Bug 14469

Summary: hso soft-lockup
Product: Drivers Reporter: Antti Kaijanmäki (antti.kaijanmaki)
Component: NetworkAssignee: drivers_network (drivers_network)
Status: CLOSED CODE_FIX    
Severity: high CC: alan, greg
Priority: P1    
Hardware: All   
OS: Linux   
URL: http://lkml.org/lkml/2009/10/22/37
Kernel Version: Subsystem:
Regression: No Bisected commit-id:

Description Antti Kaijanmäki 2009-10-26 07:49:23 UTC 
There's a bug in hso driver which causes kernel soft-locks on SMP machines. I have an Intel atom based netbook and I can reproduce the soft-lockup every time. I sent a patch to LKML (see URL), but here's some additional information.

I've tested Ubuntu kernel 2.6.31-14 and 2.6.32-rc5 git vanilla and both lock-up the same. I've tested the patch on both and it fixes the situation. I haven't been able to test with other Option hardware as I don't have any.

The bug should be clearly verified from the code. In hso_serial_close() kref_put() calls hso_serial_ref_free() when serial->parent->ref goes 0.  hso_serial_ref_free() calls directly hso_free_serial_device() which destroys the hso_serial and hso_device objects. Old code uses these destroyed objects after the kref_put() call. In my case the soft-lockup happens in mutex_unlock() at the end of hso_serial_close() as the mutex is destroyd too early with the hso_device.