The second half of irq_set_affinity_notifier() flushes an old notifier,
but (for RT) it is currently working on 'notify', which is the new one
(or can be NULL - in fact a NULL pointer dereference has been observed).
Fix this by making the second half of irq_set_affinity_notifier() use
old_notify consistently.
Fixes: d4200ab75cdd ("genirq: Handle missing work_struct in irq_set_affinity_notifier()")
Signed-off-by: Juri Lelli <juri.lelli@xxxxxxxxxx>
---
Hi,
This applies to v4.19.59-rt24 (and to all the other branches that have
the patch that introduced the issue). v5.2-rtx doesn't have this problem
(thanks to the workqueue rework).
Best,
Juri
---
kernel/irq/manage.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
index b2736d7d863b..4586967a1b32 100644
--- a/kernel/irq/manage.c
+++ b/kernel/irq/manage.c
@@ -386,7 +386,7 @@ irq_set_affinity_notifier(unsigned int irq, struct irq_affinity_notify *notify)
if (old_notify) {
#ifdef CONFIG_PREEMPT_RT_BASE
- kthread_cancel_work_sync(¬ify->work);
+ kthread_cancel_work_sync(&old_notify->work);
#else
cancel_work_sync(&old_notify->work);
#endif
--
2.17.2
