2017-12-12 03:00:52

by Jia-Ju Bai

[permalink] [raw]
Subject: [BUG] drivers/scsi/ipr: two possible sleep-in-atomic bugs

According to drivers/scsi/ipr.c, the kernel module may sleep under a
spinlock.
The function call paths are:
ipr_shutdown (acquire the spinlock)
irq_poll_disable
msleep --> may sleep

ipr_ata_post_internal (acquire the spinlock)
ipr_device_reset
ipr_send_blocking_cmd
wait_for_completion --> may sleep (&hrrq->_lock is still held)

I do not find a good way to fix them, so I only report.
These possible bugs are found by my static analysis tool (DSAC) and
checked by my code review.


Thanks,
Jia-Ju Bai