Hi Greg, hi Wolfram, Am 20.02.2017 um 19:22 schrieb Wolfram Sang:
On Thu, Feb 16, 2017 at 09:20:45PM +0000, Stefan Wahren wrote:Since commit e2474541032d ("bcm2835: Fix hang for writing messages larger than 16 bytes") the interrupt handler is prone to a possible NULL pointer dereference. This could happen if an interrupt fires before curr_msg is set by bcm2835_i2c_xfer_msg() and randomly occurs on the RPi 3. Even this is an unexpected behavior the driver must handle that with an error instead of a crash. CC: Noralf Trønnes <noralf@xxxxxxxxxxx> CC: Martin Sperl <kernel@xxxxxxxxxxxxxxxx> Reported-by: Peter Robinson <pbrobinson@xxxxxxxxx> Fixes: e2474541032d ("bcm2835: Fix hang for writing messages larger than 16 bytes") Signed-off-by: Stefan Wahren <stefan.wahren@xxxxxxxx>Applied to for-next, thanks (will be in 4.11)!
since this patch is too late for 4.10, should i resent with CC to stable in order to get it into the next 4.10 release?
Stefan -- To unsubscribe from this list: send the line "unsubscribe devicetree" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
