likely data race conditions in ioctl handling

Location (Korea, USA, China, India, etc.) USA, San Diego

Describe the bug There are probably some data race conditions in the 4.15 version of the driver. The pattern:

get variable from userspace
take spinlock, save irq state
write to variable
release spinlock

One issue is that by the time you get the variable, another thread has the opportunity to write to it. Another issue is that 2 or more threads may read the same variable, then independently increment it and write it back out. Instead of being incremented twice, it's only incremented once. I'm not claiming that the code is incrementing a variable, I'm simply highlighting this as a potential problem. The correct pattern is:

take spinlock, save irq state
get variable from userspace
write to variable
release spinlock

Note: there is a spinlock acquire of a critical section that has been commented out. This is definitely a race condition.

To Reproduce Steps to reproduce the behavior:

It's obvious upon reading the code

Expected behavior A clear and concise description of what you expected to happen. See above

Screenshots If applicable, add screenshots to help explain your problem. It's in the code, primarily in core.c

System environment (please complete the following information)

Firmware version : N/A
Number of SSDs : N/A
OS & Kernel version [e.g., Ubuntu 16.04 Kernel v4.9.5]: Ubuntu 4.15
GCC version [e.g., gcc v5.0.0] : N/A
kvbench version if kvbench runs [e.g., v0.6.0]: N/A
KV API version [e.g., v0.6.0] N/A
User driver version : N/A
Driver [Kernel or user driver or emulator] : kernel driver

Workload

number of records or data size N/A
Workload(insert, mixed workload, etc.) [e.g., sequential or random insert, or 50% Read & 50% write] N/A
key size : N/A
value size : N/A
operation option if available [e.g., sync or async mode] : N/A

Additional context Add any other context about the problem here. See above

david.evans@samsung.com

OpenMPDK / KVSSD

likely data race conditions in ioctl handling #25