MOD_INC_USE_COUNT

Regis Duchesne (regis@via.ecp.fr)
Mon, 10 Nov 1997 11:54:24 +0100 (CET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike Jagdis: "Re: Cyrix patch : Proposal?"
Previous message: Regis Duchesne: "Super block locking"
Next in thread: Andreas Schwab: "Re: MOD_INC_USE_COUNT"
Reply: Andreas Schwab: "Re: MOD_INC_USE_COUNT"
Maybe reply: Bill Hawes: "Re: MOD_INC_USE_COUNT"
Maybe reply: Bill Hawes: "Re: MOD_INC_USE_COUNT"
Maybe reply: Neilski: "Re: MOD_INC_USE_COUNT"

I don't quite understand the interest of MOD_INC_USE_COUNT.

Imagine the following situation

- In a typical fs source code we have :

... read_super(...) {
MOD_INC_USE_COUNT;
...
}

- The module is loaded by kerneld into memory
- read_super() is called so MOD_INC_USE_COUNT is called
_but_ MOD_INC_USE_COUNT is not atomic (look in
/usr/include/module.h, there is a pointer dereference before the
increment)
During this non-atomic operation, before the increment occurs, we
have a context switch (is this possible when we are in kernel code?)
- kerneld see that the refcount of the module is 0 and removes it from
memory

After that, the execution will continue in the function which has been
removed from memory :( This is a race condition (of course it doesn't
happen because kerneld waits for 1 minute, but this delay can be reduced).
Where am I wrong?

Regis "HPReg" Duchesne - Engineering Student at ***** ******** *****
www http://www.via.ecp.fr/~regis/
(O o) I use Linux & 3Com (1135 KB/s over 10Mb/s ethernet)
--.oOO--(_)--OOo.-----------------------------------------------------------

Next message: Mike Jagdis: "Re: Cyrix patch : Proposal?"
Previous message: Regis Duchesne: "Super block locking"
Next in thread: Andreas Schwab: "Re: MOD_INC_USE_COUNT"
Reply: Andreas Schwab: "Re: MOD_INC_USE_COUNT"
Maybe reply: Bill Hawes: "Re: MOD_INC_USE_COUNT"
Maybe reply: Bill Hawes: "Re: MOD_INC_USE_COUNT"
Maybe reply: Neilski: "Re: MOD_INC_USE_COUNT"