Re: [PATCH RESEND] serial: imx: Fix potential deadlock on sport->port.lock
From: Vinod Koul
Date: Thu Sep 28 2023 - 03:38:28 EST
On 28-09-23, 08:07, Uwe Kleine-König wrote:
> [Cc += Vinod Koul, dmaengine@xxxxxxxxxxxxxxx]
>
> Hello,
>
> On Wed, Sep 27, 2023 at 06:19:39PM +0000, Chengfeng Ye wrote:
> > As &sport->port.lock is acquired under irq context along the following
> > call chain from imx_uart_rtsint(), other acquisition of the same lock
> > inside process context or softirq context should disable irq avoid double
> > lock.
> >
> > <deadlock #1>
> >
> > imx_uart_dma_rx_callback()
> > --> spin_lock(&sport->port.lock)
> > <interrupt>
> > --> imx_uart_rtsint()
> > --> spin_lock(&sport->port.lock)
> >
> > This flaw was found by an experimental static analysis tool I am
> > developing for irq-related deadlock.
>
> Ah, I understood before that you really experienced that deadlock (or a
> lockdep splat). I didn't test anything, but I think the
> imx_uart_dma_rx_callback() is called indirectly by
> sdma_update_channel_loop() which is called in irq context. I don't know
> if this is the case for all dma drivers?!
>
> @Vinod: Maybe you can chime in here: Is a dma callback always called in
> irq context?
Not in callback but a tasklet context. The DMA irq handler is supposed
to use a tasklet for invoking the callback
> If yes, this patch isn't needed. Otherwise it might be a good idea to
> not use the special knowledge and switch to spin_lock_irqsave() as
> suggested.
>
> > To prevent the potential deadlock, the patch uses spin_lock_irqsave()
> > on the &sport->port.lock inside imx_uart_dma_rx_callback() to prevent
> > the possible deadlock scenario.
> >
> > Signed-off-by: Chengfeng Ye <dg573847474@xxxxxxxxx>
>
> If we agree this patch is a good idea, we can add:
>
> Fixes: 496a4471b7c3 ("serial: imx: work-around for hardware RX flood")
>
> Thanks
> Uwe
>
> --
> Pengutronix e.K. | Uwe Kleine-König |
> Industrial Linux Solutions | https://www.pengutronix.de/ |
--
~Vinod