In renesas_usb3_probe, &usb3->role_work is bound with
renesas_usb3_role_work. renesas_usb3_start will be called
to start the work.
If we remove the module which will call renesas_usb3_remove
to make cleanup, there may be a unfinished work. The possible
sequence is as follows:
Fix it by canceling the work before cleanup in the renesas_usb3_remove
CPU0 CPUc1
|renesas_usb3_role_work
renesas_usb3_remove |
usb_role_switch_unregister |
device_unregister |
kfree(sw); |
free usb3->role_sw |
| usb_role_switch_set_role
| //use usb3->role_sw
Fixes: 39facfa01c9f ("usb: gadget: udc: renesas_usb3: Add register of usb role switch")
Signed-off-by: Zheng Wang <zyytlz.wz@xxxxxxx>
---
drivers/usb/gadget/udc/renesas_usb3.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/usb/gadget/udc/renesas_usb3.c b/drivers/usb/gadget/udc/renesas_usb3.c
index bee6bceafc4f..23b5f1706d25 100644
--- a/drivers/usb/gadget/udc/renesas_usb3.c
+++ b/drivers/usb/gadget/udc/renesas_usb3.c
@@ -2658,6 +2658,8 @@ static int renesas_usb3_remove(struct platform_device *pdev)
{
struct renesas_usb3 *usb3 = platform_get_drvdata(pdev);
+ cancel_work_sync(&usb3->extcon_work);
+ cancel_work_sync(&usb3->role_work);
debugfs_remove_recursive(usb3->dentry);
device_remove_file(&pdev->dev, &dev_attr_role);
--
2.25.1
