• L
    genirq: prevent wakeup of freed irq thread · 2d860ad7
    Linus Torvalds 提交于
    free_irq() can remove an irqaction while the corresponding interrupt
    is in progress, but free_irq() sets action->thread to NULL
    unconditionally, which might lead to a NULL pointer dereference in
    handle_IRQ_event() when the hard interrupt context tries to wake up
    the handler thread.
    
    Prevent this by moving the thread stop after synchronize_irq(). No
    need to set action->thread to NULL either as action is going to be
    freed anyway.
    
    This fixes a boot crash reported against preempt-rt which uses the
    mainline irq threads code to implement full irq threading.
    
    [ tglx: removed local irqthread variable ]
    Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
    2d860ad7
manage.c 24.4 KB