When igb_init_interrupt_scheme in igb_sriov_reinit is failed, the lock
acquired by rtnl_lock() is not released, which causes a deadlock.
This patch adds rtnl_unlock() in error handling to fix it.
Signed-off-by: Jia-Ju Bai baijiaju1...@163.com
---
drivers/net/ethernet/intel/igb/igb_main.c |1
When vortex_up is failed, the skb buffers allocated by __netdev_alloc_skb
in vortex_open are not released, which may cause resource leaks.
This bug has been submitted before.
This patch modifies the error handling code to fix it.
Signed-off-by: Jia-Ju Bai baijiaju1...@163.com
---
drivers/net
.
Signed-off-by: Jia-Ju Bai baijiaju1...@163.com
---
drivers/net/ethernet/intel/e1000e/netdev.c | 24
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/drivers/net/ethernet/intel/e1000e/netdev.c
b/drivers/net/ethernet/intel/e1000e/netdev.c
index 89d788d
On 08/05/2015 06:43 PM, Jeff Kirsher wrote:
Is your intention that this patch replace the existing patch:
http://patchwork.ozlabs.org/patch/502990/
...which is currently in my queue?
Okay, please replace the previous patch.
--
To unsubscribe from this list: send the line unsubscribe
In error handling code of igb_probe, the memory adapter-shadow_vfta
allocated by kcalloc in igb_sw_init is not freed. So when register_netdev
or igb_init_i2c is failed, a memory leak will occur.
This patch adds kfree to fix it.
Signed-off-by: Jia-Ju Bai baijiaju1...@163.com
---
drivers/net
in e1000_configure_tx
in e1000_configure, but it is after e1000e_setup_rx_resources.
This patch adds a check to fix it.
Signed-off-by: Jia-Ju Bai baijiaju1...@163.com
---
drivers/net/ethernet/intel/e1000e/netdev.c |3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/intel
When pci_dma_mapping_error in e100_xmit_prepare is failed, the skb buffer
allocated by netdev_alloc_skb_ip_align in e100_rx_alloc_skb is not
released, which causes a possible resource leak.
This patch adds error handling code to fix it.
Signed-off-by: Jia-Ju Bai baijiaju1...@163.com
---
drivers
The driver lacks the check of nic-cbs_pool after pci_pool_create
in e100_probe. When this function is failed, a null pointer dereference
occurs when pci_pool_alloc uses nic-cbs_pool in e100_alloc_cbs.
This patch adds a check and related error handling code to fix it.
Signed-off-by: Jia-Ju Bai
and removal procedure,
which can fix the problem.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/wireless/rt2x00/rt2x00pci.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/wireless/rt2x00/rt2x00pci.c
b/drivers/net/wireless/rt2x00/rt2x00pci.c
index d93db4b..e
The driver calls ehci_mem_init to allocate memory resources.
But these resources are not freed when ehci_halt fails.
This patch adds "ehci_mem_cleanup" in error handling code to fix this problem.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/usb/host/ehci-hcd.
to remove the pci driver.
This function calls pci_clear_mwi and usb_hcd_pci_remove, which can
fix the problem.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/usb/host/ehci-pci.c |8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/usb/host/ehci
On 01/05/2016 12:50 AM, Helmut Schaa wrote:
On Mon, Jan 4, 2016 at 8:55 AM, Jia-Ju Bai<baijiaju1...@163.com> wrote:
The driver calls pci_set_mwi to enable memory-write-invalidate when it
is initialized, but does not call pci_clear_mwi when it is removed. Many
other drivers calls pci_cle
On 06/21/2017 02:11 PM, Kalle Valo wrote:
David Miller<da...@davemloft.net> writes:
From: Jia-Ju Bai<baijiaju1...@163.com>
Date: Mon, 19 Jun 2017 10:48:53 +0800
The driver may sleep under a spin lock, and the function call path is:
netxen_nic_pci_mem_access_direct (acqu
to report bugs as soon as they are introduced. I report it to
the author and CC the relevant list. If people don't respond to my
email after a month then I complain again.
regards,
dan carpenter
Thanks for your helpful advice.
Thanks,
Jia-Ju Bai
On 2017/6/21 21:40, Kalle Valo wrote:
Jia-Ju Bai <baijiaju1...@163.com> writes:
On 06/21/2017 02:11 PM, Kalle Valo wrote:
David Miller<da...@davemloft.net> writes:
From: Jia-Ju Bai<baijiaju1...@163.com>
Date: Mon, 19 Jun 2017 10:48:53 +0800
The driver may sleep
may sleep
To fixed it, the "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/isdn/i4l/isdn_ppp.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/isdn/i4l/isdn_ppp.c b/drivers/isdn/
;schedule" and "cpu_relax".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/scsi/qla4xxx/ql4_nx.c |8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/scsi/qla4xxx/ql4_nx.c b/drivers/scsi/qla4xxx/ql4_nx.c
index e91abb3..1cf5f4a 10
The driver may sleep under a spin lock, and the function call path is:
iscsit_tpg_enable_portal_group (acquire the lock by spin_lock)
iscsi_update_param_value
kstrdup(GFP_KERNEL) --> may sleep
To fix it, the "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by
p
To fix it, the "spin_lock" and "spin_unlock" are removed in enic_reset.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/cisco/enic/enic_main.c |2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/net/ethernet/cisco/enic/enic_main.c
xed it, the spin lock is released before "i40e_vsi_remove_pvid", and
the lock is acquired again after this function.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers
p
To fix it, the "spin_lock" and "spin_unlock" are removed
in enic_tx_hang_reset.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/cisco/enic/enic_main.c |2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/net/ethernet/cisco/enic/enic_m
The driver may sleep under a spin lock, and the function call path is:
mraid_mm_attach_buf (acquire the lock by spin_lock_irqsave)
pci_pool_alloc(GFP_KERNEL) --> may sleep
To fix it, the "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju
;schedule" and "cpu_relax".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/scsi/qla4xxx/ql4_glbl.h |2 +-
drivers/scsi/qla4xxx/ql4_nx.c |8 +---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/qla4xxx/ql4_glbl.h b/drivers/
The driver may sleep under a spin lock, and the function call path is:
ffs_epfile_io (acquire the lock by spin_lock_irq)
usb_ep_alloc_request(GFP_KERNEL) --> may sleep
To fix it, the "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...
d spin_unlock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
ind
d spin_unlock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c |6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
index dbc2
d-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/md/bcache/journal.c |1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/md/bcache/journal.c b/drivers/md/bcache/journal.c
index 1198e53..ad47c36 100644
--- a/drivers/md/bcache/journal.c
+++ b/drivers/md/bcache/journal.c
@@ -724
d spin_unlock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
ind
d spin_unlock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c |3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
index dbc2
lock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
ind
lock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
ind
The driver may sleep under a read spin lock, and the function call path is:
send_socklist (acquire the lock by read_lock)
skb_copy(GFP_KERNEL) --> may sleep
To fix it, the "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.co
d spin_unlock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/workitem.c | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c
b/drivers/staging/lustre/lnet/libcfs/workitem.c
ind
the spin_lock and spin_unlock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/lustre/lnet/libcfs/libcfs_lock.c |9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/lustre/lnet/libcfs/libcfs_lock.c
b/drivers/staging/lustre/lnet/l
The driver may sleep under a spin lock, and the function call path is:
psbfb_2d_submit (acquire the lock by spin_lock_irqsave)
psb_2d_wait_available
psb_spank
msleep --> may sleep
To fix it, the "msleep" is replaced with "mdelay" in psb_spank.
Signed-off-by
The driver may sleep under a spin lock, and the function call path is:
netxen_nic_pci_mem_access_direct (acquire the lock by spin_lock)
ioremap --> may sleep
To fix it, the lock is released before "ioremap", and the lock is
acquired again after this function.
Signed-off-b
red again after this function.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/wireless/broadcom/b43legacy/main.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/wireless/broadcom/b43legacy/main.c
b/drivers/net/wireless/broadcom/b43legacy/main.c
inde
On 05/31/2017 03:23 PM, Jia-Ju Bai wrote:
The driver may sleep under a spin lock, and the function call path is:
journal_wait_for_write (acquire the lock by spin_lock)
closure_sync
schedule --> may sleep
To fix it, the lock is released before "closure_sync", and the loc
ock
netxen_pcie_sem_lock
msleep --> may sleep
To fix it, the "msleep" is replaced with "mdelay" in netxen_pcie_sem_lock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/qlogic/netxen/netxen_nic_hw.c |2 +-
1 file changed, 1 inserti
On 06/01/2017 02:21 PM, Nicholas A. Bellinger wrote:
Hi Jia-Ju,
On Wed, 2017-05-31 at 11:26 +0800, Jia-Ju Bai wrote:
The driver may sleep under a spin lock, and the function call path is:
iscsit_tpg_enable_portal_group (acquire the lock by spin_lock)
iscsi_update_param_value
kstrdup
On 06/02/2017 12:11 AM, Jonathan Corbet wrote:
On Thu, 01 Jun 2017 09:05:07 +0800
Jia-Ju Bai<baijiaju1...@163.com> wrote:
I admit my patches are not well tested, and they may not well fix the bugs.
I am looking forward to opinions and suggestions :)
May I politely suggest that sendi
e lock is released before cancel_work_sync, and the lock
is acquired again after this function.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/wireless/st/cw1200/sta.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/wireless/st/cw1200/sta.c
b/drivers/net
off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/infiniband/sw/rxe/rxe_verbs.c |9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/drivers/infiniband/sw/rxe/rxe_verbs.c
b/drivers/infiniband/sw/rxe/rxe_verbs.c
index 83d709e..6fb7e1a 100644
--- a/drivers/infiniba
On 05/31/2017 06:18 PM, Sumit Saxena wrote:
-Original Message-
From: Jia-Ju Bai [mailto:baijiaju1...@163.com]
Sent: Wednesday, May 31, 2017 8:27 AM
To: kashyap.de...@broadcom.com; sumit.sax...@broadcom.com;
shivasharan.srikanteshw...@broadcom.com; j...@linux.vnet.ibm.com;
martin.peter
sd_ddr_pre_tuning_tx
sd_change_phase
wait_timeout
schedule_timeout --> may sleep
To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rts5208/sd.c |2 +-
On 06/01/2017 01:33 AM, Larry Finger wrote:
On 05/31/2017 05:29 AM, Jia-Ju Bai wrote:
The driver may sleep under a spin lock, and the function call path is:
b43legacy_attr_interfmode_store (acquire the lock by spin_lock_irqsave)
b43legacy_radio_set_interference_mitigation
On 06/01/2017 08:07 AM, Larry Finger wrote:
On 05/31/2017 10:32 AM, Michael Büsch wrote:
On Wed, 31 May 2017 13:26:43 +0300
Kalle Valo <kv...@codeaurora.org> wrote:
Jia-Ju Bai <baijiaju1...@163.com> writes:
The driver may sleep under a spin lock, and the functi
w_process_aeq
i40iw_next_iw_state
i40iw_hw_modify_qp (call i40iw_get_cqp_request)
i40iw_handle_cqp_op
i40iw_wait_event --> may sleep
To fix it, "cqp_request->waiting" is assigned in "else" branch in
i40iw_get_cqp_request.
Signed-off-by: Jia-Ju
The memory is freed by
vfree through the temporary value outside the lock holding.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/media/pci/ivtv/ivtv-alsa-pcm.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/media/pci/ivtv/ivtv-alsa-pcm.c
b/drivers
The memory is freed by
vfree through the temporary value outside the lock holding.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/media/pci/cx18/cx18-alsa-pcm.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/media/pci/cx18/cx18-alsa-pcm.c
b/dr
; is replaced with mdelay in sd_power_off_card3v3.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rts5208/sd.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rts5208/sd.c b/drivers/staging/rts5208/sd.c
index bdd35b6..aa14454 100644
--
On 06/03/2017 04:52 PM, Greg KH wrote:
On Thu, Jun 01, 2017 at 11:43:35AM +0800, Jia-Ju Bai wrote:
The driver may sleep under a spin lock, and the function call path is:
rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
rtsx_enter_ss
rtsx_power_off_card
sd_cleanup_work
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rts5208/xd.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rts5208/xd.c b/drivers/staging/rts5208/xd.c
index 85aba05..74d36f9 100644
--- a/drivers/staging/rts5208/xd.c
+++ b/d
xd_finish_write
xd_copy_page
wait_timeout
schedule_timeout --> may sleep
To fix it, "wait_timeout" is replaced with mdelay in xd_copy_page.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rts5208/xd.c |2 +-
1 file c
sd_ddr_pre_tuning_tx
sd_send_cmd_get_rsp
wait_timeout
schedule_timeout --> may sleep
To fix it, "wait_timeout" is replaced with mdelay in sd_send_cmd_get_rsp.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rts5208/sd.
xd_set_unused_block
xd_build_l2p_tbl
xd_init_l2p_tbl
vmalloc --> may sleep
This bug is found by my static analysis tool and my code review.
I hope to fix it, but I do not have a good solution.
Thanks,
Jia-Ju Bai
xd_set_unused_block
xd_build_l2p_tbl
vmalloc --> may sleep
This bug is found by my static analysis tool and my code review.
I hope to fix it, but I do not have a good solution.
Thanks,
Jia-Ju Bai
xd_set_unused_block
free_zone
vfree --> may sleep
This bug is found by my static analysis tool and my code review.
I hope to fix it, but I do not have a good solution.
Thanks,
Jia-Ju Bai
On 06/05/2017 07:48 PM, Trond Myklebust wrote:
On Mon, 2017-06-05 at 16:05 +0800, Jia-Ju Bai wrote:
The driver may sleep under a rcu read lock, and function call path
is:
nfs_permission (acquire the lock by rcu_read_lock)
nfs_do_access
nfs_access_add_cache
kmalloc(GFP_KERNEL
nter is used. So the lines of copy_from_user
and check of "qp->is_user" are removed.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
V5:
* Remove useless check of "qp->is_user".
Thank Leon for pointing it out.
V4:
* Remove the line of copy_from_user.
Thank Moni
On 06/05/2017 04:25 PM, Richard Weinberger wrote:
Jia-Ju Bai,
Am 05.06.2017 um 05:38 schrieb Jia-Ju Bai:
The driver may sleep under a spin lock, and the function call path is:
ubifs_change_lp (acquire the lock by spin_lock)
change_category
ubifs_remove_from_cat
On 06/05/2017 04:30 PM, Moni Shoua wrote:
- if (qp->is_user&& copy_from_user(p, (__user void *)
- (uintptr_t)sge->addr, sge->length))
+ spin_unlock_irqrestore(>sq.sq_lock, *flags);
+ err
On 06/05/2017 04:32 PM, Shan Hai wrote:
On 2017年06月05日 16:17, Jia-Ju Bai wrote:
The driver may sleep under a read rcu lock, and function call path is:
xfs_iget (acquire the lock by rcu_read_lock)
"goto out_error_or_again" after xfs_iget_cache_hit
nter is used. So, the line of copy_from_user
is removed.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
V4:
* Remove the line of copy_from_user.
V3:
* It corrects the mistakes of remaining legacy code in V2.
(Thank Ram for pointing it out)
V2:
* The parameter "flags" is added to
The memory is freed by
vfree through the temporary value outside the lock holding.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/media/pci/ivtv/ivtv-alsa-pcm.c |5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/media/pci/ivtv/ivtv-alsa-pcm.c
b/dr
qlcnic_pcie_sem_lock
usleep_range
To fix it, the usleep_range is replaced with udelay.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/qlogic/
ter "flags" is used to
restore and save the irq status.
Thank Leon for good advice.
This patch corrects the mistakes in V2. (Thank Ram for pointing it out)
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/infiniband/sw/rxe/rxe_verbs.c | 13 -
1 file changed,
The memory is freed by
vfree through the temporary value outside the lock holding.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/media/pci/cx18/cx18-alsa-pcm.c |5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/media/pci/cx18/cx18-alsa-pcm.c
b/dr
ter "flags" is used to
restore and save the irq status.
Thank Leon for good advice.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/infiniband/sw/rxe/rxe_verbs.c | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/drivers/infiniband/sw
my static analysis tool and my code review.
I hope to fix it, but I do not have a good solution.
Thanks,
Jia-Ju Bai
ion.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
sound/oss/sequencer.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/sound/oss/sequencer.c b/sound/oss/sequencer.c
index f19da4b..3d95d752 100644
--- a/sound/oss/sequencer.c
+++ b/sound/oss/sequencer.c
@@ -1211,7 +1211,9 @@ st
b43legacy_synth_pu_workaround
might_sleep and msleep --> may sleep
Fixing it may be complex, and a possible way is to remove
spin_lock_irqsave and spin_lock_irqrestore in
b43legacy_attr_interfmode_store, and the code has been protected by
mutex_lock and mutex_unlock.
Signed-off-by: Jia-Ju
(GFP_NOFS) --> may sleep
To fix it, "GFP_NOFS" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
fs/ubifs/lpt.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ubifs/lpt.c b/fs/ubifs/lpt.c
index 9a51710..4247934
kzalloc(GFP_NOFS) --> may sleep
To fix it, "GFP_NOFS" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
fs/ubifs/lpt.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ubifs/lpt.c b/fs/ubifs/lpt.c
ect
kmalloc(GFP_NOIO) --> may sleep
To fix it, "GFP_NOIO" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
fs/cachefiles/namei.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cachefiles/namei.c b/fs/
schedule_timeout --> may sleep
To fix it, "wait_timeout" is replaced with mdelay in xd_copy_page.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
V2:
* Add code explanation in this patch.
drivers/staging/rts5208/xd.c |2 +-
1 file changed, 1 insertion(+),
ter "flags" is used to
restore and save the irq status.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
V3:
* It corrects the mistakes of remaining legacy code in V2.
(Thank Ram for pointing it out)
V2:
* The parameter "flags" is added to restore and save the irq
ter "flags" is used to
restore and save the irq status.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
V3:
* It corrects the mistakes of remaining legacy code in V2.
(Thank Ram for pointing it out)
V2:
* The parameter "flags" is added to restore and save the irq
schedule_timeout --> may sleep
To fix it, "wait_timeout" is replaced with mdelay in xd_copy_page.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
V2:
* Add code explanation in this patch.
---
drivers/staging/rts5208/xd.c |2 +-
1 file changed, 1 insertion(+),
The driver may sleep under a rcu read lock, and function call path is:
nfs_permission (acquire the lock by rcu_read_lock)
nfs_do_access
nfs_access_add_cache
kmalloc(GFP_KERNEL) --> may sleep
To fix it, "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by
called twice in this situation.
To fix it, the lock is released before "goto".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
fs/xfs/xfs_icache.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/xfs/xfs_icache.c b/fs/xfs/xfs_icache.c
index f61c84f8..c2a4722 100
sd_ddr_pre_tuning_tx
sd_send_cmd_get_rsp
wait_timeout
schedule_timeout --> may sleep
To fix it, "wait_timeout" is replaced with mdelay in sd_send_cmd_get_rsp.
Signed-off-by: Jia-Ju Bai<baijiaju1...@163.com>
---
drivers/staging/rts5208/sd.
skb
tipc_node_xmit
tipc_sk_rcv
tipc_msg_reverse
pskb_expand_head(GFP_KERNEL) --> may sleep
To fix it, "GFP_KERNEL" is replaced with "GFP_ATOMIC".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
net/tipc/msg.c |2 +-
1 file changed, 1 inserti
a rcu read lock, instead in interrupt.
To fix it, only "GFP_ATOMIC" is used in cfpkt_create_pfx.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
net/caif/cfpkt_skbuff.c |6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/net/caif/cfpkt_skbuff.c b/net/ca
ock
netxen_pcie_sem_lock
msleep --> may sleep
To fix it, the "msleep" is replaced with "mdelay" in netxen_pcie_sem_lock.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/qlogic/netxen/netxen_nic_hw.c |2 +-
1 file changed, 1 inserti
;schedule" and "cpu_relax".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/scsi/qla4xxx/ql4_glbl.h |2 +-
drivers/scsi/qla4xxx/ql4_nx.c |8 +---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/qla4xxx/ql4_glbl.h b/drivers/
ion.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
sound/oss/sequencer.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/sound/oss/sequencer.c b/sound/oss/sequencer.c
index f19da4b..3d95d752 100644
--- a/sound/oss/sequencer.c
+++ b/sound/oss/sequencer.c
@@ -1211,7 +1211,9 @@ st
The driver may sleep under a spin lock, and the function call path is:
netxen_nic_pci_mem_access_direct (acquire the lock by spin_lock)
ioremap --> may sleep
To fix it, the lock is released before "ioremap", and the lock is
acquired again after this function.
Signed-off-b
qed_ptt_acquire
usleep_range --> may sleep
To fix it, the "usleep_range" is replaced with "udelay".
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/ethernet/qlogic/qed/qed_hw.c |2 +-
1 file changed, 1 insertion(
iew.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rtl8188eu/core/rtw_cmd.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8188eu/core/rtw_cmd.c
b/drivers/staging/rtl8188eu/core/rtw_cmd.c
index 9461bce..430b8eb 100644
---
off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rtl8188eu/core/rtw_cmd.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8188eu/core/rtw_cmd.c
b/drivers/staging/rtl8188eu/core/rtw_cmd.c
index 9461bce..65083a7 100644
--- a/driver
off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rtl8188eu/core/rtw_pwrctrl.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8188eu/core/rtw_pwrctrl.c
b/drivers/staging/rtl8188eu/core/rtw_pwrctrl.c
index f86c9ce..2913661 100644
---
p_parking
arcmsr_stop_adapter_bgrb
arcmsr_hbaD_stop_bgrb
arcmsr_hbaD_wait_msgint_ready
msleep --> may sleep
To fix them, msleep is replaced with mdelay.
These bugs are found by my static analysis tool and my code review.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.co
No rcu_read_lock is called, but rcu_read_unlock is still called.
Thus rcu_read_unlock should be removed.
Signed-off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/net/wireless/ath/wcn36xx/main.c |1 -
1 file changed, 1 deletion(-)
diff --git a/drivers/net/wireless/ath/wcn36xx/mai
rs/pci/pci.c.
These bugs are found by my static analysis tool and my code review.
Thanks,
Jia-Ju Bai
CC to mailing list.
On 2017/10/8 20:13, Jia-Ju Bai wrote:
The driver may sleep under a spinlock when calling the function
"ips_leave", which causes some possible sleep-in-atomic bugs.
Here are several examples:
rtw_set_802_11_disassociate (acquire the spinlock)
_rtw_pwr_wakeup
off-by: Jia-Ju Bai <baijiaju1...@163.com>
---
drivers/staging/rtl8188eu/core/rtw_cmd.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8188eu/core/rtw_cmd.c
b/drivers/staging/rtl8188eu/core/rtw_cmd.c
index 9461bce..65083a7 100644
--- a/driver
Jia-Ju Bai
y code review.
Thanks,
Jia-Ju Bai
Thanks for your reply.
I agree that extra allocation in match_number() and match_u64int() may
be unnecessary.
Thanks,
Jia-Ju Bai
On 2017/10/7 9:37, Linus Torvalds wrote:
On Fri, Oct 6, 2017 at 6:20 PM, Jia-Ju Bai <baijiaju1...@163.com> wrote:
To fix it, GFP_KERNEL is re
1 - 100 of 1251 matches
Mail list logo
