From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stanislaw Gruszka <sgruszka@redhat.com>
Subject: Re: [PATCH] net: wireless: iwlegacy: Fix possible data races in
 il4965_send_rxon_assoc()
Date: Thu, 4 Oct 2018 09:59:15 +0200
Message-ID: <20181004075914.GB20523@redhat.com>
References: <20181003140745.7650-1-baijiaju1990@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: kvalo@codeaurora.org, davem@davemloft.net,
        linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org
To: Jia-Ju Bai <baijiaju1990@gmail.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <20181003140745.7650-1-baijiaju1990@gmail.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: netdev.vger.kernel.org

On Wed, Oct 03, 2018 at 10:07:45PM +0800, Jia-Ju Bai wrote:
> These possible races are detected by a runtime testing. 
> To fix these races, the mutex lock is used in il4965_send_rxon_assoc() 
> to protect the data.

Really ? I'm surprised by that, see below.

> @@ -1297,6 +1297,7 @@ il4965_send_rxon_assoc(struct il_priv *il)
>  	const struct il_rxon_cmd *rxon1 = &il->staging;
>  	const struct il_rxon_cmd *rxon2 = &il->active;
>  
> +	mutex_lock(&il->mutex);
>  	if (rxon1->flags == rxon2->flags &&

For 4965 driver il4965_send_rxon_assoc() is only called by
il_mac_bss_info_changed() and il4965_commit_rxon().

il_mac_bss_info_changed() acquire il->mutex and
callers of  il4965_commit_rxon() acquire il->mutex
(but I did not check all of them).

So I wonder how this patch did not cause the deadlock ?
  
Anyway what can be done is adding:

lockdep_assert_held(&il->mutex);

il4965_commit_rxon() to check if we hold the mutex.

Thanks
Stanislaw