Re: [PATCH 1/4] watchdog: imgpdc: Fix NULL pointer dereference on probe

From: Andrew Bresticker
Date: Tue Mar 31 2015 - 15:37:34 EST


On Tue, Mar 31, 2015 at 11:49 AM, Andrew Bresticker
<abrestic@xxxxxxxxxxxx> wrote:
> From: Naidu Tellapati <naidu.tellapati@xxxxxxxxxx>
>
> pdc_wdt_probe() called pdc_wdt_stop() before watchdog_set_drvdata(),
> resulting in the following NULL pointer dereference:
>
> CPU 0 Unable to handle kernel paging request at virtual address 0000008c, epc == 8082a2b8, ra == 8082a914
> Oops[#1]:
> CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.0.0-rc5+ #102
> task: 8f8c0000 ti: 8f89e000 task.ti: 8f89e000
> $ 0 : 00000000 8082a914 00000000 dc8ba200
> $ 4 : 8faf9418 80ac0000 8f9cdc10 00008012
> $ 8 : 00000000 806e2350 00000001 8f001880
> $12 : 8f89fd14 00000000 00000000 65646f4d
> $16 : 8faf9418 8f9cdc10 8f001880 8f9cdc00
> $20 : 00000000 80c20000 00000000 80bc0000
> $24 : 00000002 00000000
> $28 : 8f89e000 8f89fd00 00000000 8082a914
> Hi : 0000006b
> Lo : 00008013
> epc : 8082a2b8 pdc_wdt_stop+0x1c/0x44
> Not tainted
> ra : 8082a914 pdc_wdt_probe+0x404/0x550
> Status: 11000403 KERNEL EXL IE
> Cause : 00800008
> BadVA : 0000008c
> PrId : 0001a120 (MIPS interAptiv (multi))
>
> Fix it by moving the call to pdc_wdt_stop() after we've set drvdata.

Disregard this patch and patch 2 - it looks like James Hogan beat me
to it :). Patches 3 and 4 still apply I think.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/