Commit 14be351e authored by Bart Van Assche's avatar Bart Van Assche Committed by Martin K. Petersen
Browse files

scsi: ufs: core: Fix an error handler crash 



The UFS error handler may be activated before SCSI scanning has started
and hence before hba->ufs_device_wlun has been set. Check the
hba->ufs_device_wlun pointer before using it.

Cc: Peter Wang <peter.wang@mediatek.com>
Cc: Nitin Rawat <nitin.rawat@oss.qualcomm.com>
Fixes: e23ef4f2 ("scsi: ufs: core: Fix error handler host_sem issue")
Fixes: f966e02a ("scsi: ufs: core: Fix runtime suspend error deadlock")
Signed-off-by: default avatarBart Van Assche <bvanassche@acm.org>
Reviewed-by: default avatarPeter Wang <peter.wang@mediatek.com>
Reviewed-by: default avatarNitin Rawat <nitin.rawat@oss.qualcomm.com>
Tested-by: Nitin Rawat <nitin.rawat@oss.qualcomm.com> #SM8750
Link: https://patch.msgid.link/20251204170457.994851-1-bvanassche@acm.org


Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
parent 278712d2

drivers/ufs/core/ufshcd.c

+14 −11
Original line number Diff line number Diff line
@@ -6699,11 +6699,13 @@ static void ufshcd_err_handler(struct work_struct *work) 
		 hba->saved_uic_err, hba->force_reset,

		 ufshcd_is_link_broken(hba) ? "; link is broken" : "");



	if (hba->ufs_device_wlun) {

		/*

	 * Use ufshcd_rpm_get_noresume() here to safely perform link recovery

	 * even if an error occurs during runtime suspend or runtime resume.

	 * This avoids potential deadlocks that could happen if we tried to

	 * resume the device while a PM operation is already in progress.

		 * Use ufshcd_rpm_get_noresume() here to safely perform link

		 * recovery even if an error occurs during runtime suspend or

		 * runtime resume. This avoids potential deadlocks that could

		 * happen if we tried to resume the device while a PM operation

		 * is already in progress.

		 */

		ufshcd_rpm_get_noresume(hba);

		if (hba->pm_op_in_progress) {
@@ -6712,6 +6714,7 @@ static void ufshcd_err_handler(struct work_struct *work) 
			return;

		}

		ufshcd_rpm_put(hba);

	}



	down(&hba->host_sem);

	spin_lock_irqsave(hba->host->host_lock, flags);