mirror of
https://github.com/torvalds/linux.git
synced 2024-12-25 20:32:22 +00:00
600c0849cf
Paulian reported a crash that happens when a dock is unplugged during
hibernation:
[78436.228217] thunderbolt 0-1: device disconnected
[78436.228365] BUG: kernel NULL pointer dereference, address: 00000000000001e0
...
[78436.228397] RIP: 0010:icm_free_unplugged_children+0x109/0x1a0
...
[78436.228432] Call Trace:
[78436.228439] icm_rescan_work+0x24/0x30
[78436.228444] process_one_work+0x1a3/0x3a0
[78436.228449] worker_thread+0x30/0x370
[78436.228454] ? process_one_work+0x3a0/0x3a0
[78436.228457] kthread+0x13d/0x160
[78436.228461] ? kthread_park+0x90/0x90
[78436.228465] ret_from_fork+0x1f/0x30
This happens because remove_unplugged_switch() calls tb_switch_remove()
that releases the memory pointed by sw so the following lines reference
to a memory that might be released already.
Fix this by saving pointer to the parent device before calling
tb_switch_remove().
Reported-by: Paulian Bogdan Marinca <paulian@marinca.net>
Fixes:
|
||
|---|---|---|
| .. | ||
| acpi.c | ||
| cap.c | ||
| ctl.c | ||
| ctl.h | ||
| debugfs.c | ||
| dma_port.c | ||
| dma_port.h | ||
| domain.c | ||
| eeprom.c | ||
| icm.c | ||
| Kconfig | ||
| lc.c | ||
| Makefile | ||
| nhi_ops.c | ||
| nhi_regs.h | ||
| nhi.c | ||
| nhi.h | ||
| nvm.c | ||
| path.c | ||
| property.c | ||
| quirks.c | ||
| retimer.c | ||
| sb_regs.h | ||
| switch.c | ||
| tb_msgs.h | ||
| tb_regs.h | ||
| tb.c | ||
| tb.h | ||
| test.c | ||
| tmu.c | ||
| tunnel.c | ||
| tunnel.h | ||
| usb4.c | ||
| xdomain.c | ||