| Message ID | 20200107131559.17772-1-beniamin.bia@analog.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | iio: frequency: adf4371: Fix divide by zero exception bug | expand |
On Tue, 7 Jan 2020 15:15:59 +0200 Beniamin Bia <beniamin.bia@analog.com> wrote: > From: Michael Hennerich <michael.hennerich@analog.com> > > During initialization adf4371_pll_fract_n_get_rate() is called on all > output channels to determine if the device was setup. In this case > mod2 is zero which can cause a divide by zero exception. > Return before that can happen. I'm confused by this description vs the code. As far as I can see fract_n_get_rate is only called on a sysfs read of the frequency. mod2 is set when fract_n_compute is called in the relevant set_freq calls. This seems to occur on a sysfs set frequency call. So the issue here is that a sysfs read before a write of the frequency will cause a div zero? If so, is there a sane set of initial values we can put in mod2 and friends before exposing them via the device register? If mod2==0 is a valid value and indicates for example that the channel is turned off, then the description should make that clear. Jonathan > > Fixes: 7f699bd149134 ("iio: frequency: adf4371: Add support for ADF4371 PLL") > Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> > Signed-off-by: Beniamin Bia <beniamin.bia@analog.com> > --- > drivers/iio/frequency/adf4371.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/iio/frequency/adf4371.c b/drivers/iio/frequency/adf4371.c > index e2a599b912e5..c21462238314 100644 > --- a/drivers/iio/frequency/adf4371.c > +++ b/drivers/iio/frequency/adf4371.c > @@ -191,6 +191,9 @@ static unsigned long long adf4371_pll_fract_n_get_rate(struct adf4371_state *st, > unsigned long long val, tmp; > unsigned int ref_div_sel; > > + if (st->mod2 == 0) > + return 0; > + > val = (((u64)st->integer * ADF4371_MODULUS1) + st->fract1) * st->fpfd; > tmp = (u64)st->fract2 * st->fpfd; > do_div(tmp, st->mod2);
> -----Original Message----- > From: Jonathan Cameron <jic23@kernel.org> > Sent: Samstag, 11. Januar 2020 12:09 > To: Bia, Beniamin <Beniamin.Bia@analog.com> > Cc: lars@metafoo.de; Hennerich, Michael <Michael.Hennerich@analog.com>; > pmeerw@pmeerw.net; linux-iio@vger.kernel.org; linux- > kernel@vger.kernel.org; biabeniamin@outlook.com; knaack.h@gmx.de > Subject: Re: [PATCH] iio: frequency: adf4371: Fix divide by zero exception bug > > On Tue, 7 Jan 2020 15:15:59 +0200 > Beniamin Bia <beniamin.bia@analog.com> wrote: > > > From: Michael Hennerich <michael.hennerich@analog.com> > > > > During initialization adf4371_pll_fract_n_get_rate() is called on all > > output channels to determine if the device was setup. In this case > > mod2 is zero which can cause a divide by zero exception. > > Return before that can happen. > I'm confused by this description vs the code. > > As far as I can see fract_n_get_rate is only called on a sysfs read of the > frequency. That's not the case. The failure mechanism comes via adf4371_channel_config(). It calls adf4371_pll_fract_n_get_rate() prior adf4371_set_freq() which initializes st->mod2 via adf4371_pll_fract_n_compute(). This only happens the first time during probe and setup. So the solution was to return 0 if st->mod2 == 0. -Michael > > mod2 is set when fract_n_compute is called in the relevant set_freq calls. > This seems to occur on a sysfs set frequency call. > > So the issue here is that a sysfs read before a write of the frequency will cause a > div zero? If so, is there a sane set of initial values we can put in mod2 and > friends before exposing them via the device register? > > If mod2==0 is a valid value and indicates for example that the channel is turned > off, then the description should make that clear. > > Jonathan > > > > > Fixes: 7f699bd149134 ("iio: frequency: adf4371: Add support for > > ADF4371 PLL") > > Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> > > Signed-off-by: Beniamin Bia <beniamin.bia@analog.com> > > --- > > drivers/iio/frequency/adf4371.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/drivers/iio/frequency/adf4371.c > > b/drivers/iio/frequency/adf4371.c index e2a599b912e5..c21462238314 > > 100644 > > --- a/drivers/iio/frequency/adf4371.c > > +++ b/drivers/iio/frequency/adf4371.c > > @@ -191,6 +191,9 @@ static unsigned long long > adf4371_pll_fract_n_get_rate(struct adf4371_state *st, > > unsigned long long val, tmp; > > unsigned int ref_div_sel; > > > > + if (st->mod2 == 0) > > + return 0; > > + > > val = (((u64)st->integer * ADF4371_MODULUS1) + st->fract1) * st- > >fpfd; > > tmp = (u64)st->fract2 * st->fpfd; > > do_div(tmp, st->mod2);
On Tue, 14 Jan 2020 16:19:28 +0000 "Hennerich, Michael" <Michael.Hennerich@analog.com> wrote: > > -----Original Message----- > > From: Jonathan Cameron <jic23@kernel.org> > > Sent: Samstag, 11. Januar 2020 12:09 > > To: Bia, Beniamin <Beniamin.Bia@analog.com> > > Cc: lars@metafoo.de; Hennerich, Michael <Michael.Hennerich@analog.com>; > > pmeerw@pmeerw.net; linux-iio@vger.kernel.org; linux- > > kernel@vger.kernel.org; biabeniamin@outlook.com; knaack.h@gmx.de > > Subject: Re: [PATCH] iio: frequency: adf4371: Fix divide by zero exception bug > > > > On Tue, 7 Jan 2020 15:15:59 +0200 > > Beniamin Bia <beniamin.bia@analog.com> wrote: > > > > > From: Michael Hennerich <michael.hennerich@analog.com> > > > > > > During initialization adf4371_pll_fract_n_get_rate() is called on all > > > output channels to determine if the device was setup. In this case > > > mod2 is zero which can cause a divide by zero exception. > > > Return before that can happen. > > I'm confused by this description vs the code. > > > > As far as I can see fract_n_get_rate is only called on a sysfs read of the > > frequency. > > That's not the case. The failure mechanism comes via adf4371_channel_config(). > It calls adf4371_pll_fract_n_get_rate() prior adf4371_set_freq() which initializes > st->mod2 via adf4371_pll_fract_n_compute(). This only happens the first time > during probe and setup. So the solution was to return 0 if st->mod2 == 0. Not in mainline it doesn't. I took a look at the ADI git hub and I see it does there. I think we are missing a precursor patch. Probably this one from blame... https://github.com/analogdevicesinc/linux/commit/c8e6b341abf749f78e00326cb92b365d90d9de1f Jonathan > > -Michael > > > > > mod2 is set when fract_n_compute is called in the relevant set_freq calls. > > This seems to occur on a sysfs set frequency call. > > > > So the issue here is that a sysfs read before a write of the frequency will cause a > > div zero? If so, is there a sane set of initial values we can put in mod2 and > > friends before exposing them via the device register? > > > > If mod2==0 is a valid value and indicates for example that the channel is turned > > off, then the description should make that clear. > > > > Jonathan > > > > > > > > Fixes: 7f699bd149134 ("iio: frequency: adf4371: Add support for > > > ADF4371 PLL") > > > Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> > > > Signed-off-by: Beniamin Bia <beniamin.bia@analog.com> > > > --- > > > drivers/iio/frequency/adf4371.c | 3 +++ > > > 1 file changed, 3 insertions(+) > > > > > > diff --git a/drivers/iio/frequency/adf4371.c > > > b/drivers/iio/frequency/adf4371.c index e2a599b912e5..c21462238314 > > > 100644 > > > --- a/drivers/iio/frequency/adf4371.c > > > +++ b/drivers/iio/frequency/adf4371.c > > > @@ -191,6 +191,9 @@ static unsigned long long > > adf4371_pll_fract_n_get_rate(struct adf4371_state *st, > > > unsigned long long val, tmp; > > > unsigned int ref_div_sel; > > > > > > + if (st->mod2 == 0) > > > + return 0; > > > + > > > val = (((u64)st->integer * ADF4371_MODULUS1) + st->fract1) * st- > > >fpfd; > > > tmp = (u64)st->fract2 * st->fpfd; > > > do_div(tmp, st->mod2); >
diff --git a/drivers/iio/frequency/adf4371.c b/drivers/iio/frequency/adf4371.c index e2a599b912e5..c21462238314 100644 --- a/drivers/iio/frequency/adf4371.c +++ b/drivers/iio/frequency/adf4371.c @@ -191,6 +191,9 @@ static unsigned long long adf4371_pll_fract_n_get_rate(struct adf4371_state *st, unsigned long long val, tmp; unsigned int ref_div_sel; + if (st->mod2 == 0) + return 0; + val = (((u64)st->integer * ADF4371_MODULUS1) + st->fract1) * st->fpfd; tmp = (u64)st->fract2 * st->fpfd; do_div(tmp, st->mod2);