On Tue, Mar 06, 2018 at 09:13:37AM +0800, Qi Hou wrote:
> When booting up with "threadirqs" in command line, all irq handlers of the DMA
> controller pl330 will be threaded forcedly. These threads will race for the
> list, pl330->req_done.
> Before the callback, the spinlock was released. And after it, the spinlock was
> taken. This opened an race window where another threaded irq handler could
> the spinlock and be permitted to delete entries of the list, pl330->req_done.
> If the later deleted an entry that was still referred to by the former, there
> be a kernel panic when the former was scheduled and tried to get the next
> of the deleted entry.