Hello, I am testing a source code checker (http://repo.or.cz/w/smatch.git) and it found an issue in usb_se401_remove_disconnected() from drivers/media/video/se401.c. We set se401->dev to NULL on line 914 and dereference it on line 931. drivers/media/video/se401.c 914 se401->dev = NULL; 915 916 for (i = 0; i < SE401_NUMSBUF; i++) 917 if (se401->urb[i]) { 918 usb_kill_urb(se401->urb[i]); 919 usb_free_urb(se401->urb[i]); 920 se401->urb[i] = NULL; 921 kfree(se401->sbuf[i].data); 922 } 923 924 for (i = 0; i < SE401_NUMSCRATCH; i++) 925 kfree(se401->scratch[i].data); 926 927 if (se401->inturb) { 928 usb_kill_urb(se401->inturb); 929 usb_free_urb(se401->inturb); 930 } 931 dev_info(&se401->dev->dev, "%s disconnected", se401->camera_name); regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
