NetBSD Problem Report #52333

From www@NetBSD.org  Sun Jun 25 08:51:09 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id C44607A175
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 25 Jun 2017 08:51:08 +0000 (UTC)
Message-Id: <20170625085107.EB05F7A26F@mollari.NetBSD.org>
Date: Sun, 25 Jun 2017 08:51:07 +0000 (UTC)
From: baijiaju1990@163.com
Reply-To: baijiaju1990@163.com
To: gnats-bugs@NetBSD.org
Subject: vte driver: sleep-in-interrupt bugs in vte_intr
X-Send-Pr-Version: www-1.0

>Number:         52333
>Category:       kern
>Synopsis:       vte driver: sleep-in-interrupt bugs in vte_intr
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jun 25 08:55:00 +0000 2017
>Closed-Date:    Sun May 13 17:59:10 +0000 2018
>Last-Modified:  Sun May 13 17:59:10 +0000 2018
>Originator:     Jia-Ju Bai
>Release:        NetBSD-7.1
>Organization:
Tsinghua University
>Environment:
i386
>Description:
The driver may sleep in interrupt, and the function call path in file "sys/dev/pci/if_vte.c" in NetBSD-7.1 release is:
vte_intr [interrupt handler function]
  vte_ifstart
    vte_encap
      bus_dmamap_load_mbuf(BUS_DMA_WAITOK) --> may sleep
vte_intr [interrupt handler function]
  vte_rxeof
    vte_newbuf
      bus_dmamap_load_mbuf(BUS_DMA_WAITOK) --> may sleep

These bugs are found by a static analysis tool written by myself, and they are checked by my review of the NetBSD code.
>How-To-Repeat:

>Fix:
The possible fix of this bug is to replace "BUS_DMA_WAITOK" with "BUS_DMA_NOWAIT".

>Release-Note:

>Audit-Trail:
From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52333 CVS commit: src/sys/dev/pci
Date: Mon, 26 Jun 2017 14:23:49 -0400

 Module Name:	src
 Committed By:	christos
 Date:		Mon Jun 26 18:23:49 UTC 2017

 Modified Files:
 	src/sys/dev/pci: if_vte.c

 Log Message:
 PR/52333: Jia-Ju Bai: explicitly pass BUS_DMA_NOWAIT to bus_dmamap_load_mbuf()
 called from an interrupt context. It should not matter since the maps are
 constructed with BUS_DMA_ALLOCNOW, but :-)


 To generate a diff of this commit:
 cvs rdiff -u -r1.17 -r1.18 src/sys/dev/pci/if_vte.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Sun, 13 May 2018 17:59:10 +0000
State-Changed-Why:
Applied, thanks for the patch!
xtos's commit message suggests the code being wrong won't appear as a problem in practice, so closing without pullups.


>Unformatted:

Home	PR Database Search