A potential data race in drivers/scsi/mvumi.ko

From: Pavel Andrianov
Date: Fri Aug 12 2016 - 08:39:40 EST

Next message: Guenter Roeck: "Re: [PATCH v3 2/9] hwmon: (core) New hwmon registration API"
Previous message: Geert Uytterhoeven: "[PATCH] clk: divider: Fix clk_divider_round_rate() to use clk_readl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

There is a potential data race in drivers/scsi/mvumi.ko.
Regard such case:

Thread 1 Thread 2
...
-> mvumi_reset_host_9500 -
is called without any locking
-> mvumi_wait_for_outstanding
->mvumi_start
->mvumi_check_handshake
-> mvumi_handshake_event
-> mvumi_handshake
->mvumi_hs_build_page

interrupt comes
-> mvumi_isr_handler
-> mvumi_handshake
-> mvumi_hs_build_page

In this case the same data mhba->handshake_page is modified from two threads. Likely the first thread should acquire the same spinlock mhba->shost->host_lock as the second thread.

--
Pavel Andrianov
Linux Verification Center, ISPRAS
web: http://linuxtesting.org
e-mail: andrianov@xxxxxxxxx

Next message: Guenter Roeck: "Re: [PATCH v3 2/9] hwmon: (core) New hwmon registration API"
Previous message: Geert Uytterhoeven: "[PATCH] clk: divider: Fix clk_divider_round_rate() to use clk_readl()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]