From: Andy Shevchenko <andriy.shevchenko@intel.com>
To: Hugo Villeneuve <hugo@hugovil.com>
Cc: gregkh@linuxfoundation.org, jirislaby@kernel.org,
jringle@gridpoint.com, kubakici@wp.pl, phil@raspberrypi.org,
bo.svangard@embeddedart.se, linux-kernel@vger.kernel.org,
linux-serial@vger.kernel.org,
Hugo Villeneuve <hvilleneuve@dimonoff.com>,
stable@vger.kernel.org
Subject: Re: [PATCH 01/18] serial: sc16is7xx: fix segfault when removing driver
Date: Wed, 20 Dec 2023 17:34:28 +0200 [thread overview]
Message-ID: <ZYMJhKvGAFgj9phL@smile.fi.intel.com> (raw)
In-Reply-To: <20231219171903.3530985-2-hugo@hugovil.com>
On Tue, Dec 19, 2023 at 12:18:45PM -0500, Hugo Villeneuve wrote:
> From: Hugo Villeneuve <hvilleneuve@dimonoff.com>
>
> If a problem with a device occurs during probing, and we subsequently
> try to remove the driver, we get the following error:
>
> $ rmmod sc16is7xx
> [ 62.783166] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000040
> [ 62.994226] Call trace:
> [ 62.996672] serial_core_unregister_port+0x58/0x2b0
> [ 63.001558] serial_ctrl_unregister_port+0x18/0x30
> [ 63.006354] uart_remove_one_port+0x18/0x30
> [ 63.010542] sc16is7xx_spi_remove+0xc0/0x190 [sc16is7xx]
> Segmentation fault
>
> Tested on a custom board with two SC16IS742 ICs, and by simulating a fault
> when probing channel (port) B of the second device.
>
> The reason is that uart_remove_one_port() has already been called during
> probe in the out_ports: error path, and is called again in
> sc16is7xx_remove().
>
> Fix the problem by clearing the device drvdata in probe error path to
> indicate that all resources have been deallocated. And only deallocate
> resources in sc16is7xx_remove() if device drvdata is non-null.
...
> + dev_set_drvdata(dev, NULL);
I believe this is wrong approach to fix the issue as this one is prone
to be cleaned up in the future as we don't do this call explicitly for
the past ~15 years.
--
With Best Regards,
Andy Shevchenko
next prev parent reply other threads:[~2023-12-20 15:34 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20231219171903.3530985-1-hugo@hugovil.com>
2023-12-19 17:18 ` [PATCH 01/18] serial: sc16is7xx: fix segfault when removing driver Hugo Villeneuve
2023-12-20 15:34 ` Andy Shevchenko [this message]
2023-12-20 15:38 ` Andy Shevchenko
2023-12-19 17:18 ` [PATCH 02/18] serial: sc16is7xx: fix invalid sc16is7xx_lines bitfield in case of probe error Hugo Villeneuve
2023-12-20 15:40 ` Andy Shevchenko
2023-12-21 15:56 ` Hugo Villeneuve
2023-12-21 16:05 ` Andy Shevchenko
2023-12-21 16:13 ` Hugo Villeneuve
2023-12-21 16:16 ` Andy Shevchenko
2023-12-21 17:13 ` Hugo Villeneuve
2023-12-19 17:18 ` [PATCH 03/18] serial: sc16is7xx: remove obsolete loop in sc16is7xx_port_irq() Hugo Villeneuve
2023-12-20 15:41 ` Andy Shevchenko
2023-12-20 22:09 ` Hugo Villeneuve
2023-12-19 17:18 ` [PATCH 04/18] serial: sc16is7xx: improve do/while loop in sc16is7xx_irq() Hugo Villeneuve
2023-12-20 15:42 ` Andy Shevchenko
2023-12-20 16:00 ` Hugo Villeneuve
2023-12-19 17:18 ` [PATCH 15/18] serial: sc16is7xx: pass R/W buffer in FIFO functions Hugo Villeneuve
2023-12-20 15:57 ` Andy Shevchenko
2023-12-21 19:35 ` Hugo Villeneuve
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZYMJhKvGAFgj9phL@smile.fi.intel.com \
--to=andriy.shevchenko@intel.com \
--cc=bo.svangard@embeddedart.se \
--cc=gregkh@linuxfoundation.org \
--cc=hugo@hugovil.com \
--cc=hvilleneuve@dimonoff.com \
--cc=jirislaby@kernel.org \
--cc=jringle@gridpoint.com \
--cc=kubakici@wp.pl \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-serial@vger.kernel.org \
--cc=phil@raspberrypi.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox