[thirdparty/kernel/stable-queue.git] / releases / 4.9.13 / irda-fix-lockdep-annotations-in-hashbin_delete.patch

From foo@baz Thu Feb 23 21:13:05 CET 2017
From: "David S. Miller" <davem@davemloft.net>
Date: Fri, 17 Feb 2017 16:19:39 -0500
Subject: irda: Fix lockdep annotations in hashbin_delete().

From: "David S. Miller" <davem@davemloft.net>


[ Upstream commit 4c03b862b12f980456f9de92db6d508a4999b788 ]

A nested lock depth was added to the hasbin_delete() code but it
doesn't actually work some well and results in tons of lockdep splats.

Fix the code instead to properly drop the lock around the operation
and just keep peeking the head of the hashbin queue.

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Tested-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/irda/irqueue.c |   34 ++++++++++++++++------------------
 1 file changed, 16 insertions(+), 18 deletions(-)

--- a/net/irda/irqueue.c
+++ b/net/irda/irqueue.c
@@ -383,9 +383,6 @@ EXPORT_SYMBOL(hashbin_new);
  *    for deallocating this structure if it's complex. If not the user can
  *    just supply kfree, which should take care of the job.
  */
-#ifdef CONFIG_LOCKDEP
-static int hashbin_lock_depth = 0;
-#endif
 int hashbin_delete( hashbin_t* hashbin, FREE_FUNC free_func)
 {
 	irda_queue_t* queue;
@@ -396,22 +393,27 @@ int hashbin_delete( hashbin_t* hashbin,
 	IRDA_ASSERT(hashbin->magic == HB_MAGIC, return -1;);
 
 	/* Synchronize */
-	if ( hashbin->hb_type & HB_LOCK ) {
-		spin_lock_irqsave_nested(&hashbin->hb_spinlock, flags,
-					 hashbin_lock_depth++);
-	}
+	if (hashbin->hb_type & HB_LOCK)
+		spin_lock_irqsave(&hashbin->hb_spinlock, flags);
 
 	/*
 	 *  Free the entries in the hashbin, TODO: use hashbin_clear when
 	 *  it has been shown to work
 	 */
 	for (i = 0; i < HASHBIN_SIZE; i ++ ) {
-		queue = dequeue_first((irda_queue_t**) &hashbin->hb_queue[i]);
-		while (queue ) {
-			if (free_func)
-				(*free_func)(queue);
-			queue = dequeue_first(
-				(irda_queue_t**) &hashbin->hb_queue[i]);
+		while (1) {
+			queue = dequeue_first((irda_queue_t**) &hashbin->hb_queue[i]);
+
+			if (!queue)
+				break;
+
+			if (free_func) {
+				if (hashbin->hb_type & HB_LOCK)
+					spin_unlock_irqrestore(&hashbin->hb_spinlock, flags);
+				free_func(queue);
+				if (hashbin->hb_type & HB_LOCK)
+					spin_lock_irqsave(&hashbin->hb_spinlock, flags);
+			}
 		}
 	}
 
@@ -420,12 +422,8 @@ int hashbin_delete( hashbin_t* hashbin,
 	hashbin->magic = ~HB_MAGIC;
 
 	/* Release lock */
-	if ( hashbin->hb_type & HB_LOCK) {
+	if (hashbin->hb_type & HB_LOCK)
 		spin_unlock_irqrestore(&hashbin->hb_spinlock, flags);
-#ifdef CONFIG_LOCKDEP
-		hashbin_lock_depth--;
-#endif
-	}
 
 	/*
 	 *  Free the hashbin structure
Commit	Line	Data
b2af825a GKH	1	From foo@baz Thu Feb 23 21:13:05 CET 2017
	2	From: "David S. Miller" <davem@davemloft.net>
	3	Date: Fri, 17 Feb 2017 16:19:39 -0500
	4	Subject: irda: Fix lockdep annotations in hashbin_delete().
	5
	6	From: "David S. Miller" <davem@davemloft.net>
	7
	8
	9	[ Upstream commit 4c03b862b12f980456f9de92db6d508a4999b788 ]
	10
	11	A nested lock depth was added to the hasbin_delete() code but it
	12	doesn't actually work some well and results in tons of lockdep splats.
	13
	14	Fix the code instead to properly drop the lock around the operation
	15	and just keep peeking the head of the hashbin queue.
	16
	17	Reported-by: Dmitry Vyukov <dvyukov@google.com>
	18	Tested-by: Dmitry Vyukov <dvyukov@google.com>
	19	Signed-off-by: David S. Miller <davem@davemloft.net>
	20	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	21	---
	22	net/irda/irqueue.c \| 34 ++++++++++++++++------------------
	23	1 file changed, 16 insertions(+), 18 deletions(-)
	24
	25	--- a/net/irda/irqueue.c
	26	+++ b/net/irda/irqueue.c
	27	@@ -383,9 +383,6 @@ EXPORT_SYMBOL(hashbin_new);
	28	* for deallocating this structure if it's complex. If not the user can
	29	* just supply kfree, which should take care of the job.
	30	*/
	31	-#ifdef CONFIG_LOCKDEP
	32	-static int hashbin_lock_depth = 0;
	33	-#endif
	34	int hashbin_delete( hashbin_t* hashbin, FREE_FUNC free_func)
	35	{
	36	irda_queue_t* queue;
	37	@@ -396,22 +393,27 @@ int hashbin_delete( hashbin_t* hashbin,
	38	IRDA_ASSERT(hashbin->magic == HB_MAGIC, return -1;);
	39
	40	/* Synchronize */
	41	- if ( hashbin->hb_type & HB_LOCK ) {
	42	- spin_lock_irqsave_nested(&hashbin->hb_spinlock, flags,
	43	- hashbin_lock_depth++);
	44	- }
	45	+ if (hashbin->hb_type & HB_LOCK)
	46	+ spin_lock_irqsave(&hashbin->hb_spinlock, flags);
	47
	48	/*
	49	* Free the entries in the hashbin, TODO: use hashbin_clear when
	50	* it has been shown to work
	51	*/
	52	for (i = 0; i < HASHBIN_SIZE; i ++ ) {
	53	- queue = dequeue_first((irda_queue_t**) &hashbin->hb_queue[i]);
	54	- while (queue ) {
	55	- if (free_func)
	56	- (*free_func)(queue);
	57	- queue = dequeue_first(
	58	- (irda_queue_t**) &hashbin->hb_queue[i]);
	59	+ while (1) {
	60	+ queue = dequeue_first((irda_queue_t**) &hashbin->hb_queue[i]);
	61	+
	62	+ if (!queue)
	63	+ break;
	64	+
65	+ if (free_func) {
66	+ if (hashbin->hb_type & HB_LOCK)
67	+ spin_unlock_irqrestore(&hashbin->hb_spinlock, flags);
68	+ free_func(queue);
69	+ if (hashbin->hb_type & HB_LOCK)
70	+ spin_lock_irqsave(&hashbin->hb_spinlock, flags);
71	+ }
72	}
73	}
74
75	@@ -420,12 +422,8 @@ int hashbin_delete( hashbin_t* hashbin,
76	hashbin->magic = ~HB_MAGIC;
77
78	/* Release lock */
79	- if ( hashbin->hb_type & HB_LOCK) {
80	+ if (hashbin->hb_type & HB_LOCK)
81	spin_unlock_irqrestore(&hashbin->hb_spinlock, flags);
82	-#ifdef CONFIG_LOCKDEP
83	- hashbin_lock_depth--;
84	-#endif
85	- }
86
87	/*
88	* Free the hashbin structure