Re: [PATCH] rts5208: Fix a sleep-in-atomic bug in rtsx_exclusive_enter_ss

2017-06-04 Thread Jia-Ju Bai 

On 06/03/2017 04:52 PM, Greg KH wrote:

On Thu, Jun 01, 2017 at 11:43:35AM +0800, Jia-Ju Bai wrote:

The driver may sleep under a spin lock, and the function call path is:
rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
   rtsx_enter_ss
 rtsx_power_off_card
   sd_cleanup_work
 sd_stop_seq_mode
   sd_switch_clock
 sd_ddr_tuning
   sd_ddr_pre_tuning_tx
 sd_change_phase
   wait_timeout
 schedule_timeout -->  may sleep

To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.

Nice work, how are you finding these bugs?  What tools gives you this
kind of analysis?

thanks,

greg k-h

Hi,

I am very glad to get your praise on my work :)
I recently write a static analysis tool for detecting sleep-in-atomic 
bugs, instead of using existing tools. One reason is that I have 
encountered these bugs for some times when I writing drivers.
I am still improving my tool and detecting other similar bugs in Linux 
kernel. If you have suggestions or comments on my work, please feel free 
to contact me :)


Thanks,
Jia-Ju Bai

Re: [PATCH] rts5208: Fix a sleep-in-atomic bug in rtsx_exclusive_enter_ss

2017-06-04 Thread Jia-Ju Bai 

On 06/03/2017 04:52 PM, Greg KH wrote:

On Thu, Jun 01, 2017 at 11:43:35AM +0800, Jia-Ju Bai wrote:

The driver may sleep under a spin lock, and the function call path is:
rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
   rtsx_enter_ss
 rtsx_power_off_card
   sd_cleanup_work
 sd_stop_seq_mode
   sd_switch_clock
 sd_ddr_tuning
   sd_ddr_pre_tuning_tx
 sd_change_phase
   wait_timeout
 schedule_timeout -->  may sleep

To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.

Nice work, how are you finding these bugs?  What tools gives you this
kind of analysis?

thanks,

greg k-h

Hi,

I am very glad to get your praise on my work :)
I recently write a static analysis tool for detecting sleep-in-atomic 
bugs, instead of using existing tools. One reason is that I have 
encountered these bugs for some times when I writing drivers.
I am still improving my tool and detecting other similar bugs in Linux 
kernel. If you have suggestions or comments on my work, please feel free 
to contact me :)


Thanks,
Jia-Ju Bai

Re: [PATCH] rts5208: Fix a sleep-in-atomic bug in rtsx_exclusive_enter_ss

2017-06-03 Thread Greg KH 
On Thu, Jun 01, 2017 at 11:43:35AM +0800, Jia-Ju Bai wrote:
> The driver may sleep under a spin lock, and the function call path is:
> rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
>   rtsx_enter_ss
> rtsx_power_off_card
>   sd_cleanup_work
> sd_stop_seq_mode
>   sd_switch_clock
> sd_ddr_tuning
>   sd_ddr_pre_tuning_tx
> sd_change_phase
>   wait_timeout
> schedule_timeout --> may sleep
> 
> To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.

Nice work, how are you finding these bugs?  What tools gives you this
kind of analysis?

thanks,

greg k-h

Re: [PATCH] rts5208: Fix a sleep-in-atomic bug in rtsx_exclusive_enter_ss

2017-06-03 Thread Greg KH 
On Thu, Jun 01, 2017 at 11:43:35AM +0800, Jia-Ju Bai wrote:
> The driver may sleep under a spin lock, and the function call path is:
> rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
>   rtsx_enter_ss
> rtsx_power_off_card
>   sd_cleanup_work
> sd_stop_seq_mode
>   sd_switch_clock
> sd_ddr_tuning
>   sd_ddr_pre_tuning_tx
> sd_change_phase
>   wait_timeout
> schedule_timeout --> may sleep
> 
> To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.

Nice work, how are you finding these bugs?  What tools gives you this
kind of analysis?

thanks,

greg k-h

[PATCH] rts5208: Fix a sleep-in-atomic bug in rtsx_exclusive_enter_ss

2017-05-31 Thread Jia-Ju Bai 
The driver may sleep under a spin lock, and the function call path is:
rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
  rtsx_enter_ss
rtsx_power_off_card
  sd_cleanup_work
sd_stop_seq_mode
  sd_switch_clock
sd_ddr_tuning
  sd_ddr_pre_tuning_tx
sd_change_phase
  wait_timeout
schedule_timeout --> may sleep

To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.

Signed-off-by: Jia-Ju Bai 
---
 drivers/staging/rts5208/sd.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/rts5208/sd.c b/drivers/staging/rts5208/sd.c
index bdd35b6..76bd105 100644
--- a/drivers/staging/rts5208/sd.c
+++ b/drivers/staging/rts5208/sd.c
@@ -1057,7 +1057,7 @@ static int sd_change_phase(struct rtsx_chip *chip, u8 
sample_point, u8 tune_dir)
 
rtsx_write_register(chip, SD_DCMPS_CTL, DCMPS_CHANGE, 0);
rtsx_write_register(chip, SD_VP_CTL, PHASE_CHANGE, 0);
-   wait_timeout(10);
+   mdelay(10);
sd_reset_dcm(chip, tune_dir);
return STATUS_FAIL;
 }
-- 
1.7.9.5

[PATCH] rts5208: Fix a sleep-in-atomic bug in rtsx_exclusive_enter_ss

2017-05-31 Thread Jia-Ju Bai 
The driver may sleep under a spin lock, and the function call path is:
rtsx_exclusive_enter_ss (acquire the lock by spin_lock)
  rtsx_enter_ss
rtsx_power_off_card
  sd_cleanup_work
sd_stop_seq_mode
  sd_switch_clock
sd_ddr_tuning
  sd_ddr_pre_tuning_tx
sd_change_phase
  wait_timeout
schedule_timeout --> may sleep

To fix it, "wait_timeout" is replaced with mdelay in sd_change_phase.

Signed-off-by: Jia-Ju Bai 
---
 drivers/staging/rts5208/sd.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/rts5208/sd.c b/drivers/staging/rts5208/sd.c
index bdd35b6..76bd105 100644
--- a/drivers/staging/rts5208/sd.c
+++ b/drivers/staging/rts5208/sd.c
@@ -1057,7 +1057,7 @@ static int sd_change_phase(struct rtsx_chip *chip, u8 
sample_point, u8 tune_dir)
 
rtsx_write_register(chip, SD_DCMPS_CTL, DCMPS_CHANGE, 0);
rtsx_write_register(chip, SD_VP_CTL, PHASE_CHANGE, 0);
-   wait_timeout(10);
+   mdelay(10);
sd_reset_dcm(chip, tune_dir);
return STATUS_FAIL;
 }
-- 
1.7.9.5