Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

likely data race conditions in ioctl handling #25

Open
deponty opened this issue Apr 1, 2019 · 1 comment
Open

likely data race conditions in ioctl handling #25

deponty opened this issue Apr 1, 2019 · 1 comment

Comments

@deponty
Copy link

deponty commented Apr 1, 2019

Location (Korea, USA, China, India, etc.)
USA, San Diego

Describe the bug
There are probably some data race conditions in the 4.15 version of the driver. The pattern:

  • get variable from userspace
  • take spinlock, save irq state
  • write to variable
  • release spinlock

One issue is that by the time you get the variable, another thread has the opportunity to write to it. Another issue is that 2 or more threads may read the same variable, then independently increment it and write it back out. Instead of being incremented twice, it's only incremented once. I'm not claiming that the code is incrementing a variable, I'm simply highlighting this as a potential problem. The correct pattern is:

  • take spinlock, save irq state
  • get variable from userspace
  • write to variable
  • release spinlock

Note: there is a spinlock acquire of a critical section that has been commented out. This is definitely a race condition.

To Reproduce
Steps to reproduce the behavior:

  1. It's obvious upon reading the code

Expected behavior
A clear and concise description of what you expected to happen.
See above

Screenshots
If applicable, add screenshots to help explain your problem.
It's in the code, primarily in core.c

System environment (please complete the following information)

  • Firmware version : N/A
  • Number of SSDs : N/A
  • OS & Kernel version [e.g., Ubuntu 16.04 Kernel v4.9.5]: Ubuntu 4.15
  • GCC version [e.g., gcc v5.0.0] : N/A
  • kvbench version if kvbench runs [e.g., v0.6.0]: N/A
  • KV API version [e.g., v0.6.0] N/A
  • User driver version : N/A
  • Driver [Kernel or user driver or emulator] : kernel driver

Workload

  • number of records or data size N/A
  • Workload(insert, mixed workload, etc.) [e.g., sequential or random insert, or 50% Read & 50% write] N/A
  • key size : N/A
  • value size : N/A
  • operation option if available [e.g., sync or async mode] : N/A

Additional context
Add any other context about the problem here.
See above

[email protected]
@ilgulove
Copy link
Collaborator

ilgulove commented Apr 4, 2019

Dear, David.

Problem is not clear,

which line in core.c?

Please, provide detailed information and it will be very helpful also test scenario and code.

thanks in advance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@deponty @ilgulove