Hi all
I was investigating a NMI_interrupt today and found out that it was caused by a race condition in the fstorage module.
The problem may occur after a flash operation has been started and a new operation is just initiated by calling fs_store or fs_erase.
The call of fs_store or fs_erase uses queue_get_next_free to get a free operation entry from the queue. After queue_get_next_free completed a pointer to an free empty entry in the queue is returned. The problem is, that the entry already is an active part of the queue because count has been increase already in the queue_get_next_free function. Just after queue_get_next_free has returned the interrupt for the finished flash operation kicks in and fs_sys_event_handler is called in interrupt context.
In the fs_sys_event_handler the finished operation is handled and afterwards queue_process is called. There the check for (m_queue.count > 0) is positiv as the count variable was already increased for the new operation. The following switch for the opcode will result in a return value "FS_ERR_INTERNAL" because content of the new queue entry has not been written before the interrupt.
The later call to send_event causes afterwards a NMI_Interrupt because it tries to access the p_config of the operation, which is NULL in this case.
Can anyone from Nordic have a look at this issue?
Regards Adrian
