From patchwork Tue Dec 12 08:24:33 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jia-Ju Bai X-Patchwork-Id: 10106463 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 14842602C2 for ; Tue, 12 Dec 2017 08:22:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EAAA529B04 for ; Tue, 12 Dec 2017 08:22:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DF2FE29B07; Tue, 12 Dec 2017 08:22:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8202C29B04 for ; Tue, 12 Dec 2017 08:22:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751234AbdLLIW3 (ORCPT ); Tue, 12 Dec 2017 03:22:29 -0500 Received: from m12-11.163.com ([220.181.12.11]:38833 "EHLO m12-11.163.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750715AbdLLIW3 (ORCPT ); Tue, 12 Dec 2017 03:22:29 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=From:Subject:Date:Message-Id; bh=B23SGyGP7EIkL663tD 6XGPxJrJpd1XSUTYmKxV4zBuM=; b=fVYNQJ4M+BBkrj6XSnJZV1TiUzAmKkJ5o+ xAX95pHSMniL+cNYXV7LtVAR/xv81ErSHbawWUDVori5HuM9j+1BV7hDd4kZVWs3 zKq+m7ikpu5H/jz6wBdYK7eY29ulKswFrINfnmxosuU1byNwbdjd4b/H9ptt8HRT CMt9xa9gA= Received: from bai-oslab.tsinghua.edu.cn (unknown [166.111.70.15]) by smtp7 (Coremail) with SMTP id C8CowADHgTyykS9aSkSsBg--.5788S2; Tue, 12 Dec 2017 16:22:13 +0800 (CST) From: Jia-Ju Bai To: linuxdrivers@attotech.com, jejb@linux.vnet.ibm.com, martin.petersen@oracle.com Cc: linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org, Jia-Ju Bai Subject: [PATCH] esas2r: Fix a possible sleep-in-atomic bug in esas2r_flash_access Date: Tue, 12 Dec 2017 16:24:33 +0800 Message-Id: <1513067073-22976-1-git-send-email-baijiaju1990@163.com> X-Mailer: git-send-email 1.7.9.5 X-CM-TRANSID: C8CowADHgTyykS9aSkSsBg--.5788S2 X-Coremail-Antispam: 1Uf129KBjvdXoW7Jry7KrWfGryrXFy7AFWDurg_yoWkAFg_WF Wxtr13Cr47CFsrtr1IyrWfAFZFkF48urn0kw1SgaySy3s5CF1ruFykXFnrZa1kWw13Jr93 C3s0qry09r1jkjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUvcSsGvfC2KfnxnUUI43ZEXa7IUbl1vDUUUUU== X-Originating-IP: [166.111.70.15] X-CM-SenderInfo: xedlyx5dmximizq6il2tof0z/1tbiYxaselaDwGQBxAAAsX Sender: linux-scsi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The driver may sleep in the interrupt handler. The function call path is: esas2r_adapter_tasklet (interrupt handler) esas2r_do_tasklet_tasks esas2r_handle_chip_rst_during_tasklet esas2r_init_adapter_hw esas2r_nvram_read_direct esas2r_read_flash_block esas2r_flash_access schedule_timeout_interruptible --> may sleep To fix it, schedule_timeout_uninterruptible is replaced with mdelay. This bug is found by my static analysis tool(DSAC) and checked by my code review. Signed-off-by: Jia-Ju Bai --- drivers/scsi/esas2r/esas2r_flash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/esas2r/esas2r_flash.c b/drivers/scsi/esas2r/esas2r_flash.c index 7bd376d..9b3da4c 100644 --- a/drivers/scsi/esas2r/esas2r_flash.c +++ b/drivers/scsi/esas2r/esas2r_flash.c @@ -965,7 +965,7 @@ static bool esas2r_flash_access(struct esas2r_adapter *a, u32 function) break; } - schedule_timeout_interruptible(msecs_to_jiffies(100)); + mdelay(100); if ((jiffies_to_msecs(jiffies) - starttime) > timeout) { /*