darkstar@xxxxxxxxx>
---
net/bluetooth/hci_core.c | 1 -
1 file changed, 1 deletion(-)
diff -dur linux/net/bluetooth/hci_core.c linux.new/net/bluetooth/hci_core.c
--- linux/net/bluetooth/hci_core.c 2007-06-06 13:47:14.000000000 +0000
+++ linux.new/net/bluetooth/hci_core.c 2007-06-06 13:46:58.000000000 +0000
@@ -577,7 +577,6 @@
hci_req_unlock(hdev);
- hci_dev_put(hdev);
return 0;
}
Regards
dave
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/