Re: Bug in BCMA: device_unregister causing "NULL pointer dereference at"
From: Francois Romieu
Date: Thu Jul 14 2011 - 10:59:57 EST
RafaÅ MiÅecki <zajec5@xxxxxxxxx> :
[...]
> Any tip, why does it happen?
bcma_release_core_dev kfrees core while its list_head is still used ?
May be something like this :
diff --git a/drivers/bcma/main.c b/drivers/bcma/main.c
index be52344..85fb3aa 100644
--- a/drivers/bcma/main.c
+++ b/drivers/bcma/main.c
@@ -110,11 +110,14 @@ static int bcma_register_cores(struct bcma_bus *bus)
static void bcma_unregister_cores(struct bcma_bus *bus)
{
- struct bcma_device *core;
+ struct bcma_device *core, *next;
- list_for_each_entry(core, &bus->cores, list) {
+ list_for_each_entry_safe(core, next, &bus->cores, list) {
+ list_del(&core->list);
if (core->dev_registered)
device_unregister(&core->dev);
+ else
+ kfree(core);
}
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/