[PATCH 2/2] char: fix possible double-unlock in esp.c

[PATCH 2/2] char: fix possible double-unlock in esp.c

[Harvey Harrison]

Hitting either of the break statements in the while loop would cause
a double-unlock of info->lock.  Add an out label and goto instead of
break to skip the unlock in those cases.

Noticed by sparse:
drivers/char/esp.c:2042:2: warning: context imbalance in 'rs_wait_until_sent' - unexpected unlock

Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
---
 drivers/char/esp.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/char/esp.c b/drivers/char/esp.c
index 01fbddd..2b14814 100644
--- a/drivers/char/esp.c
+++ b/drivers/char/esp.c
@@ -2030,16 +2030,17 @@ static void rs_wait_until_sent(struct tty_struct *tty, int timeout)
 		msleep_interruptible(jiffies_to_msecs(char_time));
 
 		if (signal_pending(current))
-			break;
+			goto out;
 
 		if (timeout && time_after(jiffies, orig_jiffies + timeout))
-			break;
+			goto out;
 
 		spin_lock_irqsave(&info->lock, flags);
 		serial_out(info, UART_ESI_CMD1, ESI_NO_COMMAND);
 		serial_out(info, UART_ESI_CMD1, ESI_GET_TX_AVAIL);
 	}
 	spin_unlock_irqrestore(&info->lock, flags);
+out:
 	set_current_state(TASK_RUNNING);
 }
 
-- 
1.5.4.2.200.g99e75

Re: [PATCH 2/2] char: fix possible double-unlock in esp.c

[Jiri Slaby]

On 02/22/2008 06:34 PM, Harvey Harrison wrote:
> Hitting either of the break statements in the while loop would cause
> a double-unlock of info->lock.  Add an out label and goto instead of
> break to skip the unlock in those cases.
> 
> Noticed by sparse:
> drivers/char/esp.c:2042:2: warning: context imbalance in 'rs_wait_until_sent' - unexpected unlock
> 
> Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
> ---
>  drivers/char/esp.c |    5 +++--
>  1 files changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/char/esp.c b/drivers/char/esp.c
> index 01fbddd..2b14814 100644
> --- a/drivers/char/esp.c
> +++ b/drivers/char/esp.c
> @@ -2030,16 +2030,17 @@ static void rs_wait_until_sent(struct tty_struct *tty, int timeout)
>  		msleep_interruptible(jiffies_to_msecs(char_time));

guarantees current state be running after it returns either interrupted or not.

>  
>  		if (signal_pending(current))
> -			break;
> +			goto out;

just return;

>  		if (timeout && time_after(jiffies, orig_jiffies + timeout))
> -			break;
> +			goto out;

detto

>  		spin_lock_irqsave(&info->lock, flags);
>  		serial_out(info, UART_ESI_CMD1, ESI_NO_COMMAND);
>  		serial_out(info, UART_ESI_CMD1, ESI_GET_TX_AVAIL);
>  	}
>  	spin_unlock_irqrestore(&info->lock, flags);
> +out:
>  	set_current_state(TASK_RUNNING);

no need for this.

>  }
>  

[PATCHv2 2/2] char: fix possible double-unlock in esp.c

[Harvey Harrison]

Hitting either of the break statements in the while loop would cause
a double-unlock of info->lock.

[Jiri Slaby suggested simply returning is safe here, rather than a goto]

Noticed by sparse:
drivers/char/esp.c:2042:2: warning: context imbalance in 'rs_wait_until_sent' - unexpected unlock

Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
---
 drivers/char/esp.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/char/esp.c b/drivers/char/esp.c
index 01fbddd..0a33d09 100644
--- a/drivers/char/esp.c
+++ b/drivers/char/esp.c
@@ -2030,10 +2030,10 @@ static void rs_wait_until_sent(struct tty_struct *tty, int timeout)
 		msleep_interruptible(jiffies_to_msecs(char_time));
 
 		if (signal_pending(current))
-			break;
+			return;
 
 		if (timeout && time_after(jiffies, orig_jiffies + timeout))
-			break;
+			return;
 
 		spin_lock_irqsave(&info->lock, flags);
 		serial_out(info, UART_ESI_CMD1, ESI_NO_COMMAND);
-- 
1.5.4.2.200.g99e75