220235 – sys/dev/aacraid/aacraid.c: A sleep-under-mutex bug in aac_alloc_commands

Bug 220235 - sys/dev/aacraid/aacraid.c: A sleep-under-mutex bug in aac_alloc_commands

Summary: sys/dev/aacraid/aacraid.c: A sleep-under-mutex bug in aac_alloc_commands

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	CURRENT
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	freebsd-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-06-24 03:06 UTC by Jia-Ju Bai
Modified:	2017-06-24 03:06 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jia-Ju Bai 2017-06-24 03:06:03 UTC

The driver may sleep under a mutex, and the code path is:
aac_alloc_commands [line 1223: acquire the mutex]
aac_alloc_commands [line 1227]
  bus_dmamap_create(BUS_DMA_WAITOK) [line 1250] --> may sleep

The possible fix of this bug is to replace the "BUS_DMA_WAITOK" in bus_dmamap_create with "BUS_DMA_NOWAIT".

This bug is found by a static analysis tool written by myself, and it is checked by my review of the FreeBSD code.