Slave interrupt handler should only be called if there is actually
a slave registered and running to avoid accessing an invalid pointer.
Without this commit, an OOPS can be generated due to a NULL ptr dereference
while receiving an IT when there is no master transfer and no slave
running:
- stm32f7_i2c_isr_event
- no master_mode hence calling stm32f7_i2c_slave_isr_event
- access to i2c_dev->slave_running leading to oops due to
slave_running being NULL.
Fixes: 60d609f30de2 ("i2c: i2c-stm32f7: Add slave support")
Signed-off-by: Alain Volmat <alain.volmat@xxxxxxxxxxx>
---
drivers/i2c/busses/i2c-stm32f7.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/i2c/busses/i2c-stm32f7.c b/drivers/i2c/busses/i2c-stm32f7.c
index 0d99c075deb2..2cc9bb0f6d7f 100644
--- a/drivers/i2c/busses/i2c-stm32f7.c
+++ b/drivers/i2c/busses/i2c-stm32f7.c
@@ -1497,10 +1497,14 @@ static irqreturn_t stm32f7_i2c_isr_event(int irq, void *data)
u32 status, mask;
int ret = IRQ_HANDLED;
- /* Check if the interrupt if for a slave device */
+ /* Check if the interrupt is for a slave device */
if (!i2c_dev->master_mode) {
- ret = stm32f7_i2c_slave_isr_event(i2c_dev);
- return ret;
+ if (i2c_dev->slave_running)
+ return stm32f7_i2c_slave_isr_event(i2c_dev);
+
+ dev_warn_ratelimited(i2c_dev->dev,
+ "Unexpected IT received: ISR:0x%x\n",
+ readl_relaxed(i2c_dev->base + STM32F7_I2C_ISR));
}
status = readl_relaxed(i2c_dev->base + STM32F7_I2C_ISR);
--
2.25.1
