The normal regcache_sync function sets the async flag on the register
map. The maple tree sync code uses a temporary buffer, which is freed
after the register is written, however, as the async flag is set the
buffer might not be used until after it is freed. Fix this by clearing
the async flag in the maple tree sync function.
Fixes: bfa0b38c1483 ("regmap: maple: Implement block sync for the maple tree cache")
Signed-off-by: Charles Keepax <[email protected]>
---
drivers/base/regmap/regcache-maple.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/base/regmap/regcache-maple.c b/drivers/base/regmap/regcache-maple.c
index 283c2e02a2985..a24045a8c18f9 100644
--- a/drivers/base/regmap/regcache-maple.c
+++ b/drivers/base/regmap/regcache-maple.c
@@ -248,6 +248,8 @@ static int regcache_maple_sync(struct regmap *map, unsigned int min,
bool sync_needed = false;
map->cache_bypass = true;
+ /* Maple tree sync uses a temporary buffer, so clear async */
+ map->async = false;
rcu_read_lock();
--
2.30.2
On Tue, Jul 18, 2023 at 06:13:46PM +0100, Charles Keepax wrote:
> The normal regcache_sync function sets the async flag on the register
> map. The maple tree sync code uses a temporary buffer, which is freed
> after the register is written, however, as the async flag is set the
> buffer might not be used until after it is freed. Fix this by clearing
> the async flag in the maple tree sync function.
It would be better to push this down into the rbtree code which is what
really wants this.