From: Radim Pavlik Date: Tue, 1 Jun 2021 10:48:18 +0000 (+0000) Subject: pinctrl: mcp23s08: fix race condition in irq handler X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=897120d41e7afd9da435cb00041a142aeeb53c07;p=linux.git pinctrl: mcp23s08: fix race condition in irq handler Checking value of MCP_INTF in mcp23s08_irq suggests that the handler may be called even when there is no interrupt pending. But the actual interrupt could happened between reading MCP_INTF and MCP_GPIO. In this situation we got nothing from MCP_INTF, but the event gets acknowledged on the expander by reading MCP_GPIO. This leads to losing events. Fix the problem by not reading any register until we see something in MCP_INTF. The error was reproduced and fix tested on MCP23017. Signed-off-by: Radim Pavlik Link: https://lore.kernel.org/r/AM7PR06MB6769E1183F68DEBB252F665ABA3E9@AM7PR06MB6769.eurprd06.prod.outlook.com Signed-off-by: Linus Walleij --- diff --git a/drivers/pinctrl/pinctrl-mcp23s08.c b/drivers/pinctrl/pinctrl-mcp23s08.c index ce2d8014b7e0b..799d596a1a4b5 100644 --- a/drivers/pinctrl/pinctrl-mcp23s08.c +++ b/drivers/pinctrl/pinctrl-mcp23s08.c @@ -351,6 +351,11 @@ static irqreturn_t mcp23s08_irq(int irq, void *data) if (mcp_read(mcp, MCP_INTF, &intf)) goto unlock; + if (intf == 0) { + /* There is no interrupt pending */ + return IRQ_HANDLED; + } + if (mcp_read(mcp, MCP_INTCAP, &intcap)) goto unlock; @@ -368,11 +373,6 @@ static irqreturn_t mcp23s08_irq(int irq, void *data) mcp->cached_gpio = gpio; mutex_unlock(&mcp->lock); - if (intf == 0) { - /* There is no interrupt pending */ - return IRQ_HANDLED; - } - dev_dbg(mcp->chip.parent, "intcap 0x%04X intf 0x%04X gpio_orig 0x%04X gpio 0x%04X\n", intcap, intf, gpio_orig, gpio);