On 2021/3/10 17:24, Roi Dayan wrote:
On 2021-03-08 5:11 AM, Jia-Ju Bai wrote:
When slave is NULL or slave_ops->ndo_neigh_setup is NULL, no error
return code of bond_neigh_init() is assigned.
To fix this bug, ret is assigned with -EINVAL in these cases.
Fixes: 9e99bfefdbce ("bond
On 2021/3/9 19:01, Florian Westphal wrote:
Jia-Ju Bai wrote:
When find_table_lock() returns NULL to t, no error return code of
do_update_counters() is assigned.
Its -ENOENT.
t = find_table_lock(net, name, &ret, &ebt_mutex);
^
On 2021/3/9 16:47, Heiner Kallweit wrote:
On 09.03.2021 09:33, Jia-Ju Bai wrote:
When kcalloc() returns NULL to nl_table, no error return code of
netlink_proto_init() is assigned.
To fix this bug, err is assigned with -ENOMEM in this case.
Didn't we talk enough about your incorrect pa
When kcalloc() returns NULL to nl_table, no error return code of
netlink_proto_init() is assigned.
To fix this bug, err is assigned with -ENOMEM in this case.
Fixes: fab2caf62ed0 ("[NETLINK]: Call panic if nl_table allocation fails")
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
On 2021/3/9 16:24, Roi Dayan wrote:
On 2021-03-09 10:20 AM, Roi Dayan wrote:
On 2021-03-06 3:47 PM, Jia-Ju Bai wrote:
When mlx5e_tc_get_counter() returns NULL to counter or
mlx5_devcom_get_peer_data() returns NULL to peer_esw, no error return
code of mlx5e_stats_flower() is assigned.
To
When find_table_lock() returns NULL to t, no error return code of
do_update_counters() is assigned.
To fix this bug, ret is assigned with -ENOENT in this case.
Fixes: 49facff9f925 ("netfilter: ebtables: split update_counters into two
functions")
Reported-by: TOTE Robot
Signed-off-by:
On 2021/3/8 21:33, Heiner Kallweit wrote:
On 08.03.2021 13:18, Jia-Ju Bai wrote:
On 2021/3/8 18:19, Heiner Kallweit wrote:
On 08.03.2021 10:31, Jia-Ju Bai wrote:
When sock_alloc_send_skb() returns NULL to skb, no error return code of
dgram_sendmsg() is assigned.
To fix this bug, err is
On 2021/3/8 18:19, Heiner Kallweit wrote:
On 08.03.2021 10:31, Jia-Ju Bai wrote:
When sock_alloc_send_skb() returns NULL to skb, no error return code of
dgram_sendmsg() is assigned.
To fix this bug, err is assigned with -ENOMEM in this case.
Please stop sending such nonsense. Basically all
When sock_alloc_send_skb() returns NULL to skb, no error return code of
dgram_sendmsg() is assigned.
To fix this bug, err is assigned with -ENOMEM in this case.
Fixes: 78f821b64826 ("ieee802154: socket: put handling into one file")
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
When sock_alloc_send_skb() returns NULL to skb, no error return code of
raw_sendmsg() is assigned.
To fix this bug, err is assigned with -ENOMEM in this case.
Fixes: 78f821b64826 ("ieee802154: socket: put handling into one file")
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
When sock_alloc_send_skb() returns NULL to skb, no error return code of
qrtr_sendmsg() is assigned.
To fix this bug, rc is assigned with -ENOMEM in this case.
Fixes: 194ccc88297a ("net: qrtr: Support decoding incoming v2 packets")
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
When slave is NULL or slave_ops->ndo_neigh_setup is NULL, no error
return code of bond_neigh_init() is assigned.
To fix this bug, ret is assigned with -EINVAL in these cases.
Fixes: 9e99bfefdbce ("bonding: fix bond_neigh_init()")
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
be false positives...
Best wishes,
Jia-Ju Bai
On 2021/3/7 17:18, Leon Romanovsky wrote:
On Sun, Mar 07, 2021 at 01:07:57AM -0800, Jia-Ju Bai wrote:
When hif_scatter_req_get() returns NULL to scat_req, no error return
code of ath6kl_htc_rx_bundle() is assigned.
To fix this bug, status is
When priv->rx_skbuff or priv->tx_skbuff is NULL, no error return code of
uhdlc_init() is assigned.
To fix this bug, ret is assigned with -ENOMEM in these cases.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/wan/fsl_ucc_hdlc.c | 8 ++--
1 file changed, 6 insertions
When hif_scatter_req_get() returns NULL to scat_req, no error return
code of ath6kl_htc_rx_bundle() is assigned.
To fix this bug, status is assigned with -EINVAL in this case.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/ath/ath6kl/htc_mbox.c | 4 +++-
1 file
When hns_assemble_skb() returns NULL to skb, no error return code of
hns_nic_clear_all_rx_fetch() is assigned.
To fix this bug, ret is assigned with -ENOMEM in this case.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/hisilicon/hns/hns_enet.c | 4 +++-
1 file
When kmemdup() returns NULL to ta_firmware, no error return code of
rsi_load_9116_firmware() is assigned.
To fix this bug, status is assigned with -ENOMEM in this case.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/rsi/rsi_91x_hal.c | 4 +++-
1 file changed, 3
When ieee80211_pspoll_get() returns NULL to skb, no error return code of
wl1271_cmd_build_ps_poll() is assigned.
To fix this bug, ret is assigned with -ENOMEM in this case.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/ti/wlcore/cmd.c | 4 +++-
1 file changed, 3
When wl is NULL, no error return code of wl1271_suspend() is assigned.
To fix this bug, ret is assigned with -EINVAL in this case.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/ti/wlcore/sdio.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/net
When fib_entry is NULL, no error return code of
mlxsw_sp_router_nve_promote_decap() is assigned.
To fix this bug, err is assigned with -EINVAL in this case.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 4 +++-
1 file changed, 3
When mlx5e_tc_get_counter() returns NULL to counter or
mlx5_devcom_get_peer_data() returns NULL to peer_esw, no error return
code of mlx5e_stats_flower() is assigned.
To fix this bug, err is assigned with -EINVAL in these cases.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers
When the list of head is empty, no error return code of
smc_diag_dump_proto() is assigned.
To fix this bug, rc is assigned with -ENOENT as error return code.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
net/smc/smc_diag.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff
Robot
Signed-off-by: Jia-Ju Bai
---
net/xdp/xsk.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/net/xdp/xsk.c b/net/xdp/xsk.c
index 4faabd1ecfd1..f1c1db07dd07 100644
--- a/net/xdp/xsk.c
+++ b/net/xdp/xsk.c
@@ -484,8 +484,14 @@ static int xsk_generic_xmit(struct sock
When check_fwfile_format() fails, no error return code of
if_usb_prog_firmware() is assigned.
To fix this bug, ret is assigned with -EINVAL as error return code.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/marvell/libertas_tf/if_usb.c | 4 +++-
1 file changed, 3
When iavf_process_config() fails, no error return code of
iavf_init_get_resources() is assigned.
To fix this bug, err is assigned with the return value of
iavf_process_config(), and then err is checked.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/intel/iavf
When bdx_read_mac() fails, no error return code of bdx_probe()
is assigned.
To fix this bug, err is assigned with -EFAULT as error return code.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/tehuti/tehuti.c | 1 +
1 file changed, 1 insertion(+)
diff --git a
When mlx5_is_fpga_lookaside() returns a non-zero value, no error
return code is assigned.
To fix this bug, err is assigned with -EINVAL as error return code.
Reported-by: TOTE Robot
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/mellanox/mlx5/core/fpga/core.c | 4 +++-
1 file changed, 3
Thanks for the advice.
I have added the description of the changes and resent the patches.
Best wishes,
Jia-Ju Bai
On 2020/11/19 1:20, Larry Finger wrote:
On 11/17/20 7:53 PM, Jia-Ju Bai wrote:
In rtl88ee_tx_fill_cmddesc(), skb->data is mapped to streaming DMA on
line 677:
dma_add
rol is accessed on line 670:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
v2:
* Use "rtlwifi" as subject prefix and
rol is accessed on line 534:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
v2:
* Use "rtlwifi" as subject prefix and
rame_control is accessed on line 535:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
v2:
* Use "rtlwifi" as subject prefix and
rol is accessed on line 681:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
v2:
* Use "rtlwifi" as subject prefix and
rame_control is accessed on line 535:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8723ae/trx
On 2020/11/7 19:44, Kalle Valo wrote:
Jia-Ju Bai wrote:
In rtl92ce_tx_fill_cmddesc(), skb->data is mapped to streaming DMA on
line 530:
dma_addr_t mapping = dma_map_single(..., skb->data, ...);
On line 533, skb->data is assigned to hdr after cast:
struct ieee80211_hdr *hdr
rol is accessed on line 670:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8192de/trx
rol is accessed on line 534:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8192ce/trx
rol is accessed on line 681:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8188ee/trx
rol is accessed on line 681:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8188ee/trx
rame_control is accessed on line 535:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8723ae/trx
rol is accessed on line 670:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8192de/trx
rol is accessed on line 534:
__le16 fc = hdr->frame_control;
This DMA access may cause data inconsistency between CPU and hardwre.
To fix this bug, hdr->frame_control is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/rtl8192ce/trx
and 541:
hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
hdr->seq_ctrl |= cpu_to_le16(priv->seqno);
These DMA accesses may cause data inconsistency between CPU and hardwre.
To fix this problem, hdr->seq_ctrl is accessed before the DMA mapping.
Signed-off-by: Jia-Ju Bai
--
On 2020/8/4 6:59, David Miller wrote:
From: Jia-Ju Bai
Date: Sun, 2 Aug 2020 21:11:07 +0800
In vmxnet3_probe_device(), "adapter" is mapped to streaming DMA:
adapter->adapter_pa = dma_map_single(..., adapter, ...);
Then "adapter" is accessed at many places in
p" can be
modified to cause buffer overflow when the driver accesses
"vfdi_ops[req->op]".
To fix this problem, "req->op" is assigned to a local variable, and then
the driver accesses this variable instead of "req->op".
Signed-off-by: Jia-Ju Bai
---
dri
to properly fix this problem, and thus I only report it.
Best wishes,
Jia-Ju Bai
hardware.
To fix this problem, ((struct p54_hdr *)skb->data)->req_id is stored in
a local variable before DMA mapping, and then the driver accesses this
local variable instead of skb->data.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/intersil/p54/p54pci.c | 4 +++-
1 file
e.
To fix this problem, dma_map_single() is called after these accesses.
Signed-off-by: Jia-Ju Bai
---
drivers/net/vmxnet3/vmxnet3_drv.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/net/vmxnet3/vmxnet3_drv.c
b/drivers/net/vmxnet3/vmxnet3_drv.c
index ca3
s problem, the calculation result of skb->data is stored in a
local variable before DMA mapping, and then the driver accesses this
local variable instead of skb->data.
Signed-off-by: Jia-Ju Bai
---
drivers/atm/idt77252.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --
skb->data[3] is assigned to a local variable before
DMA mapping, and then the driver accesses this local variable instead of
skb->data[3].
Signed-off-by: Jia-Ju Bai
---
drivers/atm/eni.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/atm/eni.c b/drivers/atm/en
0);
The array "skb->data" is mapped to streaming DMA, but its elements are
used before this array is unmapped.
Because I am not familiar with streaming DMA mapping, I wonder whether
these violations are real?
If they are real, what problems can they cause?
Thanks a lot :)
Best wishes,
Jia-Ju Bai
executed.
To fix this possible bug, n is checked after being used.
Signed-off-by: Jia-Ju Bai
---
drivers/net/vmxnet3/vmxnet3_ethtool.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/vmxnet3/vmxnet3_ethtool.c
b/drivers/net/vmxnet3/vmxnet3_ethtool.c
index 6528940ce5f3..b53bb8bcd47
tatic-analysis tool and code review.
I am not sure whether my opinion is correct, so I want to listen to your
points of view.
Thanks in advance :)
Best wishes,
Jia-Ju Bai
On 2019/5/15 9:08, Larry Finger wrote:
On 5/14/19 8:07 AM, Jia-Ju Bai wrote:
In rtl_pci_probe(), when request_irq() in rtl_pci_intr_mode_legacy()
in rtl_pci_intr_mode_decide() fails, a crash occurs.
The crash information is as follows:
[ 108.271155] kasan: CONFIG_KASAN_INLINE enabled
somebody give an explanation about this crash?
This crash is triggered by a runtime fuzzing tool named FIZZER written
by us.
Best wishes,
Jia-Ju Bai
report the bugs.
These bugs are found by a runtime fuzzing tool named FIZZER written by us.
Best wishes,
Jia-Ju Bai
eason of the above bug.
To fix this bug, the initialization of lists in rtl_init_core() are
performed before the call to rtl_regd_init().
These bugs are found by a runtime fuzzing tool named FIZZER written by
us.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/realtek/rtlwifi/base.c | 15 +
lock() and
spin_unlock().
Best wishes,
Jia-Ju Bai
way may be to replace up() and down()
with spin_lock() and spin_unlock().
Best wishes,
Jia-Ju Bai
way may be to replace up() and down()
with spin_lock() and spin_unlock().
Best wishes,
Jia-Ju Bai
On 2019/1/9 11:24, Yanjun Zhu wrote:
If you have forcedeth NIC, you can make tests with it.:-)
Ah, I would like to, but I do not have the hardware...
Best wishes,
Jia-Ju Bai
On 2019/1/9 10:35, Yanjun Zhu wrote:
On 2019/1/9 10:03, Jia-Ju Bai wrote:
On 2019/1/9 9:24, Yanjun Zhu wrote:
On 2019/1/8 20:57, Jia-Ju Bai wrote:
On 2019/1/8 20:54, Zhu Yanjun wrote:
在 2019/1/8 20:45, Jia-Ju Bai 写道:
In drivers/net/ethernet/nvidia/forcedeth.c, the functions
On 2019/1/9 9:24, Yanjun Zhu wrote:
On 2019/1/8 20:57, Jia-Ju Bai wrote:
On 2019/1/8 20:54, Zhu Yanjun wrote:
在 2019/1/8 20:45, Jia-Ju Bai 写道:
In drivers/net/ethernet/nvidia/forcedeth.c, the functions
nv_start_xmit() and nv_start_xmit_optimized() can be concurrently
executed with
ol written by myself and
my manual code review.
To fix these possible bugs, the mutex lock "modem_info_mutex" used in
isdn_tty_tiocmset() is added in isdn_tty_set_termios().
Signed-off-by: Jia-Ju Bai
---
drivers/isdn/i4l/isdn_tty.c | 6 +-
1 file changed, 5 insertions(+), 1 dele
On 2019/1/8 20:54, Zhu Yanjun wrote:
在 2019/1/8 20:45, Jia-Ju Bai 写道:
In drivers/net/ethernet/nvidia/forcedeth.c, the functions
nv_start_xmit() and nv_start_xmit_optimized() can be concurrently
executed with nv_poll_controller().
nv_start_xmit
line 2321: prev_tx_ctx->skb =
ock_irqsave() in
nv_start_xmit() and nv_start_xmit_optimized() are moved to the
front of "prev_tx_ctx->skb = skb;"
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/nvidia/forcedeth.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/net/ethernet/nvid
ne 691: proto->prepare_tx(..., skb->len, ...)
Thus, a possible concurrency use-after-free bugs may occur.
To fix this bug, the calls to spin_lock_irqsave() and
spin_unlock_irqrestore() are added in arcnet_reply_tasklet() to protect
dev_kfree_skb(lp->outgoing.skb).
Signed-off-by: Jia-Ju Bai
ossible fixing way is to use a lock to protect these accesses.
I am not sure about this way, so I only report the bugs.
Best wishes,
Jia-Ju Bai
ne 691: proto->prepare_tx(..., skb->len, ...)
Thus, a possible concurrency use-after-free bugs may occur.
To fix this bug, the calls to spin_lock_irqsave() and
spin_unlock_irqrestore() are added in arcnet_reply_tasklet() to protect
dev_kfree_skb(lp->outgoing.skb).
Signed-off-by: Jia-Ju Ba
-after-free bug may occur
in HFCPCI_l1hw().
To fix these bugs, the calls to spin_lock_irqsave() and
spin_unlock_irqrestore() are added in HFCPCI_l1hw(), to protect the
access to cs->tx_skb.
Signed-off-by: Jia-Ju Bai
---
drivers/isdn/hisax/hfc_pci.c | 2 ++
1 file changed, 2 insertions(+)
dif
ix these bugs, the original calls to mutex_lock(&priv->conf_mutex) and
mutex_unlock(&priv->conf_mutex) are moved to the places, which can
protect the accesses to the shared variable.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/st/cw1200/scan.c | 13 ++---
1 file changed, 6 i
;sc->next_chan"
should be also protected by the lock.
Signed-off-by: Jia-Ju Bai
---
drivers/net/wireless/ath/ath9k/channel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/wireless/ath/ath9k/channel.c
b/drivers/net/wireless/ath/ath9k/channel.c
index 1b05b5d7a038
On 2018/5/8 13:04, Eric Dumazet wrote:
On 05/07/2018 07:16 PM, Jia-Ju Bai wrote:
Yes, "&dev->stats" will not change, because it is a fixed address.
But the field data in "dev->stats" is changed (rx_frame_errors, rx_crc_errors
and rx_missed_errors).
So if t
On 2018/5/8 9:56, Eric Dumazet wrote:
On 05/07/2018 05:51 PM, Jia-Ju Bai wrote:
On 2018/5/7 22:15, Eric Dumazet wrote:
On 05/07/2018 07:08 AM, Jia-Ju Bai wrote:
The write operations to "dev->stats" are protected by
the spinlock on line 862-864, but the read operations to
this
On 2018/5/7 22:15, Eric Dumazet wrote:
On 05/07/2018 07:08 AM, Jia-Ju Bai wrote:
The write operations to "dev->stats" are protected by
the spinlock on line 862-864, but the read operations to
this data on line 858 and 867 are not protected by the spinlock.
Thus, there may exi
ations to "dev->stats" are
protected by the spinlock, and a local variable is used for return.
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/8390/lib8390.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/drivers/net/ethernet/8390/lib8390.c
b/dr
On 2018/4/12 10:21, arvindY wrote:
On Thursday 12 April 2018 07:00 AM, Jia-Ju Bai wrote:
On 2018/4/12 0:16, James Bottomley wrote:
On Wed, 2018-04-11 at 23:39 +0800, Jia-Ju Bai wrote:
de4x5_hw_init() is never called in atomic context.
de4x5_hw_init() is only called by de4x5_pci_probe
On 2018/4/12 0:19, Florian Fainelli wrote:
On 04/11/2018 12:14 AM, Jia-Ju Bai wrote:
On 2018/4/11 13:30, Phil Reid wrote:
On 11/04/2018 09:51, Jia-Ju Bai wrote:
b53_switch_reset_gpio() is never called in atomic context.
The call chain ending up at b53_switch_reset_gpio() is:
[1
sis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
v2:
* Use gpio_set_value_cansleep() to replace gpio_set_value() additionally.
Thanks for Florian and Phil for good advice.
---
drivers/net/dsa/b53/b53_common.c | 8
1 file changed,
On 2018/4/12 0:16, James Bottomley wrote:
On Wed, 2018-04-11 at 23:39 +0800, Jia-Ju Bai wrote:
de4x5_hw_init() is never called in atomic context.
de4x5_hw_init() is only called by de4x5_pci_probe(), which is only
set as ".probe" in struct pci_driver.
Despite never getting called f
er getting called from atomic context, sxgbe_sw_reset()
calls mdelay() to busily wait.
This is not necessary and can be replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
e replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
v2:
* Use usleep_range() to correct usleep() in v1.
---
drivers/net/ethernet/dec/tulip/de4x5.c | 2
On 2018/4/11 22:26, David Miller wrote:
From: Jia-Ju Bai
Date: Wed, 11 Apr 2018 16:20:22 +0800
Okay, I now know why many of my patches were not replied.
Many of your patches are not responded to because you handle patch
feedback poorly sometimes.
Okay, thanks for pointing it out.
I will
s tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
v2:
* Modify the description of GFP_ATOMIC in v1.
Thank Eric for good advice.
v3:
* Modify wrong text in description in v2.
Thank Ying for good advice.
---
net/tipc/monitor.c | 6 +++---
1 file c
On 2018/4/11 18:11, Ying Xue wrote:
On 04/10/2018 09:17 AM, Jia-Ju Bai wrote:
tipc_mon_create() is never called in atomic context.
The call chain ending up at dn_route_init() is:
Sorry, I don't think there is any relationship between the following
call chain with dn_route_init().
On 2018/4/11 16:17, Greg KH wrote:
On Wed, Apr 11, 2018 at 04:11:00PM +0800, Jia-Ju Bai wrote:
On 2018/4/11 16:03, Greg KH wrote:
On Wed, Apr 11, 2018 at 03:17:10PM +0800, Jia-Ju Bai wrote:
On 2018/4/11 14:41, Greg KH wrote:
On Wed, Apr 11, 2018 at 09:29:34AM +0800, Jia-Ju Bai wrote
On 2018/4/11 16:03, Greg KH wrote:
On Wed, Apr 11, 2018 at 03:17:10PM +0800, Jia-Ju Bai wrote:
On 2018/4/11 14:41, Greg KH wrote:
On Wed, Apr 11, 2018 at 09:29:34AM +0800, Jia-Ju Bai wrote:
stir421x_fw_upload() is never called in atomic context.
The call chain ending up at
On 2018/4/11 14:41, Greg KH wrote:
On Wed, Apr 11, 2018 at 09:29:34AM +0800, Jia-Ju Bai wrote:
stir421x_fw_upload() is never called in atomic context.
The call chain ending up at stir421x_fw_upload() is:
[1] stir421x_fw_upload() <- stir421x_patch_device() <- irda_usb_probe()
irda_usb
On 2018/4/11 13:30, Phil Reid wrote:
On 11/04/2018 09:51, Jia-Ju Bai wrote:
b53_switch_reset_gpio() is never called in atomic context.
The call chain ending up at b53_switch_reset_gpio() is:
[1] b53_switch_reset_gpio() <- b53_switch_reset() <-
b53_reset_switch() <-
lled from atomic context, fcpci_init()
calls mdelay() to busily wait.
This is not necessary and can be replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
dr
tomic context, fcpcipnp_setup()
calls mdelay() to busily wait.
This is not necessary and can be replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/isdn/hisax/his
h does not sleep for allocation.
GFP_ATOMIC is not necessary and can be replaced with GFP_KERNEL,
which can sleep and improve the possibility of sucessful allocation.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
d
er getting called from atomic context, sxgbe_sw_reset()
calls mdelay() to busily wait.
This is not necessary and can be replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
--
e replaced with GFP_KERNEL,
which can sleep and improve the possibility of sucessful allocation.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/net/ieee802154/atusb.c | 2 +-
1 file changed, 1 inser
ten by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/intel/i40evf/i40evf_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/intel/i40evf/i40evf_main.c
b/drivers/net/ethernet/intel/i40evf/i40evf_main.c
index 182
e replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/net/ethernet/dec/tulip/de4x5.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/d
myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/net/dsa/b53/b53_common.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/dsa/b53/b53_common.c b/drivers/net/dsa/b53/b53_common.c
index 274f367..e070ff6 100644
--- a/drivers/net/dsa/b53
and can be replaced with usleep_range() to
avoid busy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/net/can/sja1000/peak_pcmcia.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
sy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/net/can/sja1000/peak_pci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/can/sja1000/peak_pci.c
b/drivers/net/c
sy waiting.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai
---
drivers/staging/irda/drivers/irda-usb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/irda/drivers/irda-usb.c
gned-off-by: Jia-Ju Bai
---
drivers/staging/irda/drivers/irda-usb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/irda/drivers/irda-usb.c
b/drivers/staging/irda/drivers/irda-usb.c
index 723e49b..c6c8c2c 100644
--- a/drivers/staging/irda/drivers/irda-usb.c
+++ b
1 - 100 of 202 matches
Mail list logo
