Potential double-lock BUG in drivers/dma/pl330.c (Linux 4.10-rc2)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

With the help of a static bug finder (EBA -
http://www.iagoabal.eu/eba/) I have found a potential double-lock in
drivers/dma/pl330.c. This happens due to a recursive spin_lock_irqsave
on `pch->lock'.

If this is indeed a bug, I will be happy to help with a patch.

The trace is as follows:

1. Function `pl330_free_chan_resources' takes the lock for the first
time in line 2236:

        // https://github.com/torvalds/linux/blob/v4.10-rc2/drivers/dma/pl330.c#L2236
        spin_lock_irqsave(&pch->lock, flags);

2. Call to function `pl330_release_channel' immediately after;

3. Call to function `dma_pl330_rqcb' in line 1753;

4. Assuming that pch->thread->req[i].desc->pchan == pch, then function
`dma_pl330_rqcb' takes the lock again in line 1505:

        // https://github.com/torvalds/linux/blob/v4.10-rc2/drivers/dma/pl330.c#L1505
        spin_lock_irqsave(&pch->lock, flags);

Hope it helps!

-- iago
--
To unsubscribe from this list: send the line "unsubscribe dmaengine" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Kernel]     [Linux ARM (vger)]     [Linux ARM MSM]     [Linux Omap]     [Linux Arm]     [Linux Tegra]     [Fedora ARM]     [Linux for Samsung SOC]     [eCos]     [Linux PCI]     [Linux Fastboot]     [Gcc Help]     [Git]     [DCCP]     [IETF Announce]     [Security]     [Linux MIPS]     [Yosemite Campsites]

  Powered by Linux