[ofa-general] Race condition in core/sysfs.c (kernel panic) when unloading the driver
Jack Morgenstein
jackm at dev.mellanox.co.il
Mon Feb 23 23:07:09 PST 2009
On Monday 23 February 2009 20:31, Roland Dreier wrote:
> > I'm not sure that it does. This does not make sysfs access atomic wrt module unloading.
> > I think an app can still lose it's timeslice while inside the sysfs access, and module
> > unload can still occur while the app is waiting for a new time slice (although the code pages
> > will not be removed as yet -- see below).
>
> Not sure I follow... the low-level driver must handle requests until
> ib_unregister_device() returns, and with the change I proposed,
> ib_unregister_device() will not return until all sysfs files are gone
> (and no open file handles remain).
>
> > What about the patch I just submitted?
>
> I'd rather not add a superfluous mutex that adds complexity when a
> simpler solution is available.
You're right, your solution does work. I was just concerned that the unregister-sysfs calls
would simply prevent new accessors from seeing the files, but would return before the file reference count
reached zero (thus allowing low-level driver cleanup while current accessors were still in progress).
I checked, and this does not happen. As you mention in your answer, the unregister-sysfs calls do not
return while someone still has an open file handle on these files.
- Jack
More information about the general
mailing list