Re: [2.6.39-rc2, framebuffer] use after free oops

From: Alan Cox
Date: Wed Apr 20 2011 - 05:55:48 EST

Next message: Xiao Guangrong: "[PATCH 1/5] Btrfs: fix bh leak on __btrfs_open_devices path"
Previous message: Jack Stone: "Re: [PATCH 3/7] Char: nozomi, remove useless tty_sem"
In reply to: Bruno PrÃmont: "Re: [2.6.39-rc2, framebuffer] use after free oops"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 20 Apr 2011 08:05:35 +0200
Bruno Prémont <bonbons@xxxxxxxxxxxxxxxxx> wrote:

> On Wed, 20 Apr 2011 13:50:10 Daniel J Blueman <daniel.blueman@xxxxxxxxx> wrote:
> > Any ideas on how best to address this issue [0], since it causes
> > silent corruption, or at best crashes?
>
> There is probably no easy short-term fix to this...

The short term fix would be to deliberately leak the buffer. That should
go into 2.6.39-rc right now with a comment explaining the situation.
Otherwise who knows what corruption may occur to user data if unlucky.

The other 'cheat' might be to tweak the API so the removal API isn't a
'destroy' interface but a 'shut down' and has a matching 'restart' one
for when the intelfb unloads at which point vga16fb can carry on with the
original fb_info 8)

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Xiao Guangrong: "[PATCH 1/5] Btrfs: fix bh leak on __btrfs_open_devices path"
Previous message: Jack Stone: "Re: [PATCH 3/7] Char: nozomi, remove useless tty_sem"
In reply to: Bruno PrÃmont: "Re: [2.6.39-rc2, framebuffer] use after free oops"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]