On Fri, 1 Jul 2011 08:40:21 +0300 Artem Bityutskiy <dedeki...@gmail.com> wrote:
> On Thu, 2011-06-30 at 11:26 -0500, Scott Wood wrote: > > If the NULL assignment is dropped, consider what happens if the > > fsl_elbc_nand module is removed then reinserted. On reinsertion, it > > will > > see a non-NULL fsl_lbc_ctrl_dev->nand, and will skip allocating a new > > one. > > Then you're referencing freed memory. > > Oh, then this sounds like a separate bug. Removing the module should > kill everything, and re-inserging the module should have zero > dependencies on the previous states... fsl_lbc_ctrl_dev (and thus the fsl_lbc_ctrl_dev->nand pointer) is not part of the module, it is part of arch/powerpc/sysdev/fsl_lbc.c. NAND isn't the only thing that elbc does. Since there can be multiple NAND chips, which are separately probed, the first chip (under a lock) creates the NAND state that is shared among the chips, and the last one removed destroys it. > Anyway, if you think the original patch is OK, I can put it to my tree. I think it's OK. The loop also needs to be removed, so the remove callback operates only on the particular chip it's called on, but that's a separate bug. -Scott _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
