On Monday 30 May 2005 2:26 pm, Harald Welte wrote:
> On Mon, May 30, 2005 at 09:44:44PM +0200, Harald Welte wrote:
> > I think there is currently no protection/locking/refcounting going on.
> >
> > If a process issues an URB from userspace and starts to terminate before
> > the URB comes back, we run into the issue described above. This is
> > because the urb saves a pointer to "current" when it is posted to the
> > device, but there's no guarantee that this pointer is still valid
> > afterwards.
The logic closing an open usbfs file -- which is done before any task
exits with such an open file -- is supposed to block till all its URBs
complete. So the pointer to the task "should" be valid for as long as
any URB it's submitted is active.
There have been some changes in that code since last I looked at it.
One obvious change was switching to usb_kill_urb(), but there've been
others too.
> > I'm not familiar with the scheduler code to decide what fix
> > is the way to go. Is it sufficient to do {get,put}_task_struct() from
> > the usb code?
It's worth making that change in any case, to avoid such questions in
the future. And if it does any good, more power to the patch!
Not that it helps at all, but I've never really trusted the usbfs async
I/O code. "Real AIO" could be a lot more obviously correct. And smaller.
> mh. it appears like it's sighand which disappears, not the task itself.
> ...
Odd. Isn't that nulled only in __exit_sighand(), which gets called only
when the task itself is finally being freed?
- Dave
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]