Bug 4948 - generic scsi driver race condition
Summary: generic scsi driver race condition
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kernel
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Michael K. Johnson
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-09-07 02:56 UTC by olivern
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2000-04-22 06:29:07 UTC

Attachments (Terms of Use)

Description olivern 1999-09-07 02:56:50 UTC
There appears to be a race condition in the sg_read()
routine of the generic scsi driver (sg.c) supplied with Red
Hat Linux 6.0.  When the check is made whether or not to
put the process to sleep awaiting input, interrupts are
not disabled, resulting in the race condition described
on page 209 of Allessandro Rubini's "Linux Device Drivers".
The appropriate fix is described in the book - basically,
the sleep code needs a save_flags()/cli()/restore_flags()
sequence inserted in the appropriate place.  Note that
there may well be other locations in the file with a
similar problem - the only one that was affecting us was
in the read routine, so we limited our patch to the
sg_read.c routine.

The latent bug most often manifested itself when reading
back very short SCSI messages, at least on our system.
Since the race condition would be highly dependent on
overall system timing, it will affect different systems in
different ways.

Interestingly enough, the equivalent driver code under
Slackware 3.5 (fairly old now) included the interrupt code.
Looks like someone went and unintentionally cleaned out some
critical code at some point.

It also appears that the generic scsi driver has been
significantly rewritten in the most recent kernel available
at the RedHat site.  Comments in the code indicate that
logic exists to prevent race conditions in those regions
that we observed them occurring.  So the problem should
already be fixed in future RedHat releases.

Comment 1 Cristian Gafton 1999-10-06 22:45:59 UTC
assigned to dledford

Comment 2 Doug Ledford 2000-04-22 06:29:59 UTC
Current 2.2.14 kernels should not have this problem due to the rewritten sg
driver mentioned in the original comments.  Bug closed.

Note You need to log in before you can comment on or make changes to this bug.