[PATCH 5.4 202/261] Bluetooth: hci_bcm: fix freeing not-requested IRQ

From: Greg Kroah-Hartman
Date: Fri Jun 19 2020 - 12:01:19 EST

Next message: Greg Kroah-Hartman: "[PATCH 5.4 199/261] media: go7007: fix a miss of snd_card_free"
Previous message: Greg Kroah-Hartman: "[PATCH 5.4 206/261] media: ov5640: fix use of destroyed mutex"
In reply to: Greg Kroah-Hartman: "[PATCH 5.4 206/261] media: ov5640: fix use of destroyed mutex"
Next in thread: Greg Kroah-Hartman: "[PATCH 5.4 199/261] media: go7007: fix a miss of snd_card_free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: MichaÅ MirosÅaw <mirq-linux@xxxxxxxxxxxx>

commit 81bd5d0c62437c02caac6b3f942fcda874063cb0 upstream.

When BT module can't be initialized, but it has an IRQ, unloading
the driver WARNs when trying to free not-yet-requested IRQ. Fix it by
noting whether the IRQ was requested.

WARNING: CPU: 2 PID: 214 at kernel/irq/devres.c:144 devm_free_irq+0x49/0x4ca
[...]
WARNING: CPU: 2 PID: 214 at kernel/irq/manage.c:1746 __free_irq+0x8b/0x27c
Trying to free already-free IRQ 264
Modules linked in: hci_uart(-) btbcm bluetooth ecdh_generic ecc libaes
CPU: 2 PID: 214 Comm: rmmod Tainted: G W 5.6.1mq-00044-ga5f9ea098318-dirty #928
[...]
[<b016aefb>] (devm_free_irq) from [<af8ba1ff>] (bcm_close+0x97/0x118 [hci_uart])
[<af8ba1ff>] (bcm_close [hci_uart]) from [<af8b736f>] (hci_uart_unregister_device+0x33/0x3c [hci_uart])
[<af8b736f>] (hci_uart_unregister_device [hci_uart]) from [<b035930b>] (serdev_drv_remove+0x13/0x20)
[<b035930b>] (serdev_drv_remove) from [<b037093b>] (device_release_driver_internal+0x97/0x118)
[<b037093b>] (device_release_driver_internal) from [<b0370a0b>] (driver_detach+0x2f/0x58)
[<b0370a0b>] (driver_detach) from [<b036f855>] (bus_remove_driver+0x41/0x94)
[<b036f855>] (bus_remove_driver) from [<af8ba8db>] (bcm_deinit+0x1b/0x740 [hci_uart])
[<af8ba8db>] (bcm_deinit [hci_uart]) from [<af8ba86f>] (hci_uart_exit+0x13/0x30 [hci_uart])
[<af8ba86f>] (hci_uart_exit [hci_uart]) from [<b01900bd>] (sys_delete_module+0x109/0x1d0)
[<b01900bd>] (sys_delete_module) from [<b0101001>] (ret_fast_syscall+0x1/0x5a)
[...]

Cc: stable@xxxxxxxxxxxxxxx
Fixes: 6cc4396c8829 ("Bluetooth: hci_bcm: Add wake-up capability")
Signed-off-by: MichaÅ MirosÅaw <mirq-linux@xxxxxxxxxxxx>
Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
drivers/bluetooth/hci_bcm.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

--- a/drivers/bluetooth/hci_bcm.c
+++ b/drivers/bluetooth/hci_bcm.c
@@ -107,6 +107,7 @@ struct bcm_device {
u32 oper_speed;
int irq;
bool irq_active_low;
+ bool irq_acquired;

#ifdef CONFIG_PM
struct hci_uart *hu;
@@ -319,6 +320,8 @@ static int bcm_request_irq(struct bcm_da
goto unlock;
}

+ bdev->irq_acquired = true;
+
device_init_wakeup(bdev->dev, true);

pm_runtime_set_autosuspend_delay(bdev->dev,
@@ -487,7 +490,7 @@ static int bcm_close(struct hci_uart *hu
}

if (bdev) {
- if (IS_ENABLED(CONFIG_PM) && bdev->irq > 0) {
+ if (IS_ENABLED(CONFIG_PM) && bdev->irq_acquired) {
devm_free_irq(bdev->dev, bdev->irq, bdev);
device_init_wakeup(bdev->dev, false);
pm_runtime_disable(bdev->dev);

Next message: Greg Kroah-Hartman: "[PATCH 5.4 199/261] media: go7007: fix a miss of snd_card_free"
Previous message: Greg Kroah-Hartman: "[PATCH 5.4 206/261] media: ov5640: fix use of destroyed mutex"
In reply to: Greg Kroah-Hartman: "[PATCH 5.4 206/261] media: ov5640: fix use of destroyed mutex"
Next in thread: Greg Kroah-Hartman: "[PATCH 5.4 199/261] media: go7007: fix a miss of snd_card_free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]