From: Tobias Klauser Date: Fri, 24 Jun 2011 13:48:47 +0000 (+0200) Subject: Staging: usbip: vhci-hcd: Do not kill already dead RX/TX kthread X-Git-Tag: v3.0.1~97 X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=efa73f1334e339902993bb4894da47242f0c4173;p=karo-tx-linux.git Staging: usbip: vhci-hcd: Do not kill already dead RX/TX kthread commit 8547d4cc2b616e4f1dafebe2c673fc986422b506 upstream. When unbinding a device on the host which was still attached on the client, I got a NULL pointer dereference on the client. This turned out to be due to kthread_stop() being called on an already dead kthread. Here is how I was able to reproduce the problem: server:# usbip bind -b 1-2 client:# usbip attach -h server -b 1-2 server:# usbip unbind -b 1-2 This patch fixes the problem by checking the kthread before attempting to kill it, as it is done on the opposite side in stub_shutdown_connection(). Signed-off-by: Tobias Klauser Signed-off-by: Greg Kroah-Hartman --- diff --git a/drivers/staging/usbip/vhci_hcd.c b/drivers/staging/usbip/vhci_hcd.c index a76e8fa69b6e..76d7485f4e23 100644 --- a/drivers/staging/usbip/vhci_hcd.c +++ b/drivers/staging/usbip/vhci_hcd.c @@ -846,9 +846,9 @@ static void vhci_shutdown_connection(struct usbip_device *ud) } /* kill threads related to this sdev, if v.c. exists */ - if (vdev->ud.tcp_rx) + if (vdev->ud.tcp_rx && !task_is_dead(vdev->ud.tcp_rx)) kthread_stop(vdev->ud.tcp_rx); - if (vdev->ud.tcp_tx) + if (vdev->ud.tcp_tx && !task_is_dead(vdev->ud.tcp_tx)) kthread_stop(vdev->ud.tcp_tx); pr_info("stop threads\n");