From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0776CC433E6 for ; Sun, 24 Jan 2021 09:01:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C066522CAF for ; Sun, 24 Jan 2021 09:01:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726096AbhAXJBQ convert rfc822-to-8bit (ORCPT ); Sun, 24 Jan 2021 04:01:16 -0500 Received: from aposti.net ([89.234.176.197]:43768 "EHLO aposti.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726623AbhAXJBH (ORCPT ); Sun, 24 Jan 2021 04:01:07 -0500 Date: Sun, 24 Jan 2021 08:38:13 +0000 From: Paul Cercueil Subject: Re: [RE-RESEND PATCH 1/4] usb: musb: Fix runtime PM race =?UTF-8?Q?in=0D=0A?= musb_queue_resume_work To: Sergei Shtylyov Cc: Bin Liu , Greg Kroah-Hartman , Tony Lindgren , od@zcrc.me, linux-mips@vger.kernel.org, linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Message-Id: In-Reply-To: <72e48343-f87e-5fed-809c-41995197019e@gmail.com> References: <20210123142502.16980-1-paul@crapouillou.net> <72e48343-f87e-5fed-809c-41995197019e@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: 8BIT Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Sergei, Le sam. 23 janv. 2021 à 19:41, Sergei Shtylyov a écrit : > On 1/23/21 5:24 PM, Paul Cercueil wrote: > >> musb_queue_resume_work() would call the provided callback if the >> runtime >> PM status was 'active'. Otherwise, it would enqueue the request if >> the >> hardware was still suspended (musb->is_runtime_suspended is true). >> >> This causes a race with the runtime PM handlers, as it is possible >> to be >> in the case where the runtime PM status is not yet 'active', but the >> hardware has been awaken (PM resume function has been called). > > Awakened. :-) Oops. Hopefully Bin or Greg can fix it when merging (if I don't need to v2, that is to say - feedback welcome). Cheers, -Paul >> When hitting the race, the resume work was not enqueued, which >> probably >> triggered other bugs further down the stack. For instance, a telnet >> connection on Ingenic SoCs would result in a 50/50 chance of a >> segmentation fault somewhere in the musb code. >> >> Rework the code so that either we call the callback directly if >> (musb->is_runtime_suspended == 0), or enqueue the query otherwise. >> >> Fixes: ea2f35c01d5e ("usb: musb: Fix sleeping function called from >> invalid context for hdrc glue") >> Cc: stable@vger.kernel.org # v4.9+ >> Signed-off-by: Paul Cercueil >> Reviewed-by: Tony Lindgren >> Tested-by: Tony Lindgren > [...] > > > MBR, Sergei