lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
82fb342460
android_kernel_xiaomi_sm8350/drivers/mmc/core
History
Grzegorz Sluja bbdc74dc19 mmc: block: Prevent new req entering queue after its cleanup 
The commit 304419d8a7 ("mmc: core: Allocate per-request data using the
block layer core"), refactored the mechanism of queue handling, but also
made mmc_init_request() to be called after mmc_cleanup_queue(). This
triggers a null pointer dereference:

[  683.123791] BUG: unable to handle kernel NULL pointer dereference at (null)
[  683.123801] IP: mmc_init_request+0x2c/0xf0 [mmc_block]
...
[  683.123905] Call Trace:
[  683.123913]  alloc_request_size+0x4f/0x70
[  683.123919]  mempool_alloc+0x5f/0x150
[  683.123925]  ? __enqueue_entity+0x6c/0x70
[  683.123928]  get_request+0x3ad/0x720
[  683.123933]  ? prepare_to_wait_event+0x110/0x110
[  683.123937]  blk_queue_bio+0xc1/0x3a0
[  683.123940]  generic_make_request+0xf8/0x2a0
[  683.123942]  submit_bio+0x75/0x150
[  683.123947]  submit_bio_wait+0x51/0x70
[  683.123951]  blkdev_issue_flush+0x5c/0x90
[  683.123956]  ext4_sync_fs+0x171/0x1b0
[  683.123961]  sync_filesystem+0x73/0x90
[  683.123965]  fsync_bdev+0x24/0x50
[  683.123971]  invalidate_partition+0x24/0x50
[  683.123973]  del_gendisk+0xb2/0x2a0
[  683.123977]  mmc_blk_remove_req.part.38+0x71/0xa0 [mmc_block]
[  683.123980]  mmc_blk_remove+0xba/0x190 [mmc_block]
[  683.123990]  mmc_bus_remove+0x1a/0x20 [mmc_core]
[  683.123995]  device_release_driver_internal+0x141/0x200
[  683.123999]  device_release_driver+0x12/0x20
[  683.124001]  bus_remove_device+0xfd/0x170
[  683.124004]  device_del+0x1e8/0x330
[  683.124012]  mmc_remove_card+0x60/0xc0 [mmc_core]
[  683.124019]  mmc_remove+0x19/0x30 [mmc_core]
[  683.124025]  mmc_stop_host+0xfb/0x1a0 [mmc_core]
[  683.124032]  mmc_remove_host+0x1a/0x40 [mmc_core]
[  683.124037]  sdhci_remove_host+0x2e/0x1c0 [mmc_sdhci]
[  683.124042]  sdhci_pci_remove_slot+0x3f/0x80 [sdhci_pci]
[  683.124045]  sdhci_pci_remove+0x39/0x70 [sdhci_pci]
[  683.124049]  pci_device_remove+0x39/0xc0
[  683.124052]  device_release_driver_internal+0x141/0x200
[  683.124056]  driver_detach+0x3f/0x80
[  683.124059]  bus_remove_driver+0x55/0xd0
[  683.124062]  driver_unregister+0x2c/0x50
[  683.124065]  pci_unregister_driver+0x29/0x90
[  683.124069]  sdhci_driver_exit+0x10/0x4f3 [sdhci_pci]
[  683.124073]  SyS_delete_module+0x171/0x250
[  683.124078]  entry_SYSCALL_64_fastpath+0x1e/0xa9

Fix this by setting the queue DYING flag before cleanup the queue, as it
prevents new reqs from entering the queue.

Signed-off-by: Grzegorz Sluja <grzegorzx.sluja@intel.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Fixes: 304419d8a7 ("mmc: core: Allocate per-request data using the...")
[Ulf: Updated the changelog]
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
2017-07-13 11:44:01 +02:00
..
block.c mmc: block: Prevent new req entering queue after its cleanup 2017-07-13 11:44:01 +02:00
block.h
bus.c
bus.h
card.h
core.c mmc: slot-gpio: Add support to enable irq wake on cd_irq 2017-06-20 10:30:49 +02:00
core.h
debugfs.c
host.c mmc: core: Use device_property_read instead of of_property_read 2017-06-20 10:30:30 +02:00
host.h
Kconfig mmc: core: Delete bounce buffer Kconfig option 2017-06-20 10:30:17 +02:00
Makefile
mmc_ops.c mmc: core: Clarify code for sending CSD 2017-06-20 10:30:47 +02:00
mmc_ops.h mmc: core: Re-factor code for sending CID 2017-06-20 10:30:45 +02:00
mmc_test.c mmc: core: Delete error messages for failed memory allocations 2017-06-20 10:30:21 +02:00
mmc.c mmc: core: Remove MMC_CAP2_HC_ERASE_SZ 2017-06-20 10:30:48 +02:00
pwrseq_emmc.c mmc: core: Don't do eMMC HW reset when resuming the eMMC card 2017-06-20 10:30:10 +02:00
pwrseq_sd8787.c
pwrseq_simple.c mmc: pwrseq_simple: Parse DTS for the power-off-delay-us property 2017-05-23 14:17:36 +02:00
pwrseq.c mmc: pwrseq: Add reset callback to the struct mmc_pwrseq_ops 2017-06-20 10:30:09 +02:00
pwrseq.h mmc: pwrseq: Add reset callback to the struct mmc_pwrseq_ops 2017-06-20 10:30:09 +02:00
queue.c MMC core: 2017-07-04 11:11:56 -07:00
queue.h mmc: block: Move boot partition locking into a driver op 2017-06-20 10:30:26 +02:00
quirks.h
sd_ops.c mmc: core: add proper be32 annotation 2017-04-24 21:42:19 +02:00
sd_ops.h mmc: core: add proper be32 annotation 2017-04-24 21:42:19 +02:00
sd.c mmc: core: Re-factor code for sending CID 2017-06-20 10:30:45 +02:00
sd.h
sdio_bus.c
sdio_bus.h
sdio_cis.c
sdio_cis.h
sdio_io.c mmc: core: simplify return code 2017-04-24 21:41:24 +02:00
sdio_irq.c mmc: sdio: Add API to manage SDIO IRQs from a workqueue 2017-06-20 10:30:11 +02:00
sdio_ops.c mmc: sdio: improve mmc_io_rw_extended 2017-04-24 21:41:42 +02:00
sdio_ops.h mmc: sdio: Add API to manage SDIO IRQs from a workqueue 2017-06-20 10:30:11 +02:00
sdio_uart.c
sdio.c mmc: sdio: Keep card runtime resumed while adding function devices 2017-06-20 10:30:39 +02:00
slot-gpio.c mmc: slot-gpio: Add support to enable irq wake on cd_irq 2017-06-20 10:30:49 +02:00
slot-gpio.h