[PATCH v3 3/5] phy: qcom: qmp-usb-legacy: Fix possible NULL-deref on early runtime suspend
Dmitry Baryshkov
dmitry.baryshkov at oss.qualcomm.com
Mon Feb 9 05:18:40 PST 2026
On Thu, Feb 05, 2026 at 05:02:38PM +0100, Loic Poulain wrote:
> There is a small window where the runtime suspend callback may run
> after pm_runtime_enable() and before pm_runtime_forbid(). In this
> case, a crash occurs because runtime suspend/resume dereferences
> qmp->phy pointer, which is not yet initialized:
> `if (!qmp->phy->init_count) {`
>
> This can also happen if user re-enables runtime-pm via the sysfs
> attribute before qmp phy is initialized.
>
> Similarly to other qcom phy drivers, introduce a qmp->phy_initialized
> variable that can be used to avoid relying on the possibly uninitialized
> phy pointer.
>
> Fixes: e464a3180a43 ("phy: qcom-qmp-usb: split off the legacy USB+dp_com support")
> Reviewed-by: Abel Vesa <abel.vesa at oss.qualcomm.com>
> Signed-off-by: Loic Poulain <loic.poulain at oss.qualcomm.com>
> ---
> drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov at oss.qualcomm.com>
--
With best wishes
Dmitry
More information about the linux-phy
mailing list