Hi,
I'll resend the two patches in this series as part of a bigger series
soon, please ignore them for now.
Thanks,
Daniel
On Friday, June 29, 2018 02:47 PM, Daniel Mack wrote:
In the error path of the IRQ handler, don't free the skb in flight. The
callback in the digital core will do that for us, so this is another
double-free that leads to memory corruptions.
The assignment of 'wtx' doesn't make sense as the variable is not read
after it is written. Drop it.
Signed-off-by: Daniel Mack <daniel@xxxxxxxxxx>
---
drivers/nfc/st95hf/core.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/nfc/st95hf/core.c b/drivers/nfc/st95hf/core.c
index ef91ca8b53a4..e651e1aae5a3 100644
--- a/drivers/nfc/st95hf/core.c
+++ b/drivers/nfc/st95hf/core.c
@@ -868,8 +868,6 @@ static irqreturn_t st95hf_irq_thread_handler(int irq, void *st95hfcontext)
return IRQ_HANDLED;
end:
- kfree_skb(skb_resp);
- wtx = false;
cb_arg->rats = false;
skb_resp = ERR_PTR(result);
/* call of callback with error */
