[PATCH] USB: usb_sg_*() unlink deadlock fix
This would be rare with HCDs that maintain chains of DMA transfers, except if the HC dies in the middle of an I/O request; so no rush to merge this. It'd happen in a PIO based HCD though ... :) Async unlink of an URB from an endpoint's I/O queue _normally_ involves a delay from handshaking with the host controller, to be sure the DMA queue is inactive. So urb->complete() runs after usb_unlink_urb() returns, and from a different context. But not always... The completion may run immediately whenever the HCD knows that HC isn't busy with the URB. Maybe that HCD is in a HALT state, or the endpoint queue is is temporarily off-schedule (halted, or dead after PM resume from D3cold, etc) ... or maybe the HCD doesn't use DMA, so most unlinks just list_del_init() and return. This makes usb_sg_cancel() and sg_complete() drop the io->lock when they cancel active urbs, preventing potential self-deadlock when that completion handler runs immediately. Signed-off-by: David Brownell <dbrownell@users.sourceforge.net> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>
Showing
Please register or sign in to comment