unregister_input_polled_device() leads to null pointer deref

Carlo Caione carlo at caione.org
Mon Mar 28 09:55:43 EDT 2016


On Mon, Mar 28, 2016 at 3:32 PM, Okash Khawaja <okash.khawaja at gmail.com> wrote:
> Hi,
>
> I'm writing a i2c device driver. In probe(), among other things I call:
>
> polled_input = input_allocate_polled_device();
> input_register_polled_device(polled_input);
>
> Then inside remove(), I extract the instance of input_polled_dev and
> call
>
> input_unregister_polled_device(polled_input);
>
> This results in kernel error:
>
> "Unable to handle kernel NULL pointer dereference at virtual address
> 00000474".
>
> It turns out that the input_dev pointer inside input_polled_dev is null
> which leads to this error. But why is input_dev pointer null? It is not
> null inside probe() function and I don't release it anywhere.
>
> This is code: http://pastebin.com/JJdepyEG and here is link to the output,
> along with my log statements: http://pastebin.com/badwSvyy.
>

input_free_polled_device(polled_input) is always called in your probe function.


-- 
Carlo Caione



More information about the Kernelnewbies mailing list