Feature #3324
closed
32: Locking a mutex twice or unlocking without prior locking
Added by Ilya Shchepetkov over 12 years ago.
Updated over 11 years ago.
Description
(copied from kernel-rules/rules/DRVRULES_en.trl)
Summary¶
You should not acquire or release the same mutex twice in the same process. All locked mutexes should be unlocked at finalization.
Description¶
There are several things you should watch for:
- Double-locking. Mutex-type object provides exclusive access to sections of executable code. Thus retrying to acquire the current mutex will inevitably lead to a deadlock-situation. Deadlocks should be avoided, hence no double locks should take place.
- Releasing an unlocked mutex.
- Leaving a mutex locked at finalization.
Example¶
void edac_device_reset_delay_period(struct edac_device_ctl_info *edac_dev, unsigned long value)
{
mutex_lock(&device_ctls_mutex); /*acquire the device_ctls_mutex*/
/* cancel the current workq request */
edac_device_workq_teardown(edac_dev); /* function acquires the lock device_ctls_mutex */
/* leads to a double lock */
/* restart the workq request, with new delay value */
edac_device_workq_setup(edac_dev, value);
...
Related issues
2 (2 open — 0 closed)
Night tests have shown:
-driver=test-0032-drivers-media-video-cafe_ccic.tar.bz2;origin=external;kernel=linux-2.6.32.15;model=32_1;module=drivers/test-032-drivers-media-video-cafe_ccic/cafe_ccic.ko;main=ldv_main0_sequence_infinite_withcheck_stateful;verdict=unsafe
+driver=test-0032-drivers-media-video-cafe_ccic.tar.bz2;origin=external;kernel=linux-2.6.32.15;model=32_1;module=drivers/test-032-drivers-media-video-cafe_ccic/cafe_ccic.ko;main=ldv_main0_sequence_infinite_withcheck_stateful;verdict=unknown;RCV_status=fail;problems=Out_of_memory
I removed this file from the test set for a while. Commit f9dd2f7 of master branch.
- Status changed from New to Open
- Assignee set to Evgeny Novikov
- Priority changed from Normal to High
Aspect model 32_7a doesn't contain necessary model for mutex_lock_nested function. Plain model uses a special configuration (it undefines CONFIG_DEBUG_LOCK_ALLOC) that allows to avoid this because of mutex_lock_nested is a macro that is expanded as modeled mutex_lock function.
Google provides me an interesting related issue... from our bugzilla. It's #785. So, actually it isn't so simple to model mutex_lock_nested properly. Simple treating it as mutex_lock leads to false positives (e.g. see error traces for unmodeled mutex_lock_nested and modeled mutex_lock_nested). BTW, using COMPLEX_ID in rerouting won't help since two mutexes are the same field of the same structure fc_lport.
Commit 1462ea9 has removed one more driver that demonstrated nondetermined behavior:
-driver=kbdrivers--0032-2.6.31.6--test-0032-2.6.31.6-verdict-unsafe-drivers--usb--class--cdc-acm.c.tar.bz2;origin=external;kernel=linux-2.6.31.6;model=32_1;module=drivers/kbdrivers/0032-2.6.31.6/test-0032-2.6.31.6-verdict-unsafe-drivers--usb--class--cdc-acm.c/cdc-acm.ko;main=ldv_main0_sequence_infinite_withcheck_stateful;verdict=unsafe
+driver=kbdrivers--0032-2.6.31.6--test-0032-2.6.31.6-verdict-unsafe-drivers--usb--class--cdc-acm.c.tar.bz2;origin=external;kernel=linux-2.6.31.6;model=32_1;module=drivers/kbdrivers/0032-2.6.31.6/test-0032-2.6.31.6-verdict-unsafe-drivers--usb--class--cdc-acm.c/cdc-acm.ko;main=ldv_main0_sequence_infinite_withcheck_stateful;verdict=unknown;RCV_status=fail;problems=Exception
Commit 8339999 has removed one more driver that demonstrated nondetermined behavior:
-driver=kbdrivers--0032-2.6.31.6--test-0032-2.6.31.6-verdict-unsafe-drivers--media--video--cafe_ccic.c.tar.bz2;origin=external;kernel=linux-2.6.31.6;model=32_1;module=drivers/kbdrivers/0032-2.6.31.6/test-0032-2.6.31.6-verdict-unsafe-drivers--media--video--cafe_ccic.c/cafe_ccic.ko;main=ldv_main0_sequence_infinite_withcheck_stateful;verdict=unsafe
+driver=kbdrivers--0032-2.6.31.6--test-0032-2.6.31.6-verdict-unsafe-drivers--media--video--cafe_ccic.c.tar.bz2;origin=external;kernel=linux-2.6.31.6;model=32_1;module=drivers/kbdrivers/0032-2.6.31.6/test-0032-2.6.31.6-verdict-unsafe-drivers--media--video--cafe_ccic.c/cafe_ccic.ko;main=ldv_main0_sequence_infinite_withcheck_stateful;verdict=unknown;RCV_status=fail;problems=Out_of_memory
- Subject changed from 32_1: Locking a mutex twice or unlocking without prior locking to 32: Locking a mutex twice or unlocking without prior locking
Commit a50a723 has added new model function kref_put_mutex in 32_7a.
- Priority changed from High to Normal
- Status changed from Open to Closed
Also available in: Atom
PDF