All of lore.kernel.org
 help / color / mirror / Atom feed
From: linux@arm.linux.org.uk (Russell King - ARM Linux)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] MAX1111: Fix race condition causing NULL pointer exception
Date: Wed, 18 May 2011 23:47:15 +0100	[thread overview]
Message-ID: <20110518224715.GD21384@n2100.arm.linux.org.uk> (raw)
In-Reply-To: <1305740214.1526.2.camel@konomi>

On Wed, May 18, 2011 at 07:36:54PM +0200, Marek Vasut wrote:
> > On Wed, May 18, 2011 at 05:18:38PM +0200, Pavel Herrmann wrote:
> > > spi_sync call uses its spi_message parameter to keep completion
> > > information, having this structure static is not thread-safe,
> > > potentially causing one thread having pointers to memory on or above
> > > other threads stack. use per-call spi_message on stack to fix this
> > 
> > I assume this has not been tested with DMA debugging enabled.
> > 
> > The DMA API does not like mapping memory from the stack, which is what
> > you're potentially doing with this:
> 
> Yikes, good catch, but kmallocing this and kfreeing it again is not
> something I'd like to see either.

You could use a semaphore to protect against other threads.

However, this driver just gives us yet more problems, as it overlaps
the DMA'd data with the DMA metadata (spi message/spi transfer
structures.)  And yes we do get bug reports on that too...

I think its about time driver and subsystem authors got a clue about
DMA incoherent architectures, and these things called 'cache lines'
which have a direct impact on whether code is buggy or not.  Sharing
cache lines between DMA buffers and other data is Really Bad News for
data integrity - even sharing a cache line between two DMA buffers
can be a problem.

  reply	other threads:[~2011-05-18 22:47 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-05-18 15:18 Pavel Herrmann
2011-05-18 15:29 ` Eric Miao
2011-05-18 15:29 ` Russell King - ARM Linux
2011-05-18 17:36   ` Marek Vasut
2011-05-18 22:47     ` Russell King - ARM Linux [this message]
2011-05-19 12:35   ` Pavel Machek
2011-05-19 12:51     ` Pavel Herrmann
2011-05-19 13:55       ` Marek Vasut
2011-05-19 19:31       ` Russell King - ARM Linux
2011-05-19 22:13         ` Pavel Herrmann
2011-05-20 21:20           ` Russell King - ARM Linux
2011-05-21 20:28           ` Pavel Machek
2011-05-21 20:45             ` Pavel Herrmann
2011-05-22 15:52               ` Marek Vasut
2011-05-18 21:47 ` Cyril Hrubis
2011-06-30 12:36   ` Marek Vasut

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20110518224715.GD21384@n2100.arm.linux.org.uk \
    --to=linux@arm.linux.org.uk \
    --cc=linux-arm-kernel@lists.infradead.org \
    --subject='Re: [PATCH] MAX1111: Fix race condition causing NULL pointer exception' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.