[linux-stable-rc:linux-4.19.y 6833/9999] drivers/net/wireless/intel/iwlwifi/mvm/sta.c:2573:23: sparse: sparse: context imbalance in 'iwl_mvm_sta_tx_agg_start' - different lock contexts for basic block
3:06 p.m.
tree: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git
linux-4.19.y
head: e864f43593ccf9180c61738abdf1c1dde091367d
commit: 5ee7911e8e17afb4541096c6e98ffa61190338b3 [6833/9999] iwlwifi: mvm: avoid possible
access out of array.
config: i386-randconfig-s001-20200812 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.2-168-g9554805c-dirty
git checkout 5ee7911e8e17afb4541096c6e98ffa61190338b3
# save the attached .config to linux build tree
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
sparse warnings: (new ones prefixed by >>)
drivers/net/wireless/intel/iwlwifi/mvm/sta.c: note: in included file (through
drivers/net/wireless/intel/iwlwifi/mvm/..//fw/img.h,
drivers/net/wireless/intel/iwlwifi/mvm/..//iwl-trans.h, ...):
drivers/net/wireless/intel/iwlwifi/mvm/..//fw/file.h:286:19: sparse: sparse: mixed
bitwiseness
drivers/net/wireless/intel/iwlwifi/mvm/..//fw/file.h:405:19: sparse: sparse: mixed
bitwiseness
> drivers/net/wireless/intel/iwlwifi/mvm/sta.c:2573:23: sparse:
sparse: context imbalance in 'iwl_mvm_sta_tx_agg_start' - different lock contexts
for basic block
In file included from
drivers/net/wireless/intel/iwlwifi/mvm/../iwl-trans.h:76,
from drivers/net/wireless/intel/iwlwifi/mvm/mvm.h:83,
from drivers/net/wireless/intel/iwlwifi/mvm/sta.c:71:
drivers/net/wireless/intel/iwlwifi/mvm/../iwl-config.h:472:36: warning:
'iwl_csr_v2' defined but not used [-Wunused-const-variable=]
472 | static const struct iwl_csr_params iwl_csr_v2 = {
| ^~~~~~~~~~
drivers/net/wireless/intel/iwlwifi/mvm/../iwl-config.h:457:36: warning:
'iwl_csr_v1' defined but not used [-Wunused-const-variable=]
457 | static const struct iwl_csr_params iwl_csr_v1 = {
| ^~~~~~~~~~
vim +/iwl_mvm_sta_tx_agg_start +2573 drivers/net/wireless/intel/iwlwifi/mvm/sta.c
3e56eadfb6a1f2 drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-02-15
2458
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2459 int iwl_mvm_sta_tx_agg_start(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2460 struct ieee80211_sta *sta, u16 tid, u16 *ssn)
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2461 {
5b577a90fb3d86 drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-11-14
2462 struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2463 struct iwl_mvm_tid_data *tid_data;
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2464 u16 normalized_ssn;
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2465 u16 txq_id;
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2466 int ret;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2467
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2468 if (WARN_ON_ONCE(tid >= IWL_MAX_TID_COUNT))
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2469 return -EINVAL;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2470
bd800e41a3de5c drivers/net/wireless/intel/iwlwifi/mvm/sta.c Naftali Goldstein 2017-08-28
2471 if (mvmsta->tid_data[tid].state != IWL_AGG_QUEUED &&
bd800e41a3de5c drivers/net/wireless/intel/iwlwifi/mvm/sta.c Naftali Goldstein 2017-08-28
2472 mvmsta->tid_data[tid].state != IWL_AGG_OFF) {
bd800e41a3de5c drivers/net/wireless/intel/iwlwifi/mvm/sta.c Naftali Goldstein 2017-08-28
2473 IWL_ERR(mvm,
bd800e41a3de5c drivers/net/wireless/intel/iwlwifi/mvm/sta.c Naftali Goldstein 2017-08-28
2474 "Start AGG when state is not IWL_AGG_QUEUED or IWL_AGG_OFF %d!\n",
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2475 mvmsta->tid_data[tid].state);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2476 return -ENXIO;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2477 }
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2478
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2479 lockdep_assert_held(&mvm->mutex);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2480
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2481 if (mvmsta->tid_data[tid].txq_id == IWL_MVM_INVALID_QUEUE &&
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2482 iwl_mvm_has_new_tx_api(mvm)) {
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2483 u8 ac = tid_to_mac80211_ac[tid];
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2484
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2485 ret = iwl_mvm_sta_alloc_queue_tvqm(mvm, sta, ac, tid);
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2486 if (ret)
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2487 return ret;
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2488 }
bd8f3fc613919b drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2018-01-17
2489
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2490 spin_lock_bh(&mvmsta->lock);
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2491
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2492 /* possible race condition - we entered D0i3 while starting agg */
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2493 if (test_bit(IWL_MVM_STATUS_IN_D0I3, &mvm->status)) {
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2494 spin_unlock_bh(&mvmsta->lock);
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2495 IWL_ERR(mvm, "Entered D0i3 while starting Tx agg\n");
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2496 return -EIO;
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2497 }
b2492501d234ef drivers/net/wireless/iwlwifi/mvm/sta.c Arik Nemtsov 2014-03-13
2498
9f9af3d7d303a5 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-12-23
2499 spin_lock(&mvm->queue_info_lock);
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2500
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2501 /*
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2502 * Note the possible cases:
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2503 * 1. An enabled TXQ - TXQ needs to become agg'ed
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2504 * 2. The TXQ hasn't yet been enabled, so find a free one and mark
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2505 * it as reserved
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2506 */
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2507 txq_id = mvmsta->tid_data[tid].txq_id;
34e10860ae8dc8 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Sara Sharon 2017-02-23
2508 if (txq_id == IWL_MVM_INVALID_QUEUE) {
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2509 ret = iwl_mvm_find_free_queue(mvm, mvmsta->sta_id,
c8f54701bdbfcc drivers/net/wireless/intel/iwlwifi/mvm/sta.c Johannes Berg 2017-06-19
2510 IWL_MVM_DQA_MIN_DATA_QUEUE,
c8f54701bdbfcc drivers/net/wireless/intel/iwlwifi/mvm/sta.c Johannes Berg 2017-06-19
2511 IWL_MVM_DQA_MAX_DATA_QUEUE);
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2512 if (ret < 0) {
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2513 IWL_ERR(mvm, "Failed to allocate agg queue\n");
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2514 goto release_locks;
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2515 }
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2516
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2517 txq_id = ret;
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2518
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2519 /* TXQ hasn't yet been enabled, so mark it only as reserved */
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2520 mvm->queue_info[txq_id].status = IWL_MVM_QUEUE_RESERVED;
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2521 } else if (WARN_ON(txq_id >= IWL_MAX_HW_QUEUES)) {
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2522 ret = -ENXIO;
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2523 IWL_ERR(mvm, "tid_id %d out of range (0, %d)!\n",
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2524 tid, IWL_MAX_HW_QUEUES - 1);
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2525 goto out;
5ee7911e8e17af drivers/net/wireless/intel/iwlwifi/mvm/sta.c Mordechay Goodstein 2018-10-21
2526
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2527 } else if (unlikely(mvm->queue_info[txq_id].status ==
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2528 IWL_MVM_QUEUE_SHARED)) {
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2529 ret = -ENXIO;
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2530 IWL_DEBUG_TX_QUEUES(mvm,
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2531 "Can't start tid %d agg on shared queue!\n",
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2532 tid);
4a6d2e525b43eb drivers/net/wireless/intel/iwlwifi/mvm/sta.c Avraham Stern 2018-03-05
2533 goto release_locks;
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2534 }
9f9af3d7d303a5 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-12-23
2535
9f9af3d7d303a5 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-12-23
2536 spin_unlock(&mvm->queue_info_lock);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2537
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2538 IWL_DEBUG_TX_QUEUES(mvm,
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2539 "AGG for tid %d will be on queue #%d\n",
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2540 tid, txq_id);
cf961e16620f88 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-08-13
2541
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2542 tid_data = &mvmsta->tid_data[tid];
9a886586c82aa0 drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-02-15
2543 tid_data->ssn = IEEE80211_SEQ_TO_SN(tid_data->seq_number);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2544 tid_data->txq_id = txq_id;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2545 *ssn = tid_data->ssn;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2546
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2547 IWL_DEBUG_TX_QUEUES(mvm,
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2548 "Start AGG: sta %d tid %d queue %d - ssn = %d, next_recl = %d\n",
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2549 mvmsta->sta_id, tid, txq_id, tid_data->ssn,
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2550 tid_data->next_reclaimed);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2551
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2552 /*
2f7a3863191afc drivers/net/wireless/intel/iwlwifi/mvm/sta.c Luca Coelho 2017-11-15
2553 * In 22000 HW, the next_reclaimed index is only 8 bit, so we'll need
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2554 * to align the wrap around of ssn so we compare relevant values.
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2555 */
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2556 normalized_ssn = tid_data->ssn;
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2557 if (mvm->trans->cfg->gen2)
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2558 normalized_ssn &= 0xff;
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2559
dd32162da4e5b3 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2017-04-05
2560 if (normalized_ssn == tid_data->next_reclaimed) {
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2561 tid_data->state = IWL_AGG_STARTING;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2562 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2563 } else {
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2564 tid_data->state = IWL_EMPTYING_HW_QUEUE_ADDBA;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2565 }
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2566
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2567 ret = 0;
9f9af3d7d303a5 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-12-23
2568 goto out;
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2569
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2570 release_locks:
9f9af3d7d303a5 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-12-23
2571 spin_unlock(&mvm->queue_info_lock);
9f9af3d7d303a5 drivers/net/wireless/intel/iwlwifi/mvm/sta.c Liad Kaufman 2015-12-23
2572 out:
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
@2573 spin_unlock_bh(&mvmsta->lock);
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2574
4ecafae9e56802 drivers/net/wireless/iwlwifi/mvm/sta.c Liad Kaufman 2015-07-14
2575 return ret;
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2576 }
8ca151b568b67a drivers/net/wireless/iwlwifi/mvm/sta.c Johannes Berg 2013-01-24
2577
:::::: The code at line 2573 was first introduced by commit
:::::: 8ca151b568b67a7b72dcfc6ee6ea7c107ddd795c iwlwifi: add the MVM driver
:::::: TO: Johannes Berg <johannes.berg(a)intel.com>
:::::: CC: Johannes Berg <johannes.berg(a)intel.com>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
769
days inactive
769
days old
0 comments
1 participants
participants (1)
-
kernel test robot