On Thu, Dec 26, 2019 at 10:52:52AM +0800, xiyuyang19@xxxxxxxxxxxx wrote: > From: Xiyu Yang <xiyuyang19@xxxxxxxxxxxx> > > in_dev_get may return a NULL object. The fix handles the situation > by adding a check to avoid NULL pointer dereference on idev, > as pick_local_ipaddrs does. > > Signed-off-by: Xiyu Yang <xiyuyang19@xxxxxxxxxxxx> > Signed-off-by: Xin Tan <tanxin.ctf@xxxxxxxxx> > --- > drivers/infiniband/hw/i40iw/i40iw_main.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/infiniband/hw/i40iw/i40iw_main.c b/drivers/infiniband/hw/i40iw/i40iw_main.c > index d44cf33d..18587cc 100644 > --- a/drivers/infiniband/hw/i40iw/i40iw_main.c > +++ b/drivers/infiniband/hw/i40iw/i40iw_main.c > @@ -1225,6 +1225,8 @@ static void i40iw_add_ipv4_addr(struct i40iw_device *iwdev) > const struct in_ifaddr *ifa; > > idev = in_dev_get(dev); > + if (!idev) > + return; 1. You forgot to release rtnl lock. 2. The rtnl_trylock()/rtnl_unlock() scheme is wrong in this function. That lock is global and any devices can take it and prevent from i40iw to success in rtnl_trylock(), after that in_dev_for_each_ifa_rtnl() will be incorrect. > in_dev_for_each_ifa_rtnl(ifa, idev) { > i40iw_debug(&iwdev->sc_dev, I40IW_DEBUG_CM, > "IP=%pI4, vlan_id=%d, MAC=%pM\n", &ifa->ifa_address, > -- > 2.7.4 >