From: Marek Szyprowski <m.szyprowski@samsung.com>
To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Cc: Marek Szyprowski <m.szyprowski@samsung.com>,
Russell King <linux@armlinux.org.uk>,
"Matthew Wilcox (Oracle)" <willy@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@kernel.org>
Subject: [PATCH] arm: dma-mapping: fix potential endless loop in __dma_page_dev_to_cpu()
Date: Mon, 7 Aug 2023 17:26:57 +0200 [thread overview]
Message-ID: <20230807152657.1692414-1-m.szyprowski@samsung.com> (raw)
In-Reply-To: CGME20230807152704eucas1p1bbe08af4559a7d2984198fe8ba487a2e@eucas1p1.samsung.com
It is possible that the folio_size() of the next folio returns zero, so
avoid looping with 'left' equals to zero in D-cache cleaning loop.
This fixes the following endless loop observed by RCU stall:
--->8---
rcu: INFO: rcu_sched self-detected stall on CPU
rcu: 0-....: (27320 ticks this GP) idle=e414/1/0x40000002 softirq=36/36 fqs=13044
rcu: (t=27385 jiffies g=-1067 q=34 ncpus=8)
CPU: 0 PID: 93 Comm: kworker/0:1H Not tainted 6.5.0-rc5-next-20230807 #6981
Hardware name: Samsung Exynos (Flattened Device Tree)
Workqueue: mmc_complete mmc_blk_mq_complete_work
PC is at _set_bit+0x28/0x44
LR is at __dma_page_dev_to_cpu+0xdc/0x170
..
_set_bit from __dma_page_dev_to_cpu+0xdc/0x170
__dma_page_dev_to_cpu from dma_direct_unmap_sg+0x100/0x130
dma_direct_unmap_sg from dw_mci_post_req+0x68/0x6c
dw_mci_post_req from mmc_blk_mq_post_req+0x34/0x100
mmc_blk_mq_post_req from mmc_blk_mq_complete_work+0x50/0x60
mmc_blk_mq_complete_work from process_one_work+0x20c/0x4d8
process_one_work from worker_thread+0x58/0x54c
worker_thread from kthread+0xe0/0xfc
kthread from ret_from_fork+0x14/0x2c
--->8---
Fixes: cc24e9c0895c ("arm: implement the new page table range API")
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
---
arch/arm/mm/dma-mapping.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/mm/dma-mapping.c b/arch/arm/mm/dma-mapping.c
index 70cb7e63a9a5..02250106e5ed 100644
--- a/arch/arm/mm/dma-mapping.c
+++ b/arch/arm/mm/dma-mapping.c
@@ -718,7 +718,7 @@ static void __dma_page_dev_to_cpu(struct page *page, unsigned long off,
folio = folio_next(folio);
}
- while (left >= (ssize_t)folio_size(folio)) {
+ while (left && left >= (ssize_t)folio_size(folio)) {
set_bit(PG_dcache_clean, &folio->flags);
left -= folio_size(folio);
folio = folio_next(folio);
--
2.34.1
WARNING: multiple messages have this Message-ID (diff)
From: Marek Szyprowski <m.szyprowski@samsung.com>
To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Cc: Marek Szyprowski <m.szyprowski@samsung.com>,
Russell King <linux@armlinux.org.uk>,
"Matthew Wilcox (Oracle)" <willy@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@kernel.org>
Subject: [PATCH] arm: dma-mapping: fix potential endless loop in __dma_page_dev_to_cpu()
Date: Mon, 7 Aug 2023 17:26:57 +0200 [thread overview]
Message-ID: <20230807152657.1692414-1-m.szyprowski@samsung.com> (raw)
In-Reply-To: CGME20230807152704eucas1p1bbe08af4559a7d2984198fe8ba487a2e@eucas1p1.samsung.com
It is possible that the folio_size() of the next folio returns zero, so
avoid looping with 'left' equals to zero in D-cache cleaning loop.
This fixes the following endless loop observed by RCU stall:
--->8---
rcu: INFO: rcu_sched self-detected stall on CPU
rcu: 0-....: (27320 ticks this GP) idle=e414/1/0x40000002 softirq=36/36 fqs=13044
rcu: (t=27385 jiffies g=-1067 q=34 ncpus=8)
CPU: 0 PID: 93 Comm: kworker/0:1H Not tainted 6.5.0-rc5-next-20230807 #6981
Hardware name: Samsung Exynos (Flattened Device Tree)
Workqueue: mmc_complete mmc_blk_mq_complete_work
PC is at _set_bit+0x28/0x44
LR is at __dma_page_dev_to_cpu+0xdc/0x170
..
_set_bit from __dma_page_dev_to_cpu+0xdc/0x170
__dma_page_dev_to_cpu from dma_direct_unmap_sg+0x100/0x130
dma_direct_unmap_sg from dw_mci_post_req+0x68/0x6c
dw_mci_post_req from mmc_blk_mq_post_req+0x34/0x100
mmc_blk_mq_post_req from mmc_blk_mq_complete_work+0x50/0x60
mmc_blk_mq_complete_work from process_one_work+0x20c/0x4d8
process_one_work from worker_thread+0x58/0x54c
worker_thread from kthread+0xe0/0xfc
kthread from ret_from_fork+0x14/0x2c
--->8---
Fixes: cc24e9c0895c ("arm: implement the new page table range API")
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
---
arch/arm/mm/dma-mapping.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/mm/dma-mapping.c b/arch/arm/mm/dma-mapping.c
index 70cb7e63a9a5..02250106e5ed 100644
--- a/arch/arm/mm/dma-mapping.c
+++ b/arch/arm/mm/dma-mapping.c
@@ -718,7 +718,7 @@ static void __dma_page_dev_to_cpu(struct page *page, unsigned long off,
folio = folio_next(folio);
}
- while (left >= (ssize_t)folio_size(folio)) {
+ while (left && left >= (ssize_t)folio_size(folio)) {
set_bit(PG_dcache_clean, &folio->flags);
left -= folio_size(folio);
folio = folio_next(folio);
--
2.34.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next parent reply other threads:[~2023-08-07 15:27 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20230807152704eucas1p1bbe08af4559a7d2984198fe8ba487a2e@eucas1p1.samsung.com>
2023-08-07 15:26 ` Marek Szyprowski [this message]
2023-08-07 15:26 ` [PATCH] arm: dma-mapping: fix potential endless loop in __dma_page_dev_to_cpu() Marek Szyprowski
2023-08-07 16:23 ` Matthew Wilcox
2023-08-07 16:23 ` Matthew Wilcox
2023-08-09 17:05 ` Marek Szyprowski
2023-08-09 17:05 ` Marek Szyprowski
2023-08-07 22:14 ` Matthew Wilcox
2023-08-07 22:14 ` Matthew Wilcox
2023-08-07 22:46 ` Russell King (Oracle)
2023-08-07 22:46 ` Russell King (Oracle)
2023-08-09 19:38 ` Matthew Wilcox
2023-08-09 19:38 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230807152657.1692414-1-m.szyprowski@samsung.com \
--to=m.szyprowski@samsung.com \
--cc=akpm@linux-foundation.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=rppt@kernel.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.