* Bin Liu <b-...@ti.com> [170308 08:26]:
> The DSPS glue calls del_timer_sync() in its musb_platform_disable()
> implementation, which requires the caller to not hold a lock. But
> musb_remove() calls musb_platform_disable() will musb->lock held. This
> could causes spinlock deadlock.
>
> So change musb_remove() to call musb_platform_disable() without holds
> musb->lock. This doesn't impact the musb_platform_disable implementation
> in other glue drivers.
>
> root@am335x-evm:~# modprobe -r musb-dsps
> [ 126.134879] musb-hdrc musb-hdrc.1: remove, state 1
> [ 126.140465] usb usb2: USB disconnect, device number 1
> [ 126.146178] usb 2-1: USB disconnect, device number 2
> [ 126.416985] musb-hdrc musb-hdrc.1: USB bus 2 deregistered
> [ 126.423943]
> [ 126.425525] ======================================================
> [ 126.431997] [ INFO: possible circular locking dependency detected ]
> [ 126.438564] 4.11.0-rc1-00003-g1557f13bca04-dirty #77 Not tainted
> [ 126.444852] -------------------------------------------------------
> [ 126.451414] modprobe/778 is trying to acquire lock:
> [ 126.456523] (((&glue->timer))){+.-...}, at: [<c01b8788>]
> del_timer_sync+0x0/0xd0
> [ 126.464403]
> [ 126.464403] but task is already holding lock:
> [ 126.470511] (&(&musb->lock)->rlock){-.-...}, at: [<bf30b7f8>]
> musb_remove+0x50/0x1
> 30 [musb_hdrc]
> [ 126.479965]
> [ 126.479965] which lock already depends on the new lock.
> [ 126.479965]
> [ 126.488531]
> [ 126.488531] the existing dependency chain (in reverse order) is:
> [ 126.496368]
> [ 126.496368] -> #1 (&(&musb->lock)->rlock){-.-...}:
> [ 126.502968] otg_timer+0x80/0xec [musb_dsps]
> [ 126.507990] call_timer_fn+0xb4/0x390
> [ 126.512372] expire_timers+0xf0/0x1fc
> [ 126.516754] run_timer_softirq+0x80/0x178
> [ 126.521511] __do_softirq+0xc4/0x554
> [ 126.525802] irq_exit+0xe8/0x158
> [ 126.529735] __handle_domain_irq+0x58/0xb8
> [ 126.534583] __irq_usr+0x54/0x80
> [ 126.538507]
> [ 126.538507] -> #0 (((&glue->timer))){+.-...}:
> [ 126.544636] del_timer_sync+0x40/0xd0
> [ 126.549066] musb_remove+0x6c/0x130 [musb_hdrc]
> [ 126.554370] platform_drv_remove+0x24/0x3c
> [ 126.559206] device_release_driver_internal+0x14c/0x1e0
> [ 126.565225] bus_remove_device+0xd8/0x108
> [ 126.569970] device_del+0x1e4/0x308
> [ 126.574170] platform_device_del+0x24/0x8c
> [ 126.579006] platform_device_unregister+0xc/0x20
> [ 126.584394] dsps_remove+0x14/0x30 [musb_dsps]
> [ 126.589595] platform_drv_remove+0x24/0x3c
> [ 126.594432] device_release_driver_internal+0x14c/0x1e0
> [ 126.600450] driver_detach+0x38/0x6c
> [ 126.604740] bus_remove_driver+0x4c/0xa0
> [ 126.609407] SyS_delete_module+0x11c/0x1e4
> [ 126.614252] __sys_trace_return+0x0/0x10
>
> Fixes: ea2f35c01d5ea ("usb: musb: Fix sleeping function called from invalid
> context for hdrc glue")
> Cc: <sta...@vger.kernel.org> #4.9+
> Signed-off-by: Bin Liu <b-...@ti.com>
Acked-by: Tony Lindgren <t...@atomide.com>
> ---
> drivers/usb/musb/musb_core.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/usb/musb/musb_core.c b/drivers/usb/musb/musb_core.c
> index d8bae6ca8904..0c3664ab705e 100644
> --- a/drivers/usb/musb/musb_core.c
> +++ b/drivers/usb/musb/musb_core.c
> @@ -2490,8 +2490,8 @@ static int musb_remove(struct platform_device *pdev)
> musb_host_cleanup(musb);
> musb_gadget_cleanup(musb);
>
> - spin_lock_irqsave(&musb->lock, flags);
> musb_platform_disable(musb);
> + spin_lock_irqsave(&musb->lock, flags);
> musb_disable_interrupts(musb);
> musb_writeb(musb->mregs, MUSB_DEVCTL, 0);
> spin_unlock_irqrestore(&musb->lock, flags);
> --
> 1.9.1
>
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
