kern/51731: {mustek,scanjet}_read insufficient locking

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/51731: {mustek,scanjet}_read insufficient locking
From: coypu%sdf.org@localhost
Date: Tue, 20 Dec 2016 21:20:00 +0000 (UTC)

>Number:         51731
>Category:       kern
>Synopsis:       {mustek,scanjet}_read insufficient locking
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Dec 20 21:20:00 +0000 2016
>Originator:     coypu
>Release:        NetBSD 7.99.51
>Organization:
>Environment:
NetBSD box 7.99.51 NetBSD 7.99.51 (GENERIC) #0: Sun Dec 18 07:53:19 IST 2016  fly@box:/usr/amd64/sys/arch/amd64/compile/GENERIC amd64

>Description:
This is not the most critical bug right now (the code seems to be for extremely old hardware), but it's subtle and hard to spot in the current code, so I report this bug as a reminder for its existence.

mustek_read calls scsipi_make_xs_locked with XS_CTL_NOSLEEP, apparently without holding chan_mtx.

this means scsipi_make_xs_locked will not attempt to lock and assumes that the lock is already held.
>How-To-Repeat:

>Fix:
Please add assertions for mutex_owned.
It may not trigger 100% of the times, but it's likely enough to happen that the problem will be spotted.

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: lib/51139: C++11 std::call_once() broken on NetBSD
Previous by Thread: PR/50228 CVS commit: src/lib/libc/arch/powerpc/string
Next by Thread: kern/51732: sdhc(4) can't recognize some kind of microSD card
Indexes:

Home | Main Index | Thread Index | Old Index