09.07.2021 01:42, Michał Mirosław пишет: > On Thu, Jul 01, 2021 at 05:23:58AM +0300, Dmitry Osipenko wrote: >> The HNP work can be re-scheduled while it's still in-fly. This results in >> re-initialization of the busy work, resetting the hrtimer's list node of >> the work and crashing kernel with null dereference within kernel/timer >> once work's timer is expired. It's very easy to trigger this problem by >> re-plugging USB cable quickly. Initialize HNP work only once to fix this >> trouble. > [...] >> - INIT_DELAYED_WORK(&fsm->hnp_polling_work, otg_hnp_polling_work); >> + if (!fsm->hnp_work_inited) { >> + INIT_DELAYED_WORK(&fsm->hnp_polling_work, otg_hnp_polling_work); >> + fsm->hnp_work_inited = true; >> + } >> + > > Maybe you could just add an initialization function to be called by > users of otg_fsm? It seems that only chipidea driver uses this > struct currently. If there are any out-of-tree users of the OTG FSM, then they will all get the fix too using the universal solution.