Hi,
This is regarding a race-condition related bug found in phantom.c by
the Linux Driver Verification Project.
dev->status is accessed in phantom_release with dev->open_lock and in
phantom_isr() using dev->regs_lock therefore there can be a race
between updating dev->status in phantom_release() and phantom_status()
and reading it's value in phantom_isr().
I don't think there is any particular lock protecting dev->status
(like open_lock and regs_lock are for dev->opened and dev->oregs) and
also not sure why exactly dev->status is updated in phantom_status()
and just after that updated again in phantom_release().
It will be great if you could look into this bug.
Thank you,
Madhuparna