redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers
History
Patrick McHardy 61808c2bbb [PATCH] cciss: fix use-after-free in cciss_init_one 
free_hba() sets hba[i] to NULL, the dereference afterwards results in this
crash.  Setting busy_initializing to 0 actually looks unnecessary, but I'm
not entirely sure, which is why I left it in.

cciss: controller appears to be disabled
Unable to handle kernel NULL pointer dereference at virtual address 00000370
 printing eip:
c1114d53
*pde = 00000000
Oops: 0002 [#1]
Modules linked in:
CPU:    0
EIP:    0060:[<c1114d53>]    Not tainted VLI
EFLAGS: 00010286   (2.6.16 #1)
EIP is at cciss_init_one+0x4e9/0x4fe
eax: 00000000   ebx: c132cd60   ecx: c13154e4   edx: c27d3c00
esi: 00000000   edi: c2748800   ebp: c2536ee4   esp: c2536eb8
ds: 007b   es: 007b   ss: 0068
Process swapper (pid: 1, threadinfo=c2536000 task=c2535a30)
Stack: <0>00000000 00000000 00000000 c13fdba0 c2536ee8 c13159c0 c2536f38
f7c74740
       c132cd60 c132cd60 ffffffed c2536ef0 c10c1d51 c2748800 c2536f04
c10c1d85
       c132cd60 c2748800 c132cd8c c2536f14 c10c1db8 c2748848 00000000
c2536f28
Call Trace:
 [<c10031d5>] show_stack_log_lvl+0xa8/0xb0
 [<c1003305>] show_registers+0x102/0x16a
 [<c10034a2>] die+0xc1/0x13c
 [<c1288160>] do_page_fault+0x38a/0x525
 [<c1002e9b>] error_code+0x4f/0x54
 [<c10c1d51>] pci_call_probe+0xd/0x10
 [<c10c1d85>] __pci_device_probe+0x31/0x43
 [<c10c1db8>] pci_device_probe+0x21/0x34
 [<c110a654>] driver_probe_device+0x44/0x99
 [<c110a73f>] __driver_attach+0x39/0x5d
 [<c1109e1c>] bus_for_each_dev+0x35/0x5a
 [<c110a777>] driver_attach+0x14/0x16
 [<c110a220>] bus_add_driver+0x5c/0x8f
 [<c110ab22>] driver_register+0x73/0x78
 [<c10c1f6d>] __pci_register_driver+0x5f/0x71
 [<c13bf935>] cciss_init+0x1a/0x1c
 [<c13aa718>] do_initcalls+0x4c/0x96
 [<c13aa77e>] do_basic_setup+0x1c/0x1e
 [<c10002b1>] init+0x35/0x118
 [<c1000cf5>] kernel_thread_helper+0x5/0xb
Code: 04 b5 e0 de 40 c1 8d 50 04 8b 40 34 e8 3f b7 f9 ff 8b 04 b5 e0 de
40 c1 e8 aa f3 ff ff 89 f0 e8 e8 fa ff ff 8b 04 b5 e0 de 40 c1 <c7> 80
70 03 00 00 00 00 00 00 83 c8 ff 8d 65 f4 5b 5e 5f 5d c3
 <0>Kernel panic - not syncing: Attempted to kill init!

Signed-off-by: Patrick McHardy <kaber@trash.net>
Cc: <mike.miller@hp.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
 		2006-03-23 07:38:03 -08:00
..
acorn [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
acpi [PATCH] x86_64: Disable ACPI blacklist by year for now on x86-64 2006-02-26 09:53:30 -08:00
amba
atm [ATM] suni: cast arg properly in SONET_SETFRAMING 2006-03-20 22:35:16 -08:00
base Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2006-03-22 10:58:05 -08:00
block [PATCH] cciss: fix use-after-free in cciss_init_one 2006-03-23 07:38:03 -08:00
bluetooth [Bluetooth] Fix firmware loading problem of BT3C driver 2006-02-13 11:40:07 +01:00
cdrom [PATCH] remove bogus asm/bug.h includes. 2006-02-07 20:56:35 -05:00
char Merge git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc 2006-03-22 22:20:46 -08:00
connector [CONNECTOR]: Use netlink_has_listeners() to avoind unnecessary allocations. 2006-03-20 22:21:40 -08:00
cpufreq [CPUFREQ] Whitespace/CodingStyle cleanups 2006-02-02 17:03:42 -05:00
crypto [CRYPTO] api: Align tfm context as wide as possible 2006-03-21 20:14:08 +11:00
dio [PATCH] Add dio_bus_type probe and remove methods 2006-01-13 11:26:07 -08:00
edac [PATCH] EDAC: disable sysfs interface 2006-03-14 07:57:18 -08:00
eisa
fc4 [PATCH] drivers/fc4/fc.c: memset correct length 2006-02-20 20:00:11 -08:00
firmware [PATCH] dcdbas: convert to the new platform device interface 2006-03-22 07:53:56 -08:00
hwmon [PATCH] it87: Fix oops on removal 2006-02-13 22:30:10 -08:00
i2c [PATCH] handle errors returned by platform_get_irq*() 2006-03-20 13:42:57 -08:00
ide [PATCH] handle errors returned by platform_get_irq*() 2006-03-20 13:42:57 -08:00
ieee1394 [PATCH] video1394: fix "return E;" typo 2006-02-28 20:53:43 -08:00
infiniband Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2006-03-21 09:31:48 -08:00
input [PATCH] Input: psmouse - disable autoresync 2006-03-10 22:09:33 -08:00
isdn [PATCH] i4l: fix compatiblity issue with big endian systems 2006-03-06 18:40:43 -08:00
macintosh [PATCH] macintosh: tidy-up driver_register() return values 2006-03-23 14:41:04 +11:00
mca
md [PATCH] dm: bio split bvec fix 2006-03-22 07:53:55 -08:00
media Merge with rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git 2006-03-22 11:02:08 +01:00
message [SCSI] convert mptsas over to end_device/expander allocations 2006-03-19 10:20:45 -06:00
mfd [PATCH] Add MCP bus_type probe and remove methods 2006-01-13 11:26:08 -08:00
misc [PATCH] ibmasm: use after free fix 2006-03-09 19:47:37 -08:00
mmc [PATCH] handle errors returned by platform_get_irq*() 2006-03-20 13:42:57 -08:00
mtd [PATCH] mtd_dataflash, fix block vs page erase 2006-03-14 07:57:17 -08:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc 2006-03-22 22:20:46 -08:00
nubus
oprofile [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
parisc [PARISC] Convert sba_iommu.c to use seq_file 2006-02-08 22:56:22 -05:00
parport [SERIAL] Merge avlab serial board entries in parport_serial 2006-03-20 20:08:22 +00:00
pci [PATCH] PowerPC/PCI Hotplug build break 2006-02-01 16:35:29 -08:00
pcmcia [PATCH] handle errors returned by platform_get_irq*() 2006-03-20 13:42:57 -08:00
pnp [PATCH] pnp bus type fix 2006-02-28 20:53:43 -08:00
rapidio [PATCH] Add rio_bus_type probe and remove methods 2006-01-13 11:26:10 -08:00
s390 Merge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6 2006-03-22 17:51:31 -08:00
sbus [SPARC]: Respect vm_page_prot in io_remap_page_range(). 2006-03-22 01:15:13 -08:00
scsi scsi: link in the debug driver last 2006-03-22 17:39:38 -08:00
serial Merge master.kernel.org:/home/rmk/linux-2.6-serial 2006-03-22 17:33:12 -08:00
sh [PATCH] Add superhyway_bus_type probe and remove methods 2006-01-13 11:26:09 -08:00
sn Pull sem2mutex-ioc4 into release branch 2006-03-21 08:17:15 -08:00
spi [PATCH] spi: Fix modular master driver remove and device suspend/remove 2006-02-20 20:00:09 -08:00
tc [PATCH] remove bogus asm/bug.h includes. 2006-02-07 20:56:35 -05:00
telephony [PATCH] ixj: fix writing silence check 2006-02-03 08:32:08 -08:00
usb Merge master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6 2006-03-21 09:25:47 -08:00
video Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6 2006-03-22 10:56:57 -08:00
w1
zorro [PATCH] Add zorro_bus_type probe and remove methods 2006-01-13 11:26:10 -08:00
Kconfig [PATCH] EDAC: core EDAC support code 2006-01-18 19:20:31 -08:00
Makefile [PATCH] drivers/sn/ must be entered for CONFIG_SGI_IOC3 2006-01-26 13:22:03 -08:00