The driver may sleep with holding a spinlock.
The function call paths (from bottom to top) in Linux-4.16 are:
drivers/infiniband/hw/hns/hns_roce_hem.c, 345:
msleep in hns_roce_set_hem
drivers/infiniband/hw/hns/hns_roce_hem.c, 330:
_raw_spin_lock_irqsave in hns_roce_set_hem
To fix this bug, msleep() is replaced with mdelay().
This bug is found by my static analysis tool DSAC.
Signed-off-by: Jia-Ju Bai <[email protected]>
---
drivers/infiniband/hw/hns/hns_roce_hem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/infiniband/hw/hns/hns_roce_hem.c b/drivers/infiniband/hw/hns/hns_roce_hem.c
index 63b5b3edabcb..8c142676c589 100644
--- a/drivers/infiniband/hw/hns/hns_roce_hem.c
+++ b/drivers/infiniband/hw/hns/hns_roce_hem.c
@@ -342,7 +342,7 @@ static int hns_roce_set_hem(struct hns_roce_dev *hr_dev,
} else {
break;
}
- msleep(HW_SYNC_SLEEP_TIME_INTERVAL);
+ mdelay(HW_SYNC_SLEEP_TIME_INTERVAL);
}
bt_cmd_l = (u32)bt_ba;
--
2.17.0
On Sat, Sep 01, 2018 at 07:39:48PM +0800, Jia-Ju Bai wrote:
> The driver may sleep with holding a spinlock.
>
> The function call paths (from bottom to top) in Linux-4.16 are:
>
> drivers/infiniband/hw/hns/hns_roce_hem.c, 345:
> msleep in hns_roce_set_hem
> drivers/infiniband/hw/hns/hns_roce_hem.c, 330:
> _raw_spin_lock_irqsave in hns_roce_set_hem
>
> To fix this bug, msleep() is replaced with mdelay().
>
> This bug is found by my static analysis tool DSAC.
>
> Signed-off-by: Jia-Ju Bai <[email protected]>
> ---
> drivers/infiniband/hw/hns/hns_roce_hem.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
This was already fixed here:
commit 73b4e1f4c04e76b19fca296d09b97555bfb35202
Author: Lijun Ou <[email protected]>
Date: Wed Jul 25 15:29:38 2018 +0800
RDMA/hns: Use delay instead of usleep
In order to avoid using usleep function in lock function, we use delay
function instead of it. Besides, it also use brackets for standardized
the computed order.
Signed-off-by: Lijun Ou <[email protected]>
Signed-off-by: Jason Gunthorpe <[email protected]>