Commit 001428e4 authored by Marc Kleine-Budde's avatar Marc Kleine-Budde Committed by Greg Kroah-Hartman

USB: gadgetfs: gadgetfs_disconnect: fix inconsistent lock state

Under certain circumstances lockdep finds an inconsistent lock state in
gadgetfs. The problem can be reproduced with a hardware using the
ci13xxx_udc driver and the gadgetfs test program (needs a patch to support
the ci13xxx_udc, though):
	http://www.linux-usb.org/gadget/usb.c
Start the test program, wait to initialize, then press Ctrl+c.

This patch fixes the following problem by using spin_lock_irqsave()
instead of spin_lock().

=================================
[ INFO: inconsistent lock state ]
3.1.0-rc6+ #158
---------------------------------
inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage.
usb/113 [HC0[0]:SC0[0]:HE1:SE1] takes:
 (&(&dev->lock)->rlock){?.....}, at: [<bf000340>] gadgetfs_disconnect+0x14/0x80 [gadgetfs]
{IN-HARDIRQ-W} state was registered at:
  [<c00596b8>] mark_irqflags+0x14c/0x1ac
  [<c0059bf8>] __lock_acquire+0x4e0/0x8f0
  [<c005a698>] lock_acquire+0x98/0x1a8
  [<c02f10e0>] _raw_spin_lock+0x54/0x8c
  [<bf000340>] gadgetfs_disconnect+0x14/0x80 [gadgetfs]
  [<c0229104>] _gadget_stop_activity+0xd4/0x154
  [<c022b130>] isr_reset_handler+0x34/0x1c0
  [<c022c320>] udc_irq+0x204/0x228
  [<c0069018>] handle_irq_event_percpu+0x64/0x3a0
  [<c0069390>] handle_irq_event+0x3c/0x5c
  [<c006ae5c>] handle_level_irq+0x8c/0x10c
  [<c0068a34>] generic_handle_irq+0x30/0x44
  [<c0009b2c>] handle_IRQ+0x30/0x84
  [<c0008ef8>] __irq_svc+0x38/0x60
  [<c0009c58>] default_idle+0x30/0x34
  [<c0009e30>] cpu_idle+0x9c/0xd8
  [<c04056f4>] start_kernel+0x278/0x2bc
irq event stamp: 6412
hardirqs last  enabled at (6412): [<c02f1cd0>] _raw_spin_unlock_irqrestore+0x30/0x5c
hardirqs last disabled at (6411): [<c02f1278>] _raw_spin_lock_irqsave+0x20/0xa0
softirqs last  enabled at (6381): [<c002833c>] irq_exit+0xa0/0xa8
softirqs last disabled at (6372): [<c002833c>] irq_exit+0xa0/0xa8

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&(&dev->lock)->rlock);
  <Interrupt>
    lock(&(&dev->lock)->rlock);

 *** DEADLOCK ***

1 lock held by usb/113:
 #0:  (udc_lock#2){+.+.+.}, at: [<c02286c0>] usb_gadget_unregister_driver+0x34/0x88

stack backtrace:
[<c000d41c>] (unwind_backtrace+0x0/0xf0) from [<c0058e98>] (print_usage_bug+0x144/0x1c4)
[<c0058e98>] (print_usage_bug+0x144/0x1c4) from [<c0059144>] (mark_lock_irq+0x22c/0x274)
[<c0059144>] (mark_lock_irq+0x22c/0x274) from [<c00592d4>] (mark_lock+0x148/0x3e0)
[<c00592d4>] (mark_lock+0x148/0x3e0) from [<c0059668>] (mark_irqflags+0xfc/0x1ac)
[<c0059668>] (mark_irqflags+0xfc/0x1ac) from [<c0059bf8>] (__lock_acquire+0x4e0/0x8f0)
[<c0059bf8>] (__lock_acquire+0x4e0/0x8f0) from [<c005a698>] (lock_acquire+0x98/0x1a8)
[<c005a698>] (lock_acquire+0x98/0x1a8) from [<c02f10e0>] (_raw_spin_lock+0x54/0x8c)
[<c02f10e0>] (_raw_spin_lock+0x54/0x8c) from [<bf000340>] (gadgetfs_disconnect+0x14/0x80 [gadgetfs])
[<bf000340>] (gadgetfs_disconnect+0x14/0x80 [gadgetfs]) from [<c0229104>] (_gadget_stop_activity+0xd4/0x154)
[<c0229104>] (_gadget_stop_activity+0xd4/0x154) from [<c0229240>] (ci13xxx_stop+0xbc/0x17c)
[<c0229240>] (ci13xxx_stop+0xbc/0x17c) from [<c022867c>] (usb_gadget_remove_driver+0x88/0x98)
[<c022867c>] (usb_gadget_remove_driver+0x88/0x98) from [<c02286f4>] (usb_gadget_unregister_driver+0x68/0x88)
[<c02286f4>] (usb_gadget_unregister_driver+0x68/0x88) from [<bf0003e8>] (dev_release+0x14/0x48 [gadgetfs])
[<bf0003e8>] (dev_release+0x14/0x48 [gadgetfs]) from [<c00cc158>] (__fput+0xa4/0x1f0)
[<c00cc158>] (__fput+0xa4/0x1f0) from [<c00c7f28>] (filp_close+0x5c/0x74)
[<c00c7f28>] (filp_close+0x5c/0x74) from [<c00c7fe8>] (sys_close+0xa8/0x150)
[<c00c7fe8>] (sys_close+0xa8/0x150) from [<c00092a0>] (ret_fast_syscall+0x0/0x38)
Tested-by: default avatarPavankumar Kondeti <pkondeti@codeaurora.org>
Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: default avatarFelipe Balbi <balbi@ti.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent 74203de0
......@@ -1730,8 +1730,9 @@ static void
gadgetfs_disconnect (struct usb_gadget *gadget)
{
struct dev_data *dev = get_gadget_data (gadget);
unsigned long flags;
spin_lock (&dev->lock);
spin_lock_irqsave (&dev->lock, flags);
if (dev->state == STATE_DEV_UNCONNECTED)
goto exit;
dev->state = STATE_DEV_UNCONNECTED;
......@@ -1740,7 +1741,7 @@ gadgetfs_disconnect (struct usb_gadget *gadget)
next_event (dev, GADGETFS_DISCONNECT);
ep0_readable (dev);
exit:
spin_unlock (&dev->lock);
spin_unlock_irqrestore (&dev->lock, flags);
}
static void
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment