On Thu, Apr 13, 2023 at 12:57:39PM -0700, Wesley Cheng wrote: > In case there is a host which takes time to complete a SETUP transaction, > during the soft disconnect sequence multiple DWC3 EPs will have their > DWC3_EP_DELAY_STOP flag set w/o issuing the end transfer command. Once the > controller halt sequence occurs, the soft disconnect is successful, and > the subsequent soft connect will attempt to flush the pending end transfers. > > Soft disconnect sequence: > dwc3_gadget_ep_disable name=ep8in flags=0x3009 direction=1 > dwc3_gadget_ep_disable name=ep4in flags=1 direction=1 > dwc3_gadget_ep_disable name=ep3out flags=1 direction=0 > usb_gadget_disconnect deactivated=0 connected=0 ret=0 > > Soft connect bug: > BUG: spinlock already unlocked on CPU > spin_bug+0x0 > dwc3_remove_requests+0x278 > dwc3_ep0_out_start+0xb0 > __dwc3_gadget_start+0x25c > > The bug occurs due to the flush of the pending end transfers, as the gadget > start routine is not held with a spinlock. However, if the DWC3_EP_DELAY_STOP > is set, it will call the giveback API, which attempts to unlock the dwc->lock. > Ideally, the DWC3 gadget should not have pending end transfers on a soft > connect, so fix this by: > > 1. Re-locating the SETUP phase check after stop active transfers, since > that is where the DWC3_EP_DELAY_STOP is potentially set. This also allows > for handling of a host that may be unresponsive by using the completion > timeout to trigger the stall and restart for EP0. > > 2. Do not call gadget stop until the poll for controller halt is > completed. DEVTEN is cleared as part of gadget stop, so the intention to > allow ep0 events to continue while waiting for controller halt is not > happening. Only patch 1 applied, can you rebase the rest and resend with the acks applied? thanks, greg k-h
