Bug 258243 - A lock related issue in function wpi_run
Summary: A lock related issue in function wpi_run
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 13.0-STABLE
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-wireless (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-09-03 08:40 UTC by dinghao.liu
Modified: 2021-09-17 13:16 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dinghao.liu 2021-09-03 08:40:30 UTC
There is a lock issue in sys/dev/wpi/if_wpi.c. In function wpi_run(), WPI_RXON_LOCK() is called after wpi_set_timing(), but its corresponding WPI_RXON_UNLOCK() is not executed on failure of wpi_send_rxon(), which may cause a deadlock. This code logic is similar with wpi_auth(), and in this function we do not return on failure of wpi_send_rxon().

This bug is suggested by a static analysis tool, please advise.
Comment 1 Mark Johnston freebsd_committer 2021-09-06 17:27:59 UTC
Upstream (OpenBSD) returns in this error path as well.  I suspect that the bug is simply a missing unlock in the error path (the locking is FreeBSD-specific).
Comment 2 commit-hook freebsd_committer 2021-09-10 14:06:14 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=6d042d7c861a8fffd1784c720720c3b89c7c0883

commit 6d042d7c861a8fffd1784c720720c3b89c7c0883
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-09-10 14:03:51 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-09-10 14:03:51 +0000

    wpi: Fix a lock leak in an error path in wpi_run()

    PR:             258243
    Reported by:    dinghao.liu@zju.edu.cn
    MFC after:      1 week

 sys/dev/wpi/if_wpi.c | 1 +
 1 file changed, 1 insertion(+)
Comment 3 commit-hook freebsd_committer 2021-09-17 13:15:27 UTC
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=476f87219f408343846254743c7189076be80c04

commit 476f87219f408343846254743c7189076be80c04
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-09-10 14:03:51 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-09-17 13:13:44 +0000

    wpi: Fix a lock leak in an error path in wpi_run()

    PR:             258243
    Reported by:    dinghao.liu@zju.edu.cn

    (cherry picked from commit 6d042d7c861a8fffd1784c720720c3b89c7c0883)

 sys/dev/wpi/if_wpi.c | 1 +
 1 file changed, 1 insertion(+)
Comment 4 Mark Johnston freebsd_committer 2021-09-17 13:16:40 UTC
Thanks for the report.