On Mon, Jun 23, 2003 at 08:39:33PM +0300, Tuukka Toivonen wrote: > Can usb_disconnect() and usb_probe() functions of a driver pre-empt the > driver in other parts? I mean, that if user has just called my open() > function in the driver, could usb_disconnect() happen before the system > call returns?
Yes.
> If usb_disconnect() can happen while already executing in open(), and if
> the former frees the data structures used by the driver, then the latter
> call might continue working with already freed memory region which could
> lead to catastrophe.
Yes.
> So I guess it is not possible, but I'd like to have a confirmation. Also
> if somebody would care to explain a little why it isn't possible, would be
> nice.
It is possible.
The 'fix' is to make disconnect() not free your data structures until you
are done with them. You can do this with refcounts, or by making
disconnect() block on a semaphore or spinlock until you're done.
Matt
--
Matthew Dharm Home: [EMAIL PROTECTED]
Maintainer, Linux USB Mass Storage Driver
DP: And judging from the scores, Stef has the sma...
T: LET'S NOT GO THERE!
-- Dust Puppy and Tanya
User Friendly, 12/11/1997
pgp00000.pgp
Description: PGP signature
