https://bugzilla.novell.com/show_bug.cgi?id=655925 https://bugzilla.novell.com/show_bug.cgi?id=655925#c0 Summary: kernel NULL pointer dereference in bttv_open Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Kernel AssignedTo: kernel-maintainers@forge.provo.novell.com ReportedBy: kkaempf@novell.com QAContact: qa@suse.de Found By: Development Blocker: --- 2.6.37-rc2-4-default gets an OOPS when loading bttv Nov 25 08:08:18 linux-lkbf kernel: [ 39.274710] Call Trace: Nov 25 08:08:18 linux-lkbf kernel: [ 39.274720] [<ffffffff814b9eea>] mutex_lock+0x1a/0x40 Nov 25 08:08:18 linux-lkbf kernel: [ 39.274732] [<ffffffffa03b56a5>] bttv_open+0x105/0x320 [bttv] Nov 25 08:08:18 linux-lkbf kernel: [ 39.274759] [<ffffffffa0389651>] v4l2_open+0xe1/0x100 [videodev] Nov 25 08:08:18 linux-lkbf kernel: [ 39.274766] [<ffffffff8114b59e>] chrdev_open+0xce/0x200 Looking at drivers/media/video/bt8xx/bttv-driver.c:bttv_open() its rather obvious: /* allocate per filehandle data */ fh = kmalloc(sizeof(*fh), GFP_KERNEL); if (unlikely(!fh)) return -ENOMEM; file->private_data = fh; mutex_lock(&fh->cap.vb_lock); It dereferences cap from fh with fh being uninitialized. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.