From f38e87e8c8d326ec6cddfc3f286b605d996a52a3 Mon Sep 17 00:00:00 2001 From: Ashutosh Dixit Date: Tue, 17 Nov 2015 15:55:37 -0800 Subject: [PATCH] misc: mic: Fix crash when MIC reset is invoked in RESET_FAILED state This patch fixes the following crash seen when MIC reset is invoked in RESET_FAILED state due to device_del being called a second time on an already deleted device: [] device_del+0x45/0x1d0 [] device_unregister+0x1e/0x60 [] scif_unregister_device+0x12/0x20 [scif_bus] [] cosm_stop+0xaa/0xe0 [mic_cosm] [] cosm_reset_trigger_work+0x14/0x20 [mic_cosm] The fix consists in realizing that because cosm_reset changes the state to MIC_RESETTING, cosm_stop needs the previous state, before it changed to MIC_RESETTING, to decide whether a hw_ops->stop had previously been issued. This is now provided in a new cosm_device member cdev->prev_state. Reviewed-by: Sudeep Dutt Signed-off-by: Ashutosh Dixit Signed-off-by: Greg Kroah-Hartman --- drivers/misc/mic/bus/cosm_bus.h | 2 ++ drivers/misc/mic/cosm/cosm_main.c | 13 +++++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/drivers/misc/mic/bus/cosm_bus.h b/drivers/misc/mic/bus/cosm_bus.h index f7c57f266916..8b6341855dc3 100644 --- a/drivers/misc/mic/bus/cosm_bus.h +++ b/drivers/misc/mic/bus/cosm_bus.h @@ -30,6 +30,7 @@ * @attr_group: Pointer to list of sysfs attribute groups. * @sdev: Device for sysfs entries. * @state: MIC state. + * @prev_state: MIC state previous to MIC_RESETTING * @shutdown_status: MIC status reported by card for shutdown/crashes. * @shutdown_status_int: Internal shutdown status maintained by the driver * @cosm_mutex: Mutex for synchronizing access to data structures. @@ -55,6 +56,7 @@ struct cosm_device { const struct attribute_group **attr_group; struct device *sdev; u8 state; + u8 prev_state; u8 shutdown_status; u8 shutdown_status_int; struct mutex cosm_mutex; diff --git a/drivers/misc/mic/cosm/cosm_main.c b/drivers/misc/mic/cosm/cosm_main.c index 4b4b356c797d..7005cb1e01d2 100644 --- a/drivers/misc/mic/cosm/cosm_main.c +++ b/drivers/misc/mic/cosm/cosm_main.c @@ -153,8 +153,10 @@ void cosm_stop(struct cosm_device *cdev, bool force) * stop(..) calls device_unregister and will crash the system if * called multiple times. */ - bool call_hw_ops = cdev->state != MIC_RESET_FAILED && - cdev->state != MIC_READY; + u8 state = cdev->state == MIC_RESETTING ? + cdev->prev_state : cdev->state; + bool call_hw_ops = state != MIC_RESET_FAILED && + state != MIC_READY; if (cdev->state != MIC_RESETTING) cosm_set_state(cdev, MIC_RESETTING); @@ -195,8 +197,11 @@ int cosm_reset(struct cosm_device *cdev) mutex_lock(&cdev->cosm_mutex); if (cdev->state != MIC_READY) { - cosm_set_state(cdev, MIC_RESETTING); - schedule_work(&cdev->reset_trigger_work); + if (cdev->state != MIC_RESETTING) { + cdev->prev_state = cdev->state; + cosm_set_state(cdev, MIC_RESETTING); + schedule_work(&cdev->reset_trigger_work); + } } else { dev_err(&cdev->dev, "%s %d MIC is READY\n", __func__, __LINE__); rc = -EINVAL;