From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com [209.85.167.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC756280309 for ; Sat, 25 Apr 2026 08:28:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.44 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777105685; cv=none; b=lK3k1tmhcoPCmK4+9Ak/G6SnIfv6iZeVsR1qrnBpqDMZNVtEdkwRFpEs0LmKe75YxtvDHWyb5W5TdmQ7PwxfhwPZjqVyMkk43gpCuMMTJHbTs0oDYqhgMxeWC8izm1Hhg6JUL12Y2RamOKnSf5mauykpicYugzxMg5a7Vl76H8Q= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777105685; c=relaxed/simple; bh=VP4UMktKUW9zoZTUrhxtdB9XC6wMYH34C/FQqzejLbY=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=qB2RZ55YSC1n9/huhuWH0y6OX6loFXlaDkr2a/sV711xUl4avVyS0R7H149y1ufyA7sd2VzlnKrfzwueyzlW/SukCMvalB3pxs46YgOUUFRYAxVyhLCM8723V0xaWiuCZLRCe4uNMamryWEEGVTs9T2oxypY90g8fPrzHT7+HZA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=TZO7a2sc; arc=none smtp.client-ip=209.85.167.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="TZO7a2sc" Received: by mail-lf1-f44.google.com with SMTP id 2adb3069b0e04-5a3cee3a271so8656351e87.3 for ; Sat, 25 Apr 2026 01:28:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1777105682; x=1777710482; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=Ps7ahP/53TtoD5P7O/97SJpyoJwoMyCbAkkLuGTEiVo=; b=TZO7a2sc+2wgoT0SMLjFyoXuXNHJpQ5o5grFkqubrgPYvlaWrLI9c7qDcDRwPuv3kl dwpSpYNS9+Mx0mO1lFe7rBCBrRFyrKyL9wPtBGpshKqEbNaIsU3YkNWDZ7WUsSvdVH1n 4xcYUtecQc5RD4t0SFOXfiJiKJU0QoLiRAgy6NrxUh2NK/lyhMnoduHOJYgxGGNS2ySw y9FKspRxJ+jQoah7aUfbV4iV0FXxy+BTzMDFyKm33N2wMFjt5qoZwdKZWVTgs6L5E57D lZ3mmR4g9uwqccRjimdE1KrU8HnlshgM/puQ2uZ1NWVEUurGVzBljLM8iJ1njU4ltXD5 vFtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777105682; x=1777710482; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Ps7ahP/53TtoD5P7O/97SJpyoJwoMyCbAkkLuGTEiVo=; b=e7jssFsl5UnYnm5TQiuMxixd480P24Iv6UvuUFjcJhgGFnZtz0H/es+ahoF+qsgPH7 KupkU5f1bP8WnObCeotMllSDWIb744YltkSQwdG8ioWEcTniPYwHxhvBRGZx76TpVuxx dbdo+QHdRxvbSJrD5oqIPa4UZxIP+hkLeQDHeOT2WctfJrXYA+ReXzs+PitjlpiVUWdC GJgTlOkffJArX32JhzKZ/aoXFbjJmc/rpP2B4G+6pv0wD7BaRbSQsBEN9TLPeTjXR05T FvJQF1kOz1RfHRhHptluTSqDDD/fFxdh4tmEOttNT8VJSfbExkGNBvsNCiEOhaaFwuMD E5Hw== X-Forwarded-Encrypted: i=1; AFNElJ//ZPYbAe1nAxd3OoocZKLBvfWiGEt6+Jft3vBYTRDI22hfM4eNImGimxAhtJT0wV1PXXxlISkXFcqLGqM=@vger.kernel.org X-Gm-Message-State: AOJu0YzmG77aurfrDO8T3oTbrgi9zoXMsFlza5TteXVG9dgzPfli0Zwb UrV3glGLjJzaVqNNk6fwXatTElJjO/tFdH1tsf0pE6qTDDmF2LpM9GUM X-Gm-Gg: AeBDiesmtuyz3Il+/qBu/KkwQLBK7Lsh9+FElTskpzgQXaCel8HnTX2RIxFRMpj8rlX nHMsCofD4D1gJsUVl7WnIJ5B7uUfEYCN/pK9eelLQ+Rpsk3NZj/zwct7rPPe/k5ymEPi2FMeVkv 4ieKJKWCF0FkD9jQcP52/NdNIHuwqiY2dgHh3FFL7FTSVtddvVZHun0jTiywMhR2CR0kDLZmQv6 eoNWcVP7ffw5Ku/UWb+oJAQJ0fH5dX/hhQYQobJJzkZrCjDDxorTR4YOPpHV9180NC0pOTj1Hpg jtCzFOnKEFvHWoFvXpfR45cYHC0WcQzXhL1TY1a7aBeIXTy+fzOI2UFMA0OOLZ1fV+Ns8gXmPfo 4ohukk4iLggqHqdQwhDGgd5mTAvrpC9xSpm/vFVvM3ftINPgKF2G9jwq53oGiLn8uwBx04qxm7R 1JkY8WZmeRnznWqbfHv+am7xOjYl+gaufRk4UJ5m1C2dU= X-Received: by 2002:a05:6512:1dc:b0:5a4:19f3:f2b8 with SMTP id 2adb3069b0e04-5a419f3f3a2mr7261126e87.10.1777105681544; Sat, 25 Apr 2026 01:28:01 -0700 (PDT) Received: from foxbook (bfh75.neoplus.adsl.tpnet.pl. [83.28.45.75]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-5a4187e7ca0sm6537143e87.65.2026.04.25.01.27.59 (version=TLS1_2 cipher=AES128-SHA bits=128/128); Sat, 25 Apr 2026 01:28:00 -0700 (PDT) Date: Sat, 25 Apr 2026 10:27:56 +0200 From: Michal Pecio To: Ginger Cc: b-liu@ti.com, linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [bug report] Potential deadlock bug in 'drivers/usb/musb/musb_core.c', between 'musb_g_giveback()' and 'musb_stage0_irq()' Message-ID: <20260425102756.3340851e.michal.pecio@gmail.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Fri, 24 Apr 2026 12:50:43 +0800, Ginger wrote: > Dear Linux kernel maintainers, > > My research-based static analyzer found a potential deadlock bug > within the 'drivers/usb/musb' subsystem, more specifically, in > 'drivers/usb/musb/musb_core.c'. > This deadlock potentially occurs with the involvement of hard irq. > > Kernel version: long-term kernel v6.18.9 > > Potential concurrent triggering executions: > T0: > musb_stage0_irq [t1] > --> musb_handle_intr_resume > --> musb_g_resume > --> spin_lock(&musb->lock); [t2] > > T1: > musb_g_giveback > --> spin_lock(&musb->lock); [t0] > > If T0 (i.e., the hard irq) occurs after T1 acquires the lock and both > happen within the same CPU, then T0 will not proceed because it cannot > hold the spin lock that has already been possessed by T1, yet T1 > cannot proceed because the hard irq runs disables preempts. > Simply speaking, t0 -> t1 -> t2 can lead to a deadlock. Hi, You may want to consider earlier operations on the same lock and their implications. This function releases musb->lock before acquiring it. If called with the lock unlocked, that's a different kind of bug. If called with IRQs enabled, the caller created this problem. If called with IRQs disabled, it won't enable IRQs and won't deadlock. Regards, Michal