[PATCH] mtd: fix: avoid race condition when accessing mtd->usecount
Brian Norris
computersforpeace at gmail.com
Thu May 7 17:17:45 PDT 2015
On Thu, May 07, 2015 at 05:10:12PM -0700, Brian Norris wrote:
> On Tue, Apr 21, 2015 at 12:20:22PM +0200, Giuseppe Cantavenera wrote:
> > @@ -484,7 +486,7 @@ int del_mtd_blktrans_dev(struct mtd_blktrans_dev *old)
> > if (old->open) {
> > if (old->tr->release)
> > old->tr->release(old);
> > - __put_mtd_device(old->mtd);
> > + put_mtd_device(old->mtd);
>
> This looks wrong. See:
[...]
> deregister_mtd_blktrans()
> |_ mutex_lock(&mtd_table_mutex)
> |_ tr->remove_dev() -> inftl_remove_dev()
> |_ del_mtd_blktrans_dev()
> |_ put_mtd_device()
> |_ mutex_lock(&mtd_table_mutex) <--- AA deadlock
What's more, this code in del_mtd_blktrans_dev() makes it obvious that
this hunk is wrong:
int del_mtd_blktrans_dev(struct mtd_blktrans_dev *old)
{
unsigned long flags;
if (mutex_trylock(&mtd_table_mutex)) {
mutex_unlock(&mtd_table_mutex);
BUG();
}
...
So rather than a comment, the code is showing that it's a BUG() to not
be holding mtd_table_mutex already.
Brian
More information about the linux-mtd
mailing list