A potential data race in drivers/scsi/mvumi.ko

Fri, 12 Aug 2016 05:39:50 -0700 

Hi!

There is a potential data race in drivers/scsi/mvumi.ko.
Regard such case:

Thread 1                                        Thread 2
...
-> mvumi_reset_host_9500 -
   is called without any locking
  -> mvumi_wait_for_outstanding
    ->mvumi_start
      ->mvumi_check_handshake
        -> mvumi_handshake_event
          -> mvumi_handshake
            ->mvumi_hs_build_page

                           interrupt comes
                                              -> mvumi_isr_handler
                                                -> mvumi_handshake
                                                  -> mvumi_hs_build_page
In this case the same data mhba->handshake_page is modified from two threads. Likely the first thread should acquire the same spinlock mhba->shost->host_lock as the second thread. 

--
Pavel Andrianov
Linux Verification Center, ISPRAS
web: http://linuxtesting.org
e-mail: andria...@ispras.ru

Reply via email to