From: Alexey Khoroshilov Date: Wed, 29 May 2013 20:51:37 +0000 (+0400) Subject: usb: gadget: r8a66597-udc: do not unlock unheld spinlock in r8a66597_sudmac_irq() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f37d49ad6e3d351fcf3cd042953ff273b6cd47e0;p=GitHub%2Fexynos8895%2Fandroid_kernel_samsung_universal8895.git usb: gadget: r8a66597-udc: do not unlock unheld spinlock in r8a66597_sudmac_irq() r8a66597_irq() processes sudmac part (r8a66597_sudmac_irq()) before locking r8a66597->lock. But transfer_complete(), that is called inside (r8a66597_sudmac_irq()->sudmac_finish()->transfer_complete()), expects r8a66597->lock is locked. As a result unheld spinlock can be unlocked. The patch just moves locking before calling r8a66597_sudmac_irq(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Alexey Khoroshilov Signed-off-by: Felipe Balbi --- diff --git a/drivers/usb/gadget/r8a66597-udc.c b/drivers/usb/gadget/r8a66597-udc.c index 51ea1690ca5d..c6af649f3240 100644 --- a/drivers/usb/gadget/r8a66597-udc.c +++ b/drivers/usb/gadget/r8a66597-udc.c @@ -1469,11 +1469,11 @@ static irqreturn_t r8a66597_irq(int irq, void *_r8a66597) u16 savepipe; u16 mask0; + spin_lock(&r8a66597->lock); + if (r8a66597_is_sudmac(r8a66597)) r8a66597_sudmac_irq(r8a66597); - spin_lock(&r8a66597->lock); - intsts0 = r8a66597_read(r8a66597, INTSTS0); intenb0 = r8a66597_read(r8a66597, INTENB0);