The alloc_commit callback makes the uobj visible to other threads, and it does so using a 'move' semantic of the uobj kref on the stack into the public storage (eg the IDR, uobject list and file_private_data) Once this is done another thread could start up and trigger deletion of the kref. Fortunately cleanup_rwsem happens to prevent this from being a bug, but that is a fantastically unclear side effect. Re-organize things so that alloc_commit is that last thing to touch the uobj, get rid of the sneaky implicit dependency on cleanup_rwsem, and add a comment reminding that uobj is no longer kref'd after alloc_commit. Signed-off-by: Jason Gunthorpe <jgg@mellanox.com> |
||
---|---|---|
.. | ||
core | ||
hw | ||
sw | ||
ulp | ||
Kconfig | ||
Makefile |