Re: [BUG] cdev_put() race condition

[Greg KH]

On Wed, Dec 17, 2008 at 08:27:13PM +0100, Laurent Pinchart wrote:
> Hi Greg,
> 
> On Wednesday 17 December 2008, Greg KH wrote:
> > On Wed, Dec 17, 2008 at 02:37:33PM +0100, Hans Verkuil wrote:
> > > > Again, don't use cdev's reference counting for your own object
> > > > lifecycle, it is different and will cause problems, like you have found
> > > > out.
> > >
> > > Sigh. It has nothing to do with how v4l uses it. And to demonstrate this,
> > > here is how you reproduce it with the sg module (tested it with my USB
> > > harddisk).
> > >
> > > 1) apply this patch to char_dev.c:
> >
> > <snip>
> >
> > Ok, since I can't convince you that using a cdev for your reference
> > counting is incorrect, I'll have to go change the cdev code to prevent
> > you from doing this :(
> 
> Don't give up yet :-)
> 
> As v4l isn't the only kernel subsystem wrongly using cdev (Hans showed that sg 
> also suffered from race conditions), people seem not to understand cdev 
> properly.

I totally agree, it is not the most easily understood chunk of code.

> Maybe you should start by explaining what cdev has been designed to
> handle and how to use it in device drivers (such as sg or v4l) instead
> of telling us what not to do.

As I didn't create this code, but for some reason seem to maintain it,
I'll work on creating a document to do this.  But as the holidays are
rapidly approaching, it might be a while before I can get to it.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/