From mboxrd@z Thu Jan  1 00:00:00 1970
From: okash.khawaja@gmail.com (Okash Khawaja)
Date: Mon, 28 Mar 2016 14:32:45 +0100
Subject: unregister_input_polled_device() leads to null pointer deref
Message-ID: <20160328133245.GA6753@bytefire-computer>
To: kernelnewbies@lists.kernelnewbies.org
List-Id: kernelnewbies.lists.kernelnewbies.org

Hi,

I'm writing a i2c device driver. In probe(), among other things I call:

polled_input = input_allocate_polled_device();
input_register_polled_device(polled_input);

Then inside remove(), I extract the instance of input_polled_dev and
call 

input_unregister_polled_device(polled_input);

This results in kernel error:

"Unable to handle kernel NULL pointer dereference at virtual address
00000474". 

It turns out that the input_dev pointer inside input_polled_dev is null
which leads to this error. But why is input_dev pointer null? It is not
null inside probe() function and I don't release it anywhere.

This is code: http://pastebin.com/JJdepyEG and here is link to the output,
along with my log statements: http://pastebin.com/badwSvyy. 

Thanks,
Okash