[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANgpojX70kVOFMoJn=Mu93JEqaYoYCM3d1LhWcP-JKN9bm0F0w@mail.gmail.com>
Date: Thu, 8 May 2025 16:31:56 +0800
From: Qiu-ji Chen <chenqiuji666@...il.com>
To: dennis.dalessandro@...nelisnetworks.com, jgg@...pe.ca, leon@...nel.org
Cc: linux-rdma@...r.kernel.org, linux-kernel@...r.kernel.org,
baijiaju1990@...il.com
Subject: [BUG] IB/rdmavt: Potential deadlocks in function rvt_ruc_loopback()
Hello maintainers,
I would like to report a potential lock ordering issue in
drivers/infiniband/sw/rdmavt/qp.c in the IB/rdmavt driver. This may
lead to deadlocks under certain conditions.
The function rvt_ruc_loopback() acquires locks in a conflicting order:
1. First takes &sqp->s_lock
2. Then takes &sqp->r_lock
This contradicts the established pattern in functions like
rvt_rc_timeout() and rvt_modify_qp(), which typically:
1. Acquire &sqp->r_lock first
2. Then take &sqp->s_lock
This reversed locking order creates potential deadlock scenarios when
these code paths execute concurrently.
The issue was introduced in version 4.20 and persists through current releases.
This issue was identified through static analysis. While I've verified
the locking patterns through code review, I'm not sufficiently
familiar with the driver's internals to propose a safe fix.
Thank you for your attention to this matter.
Best regards,
Qiu-Ji Chen
Powered by blists - more mailing lists