Re: [PATCH 8/16][BUG] PCI slot: Fix invalid memory access (Not formainline!)
From: Alex Chiang
Date: Fri Mar 21 2008 - 16:02:24 EST
* Kenji Kaneshige <kaneshige.kenji@xxxxxxxxxxxxxx>:
> Fix kernel oops in pci_release_slot() when dbg() is enabled.
Merged, thanks.
/ac
>
> The dbg() in pci_release_slot() cause a kernel oops (invalid memory
> access) because it accesses slot after it is released. We need to
> access slot before calling kobject_put().
>
> Signed-off-by: Kenji Kaneshige <kaneshige.kenji@xxxxxxxxxxxxxx>
>
> ---
> drivers/pci/slot.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> Index: linux-2.6.25-rc6/drivers/pci/slot.c
> ===================================================================
> --- linux-2.6.25-rc6.orig/drivers/pci/slot.c
> +++ linux-2.6.25-rc6/drivers/pci/slot.c
> @@ -191,13 +191,14 @@ EXPORT_SYMBOL_GPL(pci_create_slot);
>
> int pci_destroy_slot(struct pci_slot *slot)
> {
> + dbg("%s: decreased refcount to %d on %x:%d\n", __func__,
> + atomic_read(&slot->kobj.kref.refcount) - 1, slot->bus->number,
> + slot->number);
> +
> down_write(&pci_bus_sem);
> kobject_put(&slot->kobj);
> up_write(&pci_bus_sem);
>
> - dbg("%s: decreased refcount to %d on %x:%d\n", __func__,
> - atomic_read(&slot->kobj.kref.refcount), slot->bus->number,
> - slot->number);
> return 0;
> }
> EXPORT_SYMBOL_GPL(pci_destroy_slot);
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/