Hi Iago, On Fri, Nov 25, 2016 at 9:26 AM, Iago Abal <iago.abal@xxxxxxxxx> wrote: > With the help of a static bug finder (EBA - > https://github.com/models-team/eba) I have found a potential > double-lock in drivers/tty/serial/sh-sci.c. This happens due to a > recursive spin_lock_irqsave on `port->lock'. > > If this is indeed a bug, I will be happy to help with a patch. > > The trace is as follows: > > 1. Function `rx_timer_fn' takes the lock first in line 1361: > > // see https://github.com/torvalds/linux/blob/v4.9-rc6/drivers/tty/serial/sh-sci.c#L1361 > spin_lock_irqsave(&port->lock, flags); > > 2. Call to `sci_submit_rx' in line 1409; > 3. Enter loop in line 1260; > 4. `goto fail' in line 1268; > 5. Call to `sci_rx_dma_release' in line 1292; > 6. The lock is taken a second time in line 1175: > > // see https://github.com/torvalds/linux/blob/v4.9-rc6/drivers/tty/serial/sh-sci.c#L1175 > spin_lock_irqsave(&port->lock, flags); > > Hope it helps! Yes, that's a bug. Fortunately it only happens inside an error path, for a case that shouldn't really happen. Do you have a suggestion how to fix this? I'm afraid it's gonna need rewriting the way DMA is handled in the whole driver... Thanks! Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds -- To unsubscribe from this list: send the line "unsubscribe linux-serial" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
