Bug 26212 - kernel NULL pointer dereference in pxa3xx_nand_probe
Summary: kernel NULL pointer dereference in pxa3xx_nand_probe
Status: CLOSED CODE_FIX
Alias: None
Product: Platform Specific/Hardware
Classification: Unclassified
Component: ARM (show other bugs)
Hardware: All Linux
: P1 normal
Assignee: linux-arm-kernel@lists.arm.linux.org.uk
URL:
Keywords:
Depends on:
Blocks: 21782
  Show dependency tree
 
Reported: 2011-01-06 10:12 UTC by Maciej Rutecki
Modified: 2011-02-03 18:52 UTC (History)
3 users (show)

See Also:
Kernel Version: 2.6.37
Subsystem:
Regression: Yes
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Maciej Rutecki 2011-01-06 10:12:59 UTC 
Subject    : kernel NULL pointer dereference in pxa3xx_nand_probe
Submitter  : Sven Neumann <s.neumann@raumfeld.com>
Date       : 2011-01-05 11:43
Message-ID : 1294227801.3996.62.camel@sven
References : http://marc.info/?l=linux-kernel&m=129422903703756&w=2

This entry is being used for tracking a regression from 2.6.36. Please don't
close it until the problem is fixed in the mainline.
Comment 1 Sven Neumann 2011-02-03 08:41:25 UTC 
This is fixed in mainline and the patch has been submitted for inclusion in 2.6.37 (I haven't verified if it did actually end up there):

commit 52d039fdaa78c5a9f9bc2940ad58d7ed76b8336d
Author: Dan Carpenter <error27@gmail.com>
Date:   Thu Jan 6 17:05:36 2011 +0300

    mtd: pxa3xx_nand: NULL dereference in pxa3xx_nand_probe
    
    "info->cmdset" gets dereferenced in __readid() so it needs to be
    initialized earlier in the function.  This bug was introduced in
    18c81b1828f8 "mtd: pxa3xx_nand: remove the flash info in driver
    structure".
    
    Cc: stable@kernel.org [2.6.37+]
    Reported-and-tested-by: Sven Neumann <s.neumann@raumfeld.com>
    Signed-off-by: Dan Carpenter <error27@gmail.com>
    Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Note You need to log in before you can comment on or make changes to this bug.