cfi_amdext_sync, cfi_intelext_sync
Alice Hennessy
ahennessy at mvista.com
Fri Oct 6 19:35:28 EDT 2000
Hi,
Found a bug in cfi_cmdset_0001.c and cfi_cmdset_0002.c in functions
cfi_intelext_sync and cfi_amdext_sync respectively. The call to
remove_wait_queue is missing after the "add_wait_queue;spin_unlock_bh;
schedule" sequence in the default case.
The gory details: Our test caused erase and sync to be called
concurrently. The sync code sees the chip state as FL_ERASING and
correctly calls add_wait_queue. The problem is that remove_wait_queue is
never called after the schedule. This causes wait's task_list to be added
to chip->wq's task_list several times which results in an incorrect circular
list. The final outcome is a hang when the erase logic calls wake_up which
ends up in an infinite loop running through chip->wq's task_list. A nice
touch is that we are in spin_lock_bh so the system hangs as well.
If you agree, should I check in the fix?
Alice
To unsubscribe, send "unsubscribe mtd" to majordomo at infradead.org
More information about the linux-mtd
mailing list