korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 04:18:39 +08:00
Code Issues Packages Projects Releases Wiki Activity
linux-4.14.y
linux/drivers
History
Geert Uytterhoeven 108df1056a mmc: core: Cancel delayed work before releasing host 
commit 1036f69e25 upstream.

On RZ/Five SMARC EVK, where probing of SDHI is deferred due to probe
deferral of the vqmmc-supply regulator:

    ------------[ cut here ]------------
    WARNING: CPU: 0 PID: 0 at kernel/time/timer.c:1738 __run_timers.part.0+0x1d0/0x1e8
    Modules linked in:
    CPU: 0 PID: 0 Comm: swapper Not tainted 6.7.0-rc4 #101
    Hardware name: Renesas SMARC EVK based on r9a07g043f01 (DT)
    epc : __run_timers.part.0+0x1d0/0x1e8
     ra : __run_timers.part.0+0x134/0x1e8
    epc : ffffffff800771a4 ra : ffffffff80077108 sp : ffffffc800003e60
     gp : ffffffff814f5028 tp : ffffffff8140c5c0 t0 : ffffffc800000000
     t1 : 0000000000000001 t2 : ffffffff81201300 s0 : ffffffc800003f20
     s1 : ffffffd8023bc4a0 a0 : 00000000fffee6b0 a1 : 0004010000400000
     a2 : ffffffffc0000016 a3 : ffffffff81488640 a4 : ffffffc800003e60
     a5 : 0000000000000000 a6 : 0000000004000000 a7 : ffffffc800003e68
     s2 : 0000000000000122 s3 : 0000000000200000 s4 : 0000000000000000
     s5 : ffffffffffffffff s6 : ffffffff81488678 s7 : ffffffff814886c0
     s8 : ffffffff814f49c0 s9 : ffffffff81488640 s10: 0000000000000000
     s11: ffffffc800003e60 t3 : 0000000000000240 t4 : 0000000000000a52
     t5 : ffffffd8024ae018 t6 : ffffffd8024ae038
    status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003
    [<ffffffff800771a4>] __run_timers.part.0+0x1d0/0x1e8
    [<ffffffff800771e0>] run_timer_softirq+0x24/0x4a
    [<ffffffff80809092>] __do_softirq+0xc6/0x1fa
    [<ffffffff80028e4c>] irq_exit_rcu+0x66/0x84
    [<ffffffff80800f7a>] handle_riscv_irq+0x40/0x4e
    [<ffffffff80808f48>] call_on_irq_stack+0x1c/0x28
    ---[ end trace 0000000000000000 ]---

What happens?

    renesas_sdhi_probe()
    {
    	tmio_mmc_host_alloc()
	    mmc_alloc_host()
		INIT_DELAYED_WORK(&host->detect, mmc_rescan);

	devm_request_irq(tmio_mmc_irq);

	/*
	 * After this, the interrupt handler may be invoked at any time
	 *
	 *  tmio_mmc_irq()
	 *  {
	 *	__tmio_mmc_card_detect_irq()
	 *	    mmc_detect_change()
	 *		_mmc_detect_change()
	 *		    mmc_schedule_delayed_work(&host->detect, delay);
	 *  }
	 */

	tmio_mmc_host_probe()
	    tmio_mmc_init_ocr()
		-EPROBE_DEFER

	tmio_mmc_host_free()
	    mmc_free_host()
    }

When expire_timers() runs later, it warns because the MMC host structure
containing the delayed work was freed, and now contains an invalid work
function pointer.

Fix this by cancelling any pending delayed work before releasing the
MMC host structure.

Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Tested-by: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/205dc4c91b47e31b64392fe2498c7a449e717b4b.1701689330.git.geert+renesas@glider.be
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-01-10 14:45:41 +01:00
..
accessibility
acpi ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() 2023-11-20 10:27:33 +01:00
amba amba: bus: fix refcount leak 2023-09-23 10:46:59 +02:00
android binder: fix memory leak in binder_init() 2023-08-30 16:35:13 +02:00
ata ata: pata_isapnp: Add missing error check for devm_ioport_map() 2023-12-08 08:41:58 +01:00
atm atm: solos-pci: Fix potential deadlock on &tx_queue_lock 2023-12-20 15:32:32 +01:00
auxdisplay
base driver core: Release all resources during unbind before updating device links 2023-12-08 08:42:00 +01:00
bcma
block remove the sx8 block driver 2023-11-08 11:21:09 +01:00
bluetooth Bluetooth: vhci: Fix race when opening vhci device 2023-10-25 11:13:31 +02:00
bus bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() 2023-02-22 12:46:01 +01:00
cdrom
char hwrng: geode - fix accessing registers 2023-11-20 10:27:34 +01:00
clk clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data 2023-11-20 10:27:33 +01:00
clocksource clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware 2023-11-28 16:45:42 +00:00
connector
cpufreq cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit() 2023-09-23 10:46:54 +02:00
cpuidle cpuidle: dt: Return the correct numbers of parsed idle states 2023-01-18 09:26:09 +01:00
crypto crypto: stm32 - fix loop iterating through scatterlist for DMA 2023-09-23 10:47:01 +02:00
dax
dca
devfreq PM / devfreq: Fix leak in devfreq_dev_release() 2023-09-23 10:46:59 +02:00
dio drivers: dio: fix possible memory leak in dio_init() 2023-01-18 09:26:22 +01:00
dma dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() 2023-11-20 10:27:35 +01:00
dma-buf dma-buf/sw_sync: Avoid recursive lock during fence signal 2023-08-30 16:35:16 +02:00
edac EDAC/device: Respect any driver-supplied workqueue polling value 2023-02-06 07:46:31 +01:00
eisa
extcon extcon: Fix kernel doc of property capability fields to avoid warnings 2023-08-11 11:33:39 +02:00
firewire firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards 2024-01-10 14:45:41 +01:00
firmware firmware: ti_sci: Mark driver as non removable 2023-11-20 10:27:34 +01:00
fmc
fpga fpga: altera-pr-ip: fix unsigned comparison with less than zero 2022-08-25 11:11:21 +02:00
fsi fsi: core: Check error number after calling ida_simple_get 2022-10-26 13:17:06 +02:00
gpio gpio: vf610: set value before the direction to avoid a glitch 2023-10-25 11:13:33 +02:00
gpu drm/amdgpu: correct chunk_ptr to a pointer to chunk. 2023-12-13 16:46:15 +01:00
hid HID: hid-asus: add const to read-only outgoing usb buffer 2023-12-20 15:32:37 +01:00
hsi HSI: omap_ssi_core: Fix error handling in ssi_init() 2023-01-18 09:26:26 +01:00
hv Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs 2023-06-28 10:14:19 +02:00
hwmon hwmon: (acpi_power_meter) Fix 4.29 MW bug 2023-12-13 16:46:16 +01:00
hwspinlock
hwtracing coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug 2023-04-20 12:02:12 +02:00
i2c i2c: i801: fix potential race in i801_block_transaction_byte_by_byte 2023-11-28 16:45:45 +00:00
ide treewide: Remove uninitialized_var() usage 2023-08-11 11:33:32 +02:00
idle entel_idle: Disable IBRS during long idle 2022-11-01 19:14:45 +01:00
iio iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table 2024-01-08 11:25:03 +01:00
infiniband RDMA/bnxt_re: Correct module description string 2023-12-13 16:46:15 +01:00
input Input: ipaq-micro-keys - add error handling for devm_kmemdup 2024-01-08 11:25:03 +01:00
iommu iommu/amd: Fix ivrs_acpihid cmdline parsing code 2023-01-18 09:26:38 +01:00
ipack
irqchip irqchip/stm32-exti: add missing DT IRQ flag translation 2023-11-08 11:21:08 +01:00
isdn mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() 2023-01-18 09:26:28 +01:00
leds
lightnvm lightnvm: disable the subsystem 2022-05-12 12:17:04 +02:00
macintosh macintosh: via-pmu-led: requires ATA to be set 2023-05-17 11:11:44 +02:00
mailbox mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 2023-08-11 11:33:40 +02:00
mcb mcb: fix error handling for different scenarios when parsing 2023-11-28 16:45:45 +00:00
md dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata() 2024-01-08 11:25:04 +01:00
media media: venus: hfi: fix the check to handle session buffer requirement 2023-11-28 16:45:45 +00:00
memory memory: of: Fix refcount leak bug in of_get_ddr_timings() 2022-10-26 13:17:02 +02:00
memstick memstick r592: make memstick_debug_get_tpc_name() static 2023-08-11 11:33:34 +02:00
message scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 2023-05-30 12:38:35 +01:00
mfd mfd: dln2: Fix double put in dln2_probe 2023-11-20 10:27:34 +01:00
misc misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() 2023-11-20 10:27:34 +01:00
mmc mmc: core: Cancel delayed work before releasing host 2024-01-10 14:45:41 +01:00
mtd mtd: rawnand: brcmnand: Fix ecc chunk calculation for erased page bitfips 2023-12-08 08:41:59 +01:00
mux
net i40e: fix use-after-free in i40e_aqc_add_filters() 2024-01-10 14:45:41 +01:00
nfc nfcsim.c: Fix error checking for debugfs_create_dir 2023-06-28 10:14:20 +02:00
ntb ntb: Fix calculation ntb_transport_tx_free_entry() 2023-09-23 10:47:00 +02:00
nubus
nvdimm nvdimm: Fix badblocks clear off-by-one error 2022-07-07 17:31:16 +02:00
nvme nvmet: avoid potential UAF in nvmet_req_complete() 2023-03-22 13:26:14 +01:00
nvmem
of of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() 2023-09-23 10:46:56 +02:00
oprofile
parisc parisc: iosapic.c: Fix sparse warnings 2023-10-10 21:43:39 +02:00
parport parport: Add support for Brainboxes IX/UC/PX parallel cards 2023-12-13 16:46:17 +01:00
pci PCI/sysfs: Protect driver's D3cold preference from user space 2023-11-28 16:45:44 +00:00
pcmcia pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() 2023-11-20 10:27:35 +01:00
perf perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator 2022-04-20 09:08:30 +02:00
phy phy: st: miphy28lp: use _poll_timeout functions for waits 2023-05-30 12:38:36 +01:00
pinctrl pinctrl: avoid reload of p state in list iteration 2023-12-08 08:41:59 +01:00
platform platform/x86: intel_telemetry: Fix kernel doc descriptions 2023-12-20 15:32:36 +01:00
pnp PNP: fix name memory leak in pnp_alloc_dev() 2023-01-18 09:26:10 +01:00
power power: supply: Fix logic checking if system is running from battery 2023-06-21 15:38:57 +02:00
powercap powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue 2022-10-26 13:17:08 +02:00
pps
ps3
ptp ptp: replace snprintf with sysfs_emit 2022-04-20 09:08:26 +02:00
pwm pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume 2023-11-20 10:27:35 +01:00
rapidio rapidio: devices: fix missing put_device in mport_cdev_open 2023-01-18 09:26:12 +01:00
ras
regulator regulator: Fix error checking for debugfs_create_dir 2023-06-21 15:38:57 +02:00
remoteproc remoteproc: qcom: wcnss: Fix handling of IRQs 2022-08-25 11:11:24 +02:00
reset
rpmsg rpmsg: Fix possible refcount leak in rpmsg_register_device_override() 2023-11-08 11:21:08 +01:00
rtc rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff 2023-09-23 10:46:52 +02:00
s390 s390/dasd: protect device queue against concurrent access 2023-12-08 08:41:59 +01:00
sbus
scsi scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() 2023-12-13 16:46:16 +01:00
sfi
sh
sn
soc soc/fsl/qe: fix usb.c build errors 2023-08-11 11:33:37 +02:00
spi spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe() 2023-09-23 10:46:54 +02:00
spmi spmi: Add a check for remove callback when removing a SPMI driver 2023-05-17 11:11:44 +02:00
ssb treewide: Remove uninitialized_var() usage 2023-08-11 11:33:32 +02:00
staging staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() 2023-08-11 11:33:53 +02:00
target scsi: target: core: Fix deadlock due to recursive locking 2023-10-10 21:43:41 +02:00
tc
tee
thermal thermal: core: prevent potential string overflow 2023-11-20 10:27:33 +01:00
thunderbolt thunderbolt: Use const qualifier for ring_interrupt_index 2023-04-05 11:14:16 +02:00
tty serial: 8250_omap: Add earlycon support for the AM654 UART controller 2023-12-13 16:46:17 +01:00
uio uio: uio_dmem_genirq: Fix deadlock between irq config and handling 2023-01-18 09:26:23 +01:00
usb USB: serial: option: add Quectel RM500Q R13 firmware support 2024-01-08 11:25:04 +01:00
uwb
vfio vfio: platform: Do not pass return buffer to ACPI _RST method 2023-01-18 09:26:23 +01:00
vhost treewide: Remove uninitialized_var() usage 2023-08-11 11:33:32 +02:00
video fbdev: fsl-diu-fb: mark wr_reg_wa() static 2023-11-20 10:27:35 +01:00
virt
virtio virtio_balloon: Fix endless deflation and inflation on arm64 2023-11-08 11:21:05 +01:00
vlynq
vme vme: Fix error not catched in fake_init() 2023-01-18 09:26:25 +01:00
w1 w1: fix loop in w1_fini() 2023-08-11 11:33:38 +02:00
watchdog watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running 2023-10-10 21:43:39 +02:00
xen xen/events: replace evtchn_rwlock with RCU 2023-10-10 21:43:42 +02:00
zorro
Kconfig
Makefile