On Wed, 26 Dec 2007, Al Viro wrote:
> Erm... Let me spell it out: current lifetime rules are completely broken.
> As it is, create/destroy/create cache sequence will do kobject_put() on
> kfree'd object. Even without people playing with holding sysfs files
> open or doing IO on those.
Urgh. Help! Isnt there some sanity with sysfs?
> a) you have kobject embedded into struct with the lifetime rules of its
> own. When its refcount hits zero you kfree() the sucker, even if you
> still have references to embedded kobject.
So alloate it separately?
> b) your symlinks stick around. Even when cache is long gone you still
> have a sysfs symlink with its embedded kobject as a target. They are
> eventually removed when cache with the same name gets created. _Then_
> you get the target kobject dropped - when the memory it used to be in
> had been freed for hell knows how long and reused by something that would
> not appreciate slub.c code suddenly deciding to decrement some word in
> that memory.
Hmmmm.. That would also be addressed by a having a separately allocated
kobject?
> c) you leak references to these kobject; kobject_del() only removes it
> from the tree undoing the effect of kobject_add() and you still need
> kobject_put() to deal with the last reference.
Patches would be appreciated.... Had a hard time to get the sysfs support
to work right.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
