On Thu, Oct 13, 2022 at 11:48:14PM +0530, Vidya Sagar wrote:
> Currently, epf_group list is traversed, and each group entry is freed and
> epf_group list head is deleted in the end. Deleting the list head is
> corrupting the data in the group entries that are already freed, leading to
> random crashes. To fix this issue, delete each group entry and then free
> it, and don't delete epf_group list head.
>
> Signed-off-by: Vidya Sagar <vidyas@xxxxxxxxxx>
Reviewed-by: Manivannan Sadhasivam <mani@xxxxxxxxxx>
Thanks,
Mani
> ---
> V2:
> * Reworded the commit message
>
> drivers/pci/endpoint/pci-epf-core.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/pci/endpoint/pci-epf-core.c b/drivers/pci/endpoint/pci-epf-core.c
> index 9ed556936f48..a7f4ae33905d 100644
> --- a/drivers/pci/endpoint/pci-epf-core.c
> +++ b/drivers/pci/endpoint/pci-epf-core.c
> @@ -340,9 +340,10 @@ static void pci_epf_remove_cfs(struct pci_epf_driver *driver)
> return;
>
> mutex_lock(&pci_epf_mutex);
> - list_for_each_entry_safe(group, tmp, &driver->epf_group, group_entry)
> + list_for_each_entry_safe(group, tmp, &driver->epf_group, group_entry) {
> + list_del(&group->group_entry);
> pci_ep_cfs_remove_epf_group(group);
> - list_del(&driver->epf_group);
> + }
> mutex_unlock(&pci_epf_mutex);
> }
>
> --
> 2.17.1
>
--
மணிவண்ணன் சதாசிவம்
