Re: [PATCH RFC] sysfs: fix the race of "parent deleted before child added"

[Tejun Heo]

(cc'ing Dan)

Hello, Jianyu, Dan.

On Fri, Aug 01, 2014 at 10:31:00PM +0800, Jianyu Zhan wrote:
> The problem I met is in an old kernel, in sysfs_create_dir(),  at thie line:

Which old kernel?

>    sysfs_create_dir()
>        if (kobj->parent)
>             parent = kobj->parent->sd;
> 
> I found kobj->parent is valid, so parent == kobj->parent->sd,
> then it is passed into create_dir() function, in which it is dereferenced,
> however  the parent passed in is NULL, so a panic.

Which node?

> Apprently, there is a race, as my case is a test of fast removal and plugging
> of a block device.
> 
> The race is that the kerfs_node(was sysfs_dirent) is disassociated with
> parent kobject, but parent kobject is still alive, so we saw it.

What is the race condition?  You're just describing symptoms.

> And the commit 3a198886 ("sysfs: handle 'parent deleted before child added'")
> add a parent NULLness check before calling into create_dir(),  but I think this
> isn't the real fix, it just narrow down the racy window.

Suspicions aren't good enough justifications.  If you think there's a
race window, please track it down and then determine what the proper
fix is.  You're now trying to change the basic objection lifetime
rules of the driver model without root causing what's actually going
on.  Please don't do things like this.

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/