Hi Greg,
hi Wolfram,
Am 20.02.2017 um 19:22 schrieb Wolfram Sang:
On Thu, Feb 16, 2017 at 09:20:45PM +0000, Stefan Wahren wrote:
Since commit e2474541032d ("bcm2835: Fix hang for writing messages
larger than 16 bytes") the interrupt handler is prone to a possible
NULL pointer dereference. This could happen if an interrupt fires
before curr_msg is set by bcm2835_i2c_xfer_msg() and randomly occurs
on the RPi 3. Even this is an unexpected behavior the driver must
handle that with an error instead of a crash.
CC: Noralf Trønnes <noralf@xxxxxxxxxxx>
CC: Martin Sperl <kernel@xxxxxxxxxxxxxxxx>
Reported-by: Peter Robinson <pbrobinson@xxxxxxxxx>
Fixes: e2474541032d ("bcm2835: Fix hang for writing messages larger than 16 bytes")
Signed-off-by: Stefan Wahren <stefan.wahren@xxxxxxxx>
Applied to for-next, thanks (will be in 4.11)!
since this patch is too late for 4.10, should i resent with CC to stable
in order to get it into the next 4.10 release?
Stefan
--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html