ffs_epfile_io() is called from userspace, while ffs_func_esp_disable() might
be called from USB disconnect interrupt, the two functions would run in parallel
but they are not well protected, that epfile->ep would be removed by
ffs_func_esp_disable() during ffs_epfile_io() is referring this pointer
rom
772c1c9ef451a9a84e48acf14ba613328920a2f4 Mon Sep 17 00:00:00 2001
From: channing
Date: Wed, 2 Apr 2014 16:37:57 +0800
Subject: [PATCH] Gadget: race between ffs_epfile_io() and
ffs_func_eps_disable()
ffs_epfile_io() is called from userspace, while ffs_func_esp_disable() might
be called from USB disconnect interr
