Ray Jui <ray.jui@xxxxxxxxxxxx> wrote: >>> I think the following sequence needs to be implemented to make this >>> safe, i.e., after 'synchronize_irq', no further slave interrupt will be >>> fired. >>> >>> In 'bcm_iproc_i2c_unreg_slave': >>> >>> 1. Set an atomic variable 'unreg_slave' (I'm bad in names so please come >>> up with a better name than this) >>> >>> 2. Disable all slave interrupts >>> >>> 3. synchronize_irq >>> >>> 4. Set slave to NULL >>> >>> 5. Erase slave addresses >> >> What about this in unreg_slave? >> >> 1. disable_irq() >> This includes synchronize_irq() and avoids the race. Because irq >> will be masked at interrupt controller level, interrupts coming >> in at the I2C IP core level should still be pending once we >> reenable the irq. >> > > Can you confirm that even if we have irq pending at the i2c IP core > level, as long as we execute Step 2. below (to disable/mask all slave > interrupts), after 'enable_irq' is called, we still will not receive any > further i2c slave interrupt? > > Basically I'm asking if interrupts will be "cached" at the GIC > controller level after 'disable_irq' is called. As long as that is not > the case, then I think we are good. > > The goal of course is to ensure there's no further slave interrupts > after 'enable_irq' in Step 3 below. That was my question as well, the best would be if the i2c controller itself has a bit for masking all interrupts overriding individual event enables set by the ISR. Also with regards to the original sequence, I think slave address should be erased before enable_irq(), besides draining rx and tx FIFOs. I'll send reworked patch. @Rayagonda will validate new sequence with the test that hit the race condition. - Dhananjay
