Re: pci_walk_bus race condition

From: Andrew Morton
Date: Fri Jun 02 2006 - 01:19:48 EST

Next message: Chuck Ebbert: "Re: IRQ sharing: BUG: spinlock lockup on CPU#0"
Previous message: Akiyama, Nobuyuki: "Re: [Fastboot] [RFC][PATCH] Add missing notifier before crashing"
In reply to: Andrew Morton: "Re: pci_walk_bus race condition"
Next in thread: Zhang, Yanmin: "Re: pci_walk_bus race condition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 1 Jun 2006 22:11:41 -0700
Andrew Morton <akpm@xxxxxxxx> wrote:

> On Fri, 02 Jun 2006 12:35:43 +0800
> "Zhang, Yanmin" <yanmin_zhang@xxxxxxxxxxxxxxx> wrote:
>
> > pci_walk_bus has a race with pci_destroy_dev. When cb is called
> > in pci_walk_bus, pci_destroy_dev might unlink the dev pointed by next.
> > Later on in the next loop, pointer next becomes NULL and cause
> > kernel panic.
> >
> > Below patch against 2.6.17-rc4 fixes it by changing pci_bus_lock (spin_lock)
> > to pci_bus_sem (rw_semaphore).
>
> How does s/spinlock/rwsem/ fix a race??

oic. "and hold the lock across the callback".

Is the ranking of pci_bus_sem and dev->dev.sem correct+consistent? It
looks OK.

It might be worth making a not that the callback function cannot call any
PCI layer function which takes pci_bus_sem - that'll casue a recursive
down_read(), which is a nasty source of rare deadlocks.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chuck Ebbert: "Re: IRQ sharing: BUG: spinlock lockup on CPU#0"
Previous message: Akiyama, Nobuyuki: "Re: [Fastboot] [RFC][PATCH] Add missing notifier before crashing"
In reply to: Andrew Morton: "Re: pci_walk_bus race condition"
Next in thread: Zhang, Yanmin: "Re: pci_walk_bus race condition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]