diff mbox

[RFC,07/30,media] radio-cadet: avoid interruptible_sleep_on race

Message ID 1388664474-1710039-8-git-send-email-arnd@arndb.de (mailing list archive)
State New, archived
Headers show

Commit Message

Arnd Bergmann Jan. 2, 2014, 12:07 p.m. UTC
interruptible_sleep_on is racy and going away. This replaces
one use in the radio-cadet driver with an open-coded
wait loop that lets us check the condition under the mutex
but sleep without it.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: Hans Verkuil <hverkuil@xs4all.nl>
Cc: Mauro Carvalho Chehab <m.chehab@samsung.com>
Cc: linux-media@vger.kernel.org
---
 drivers/media/radio/radio-cadet.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Comments

Hans Verkuil Jan. 17, 2014, 10:47 a.m. UTC | #1
Hi Arnd!

On 01/02/2014 01:07 PM, Arnd Bergmann wrote:
> interruptible_sleep_on is racy and going away. This replaces
> one use in the radio-cadet driver with an open-coded
> wait loop that lets us check the condition under the mutex
> but sleep without it.
> 
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> Cc: Hans Verkuil <hverkuil@xs4all.nl>
> Cc: Mauro Carvalho Chehab <m.chehab@samsung.com>
> Cc: linux-media@vger.kernel.org
> ---
>  drivers/media/radio/radio-cadet.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/media/radio/radio-cadet.c b/drivers/media/radio/radio-cadet.c
> index 545c04c..67b5bbf 100644
> --- a/drivers/media/radio/radio-cadet.c
> +++ b/drivers/media/radio/radio-cadet.c
> @@ -39,6 +39,7 @@
>  #include <linux/pnp.h>
>  #include <linux/sched.h>
>  #include <linux/io.h>		/* outb, outb_p			*/
> +#include <linux/wait.h>
>  #include <media/v4l2-device.h>
>  #include <media/v4l2-ioctl.h>
>  #include <media/v4l2-ctrls.h>
> @@ -323,25 +324,32 @@ static ssize_t cadet_read(struct file *file, char __user *data, size_t count, lo
>  	struct cadet *dev = video_drvdata(file);
>  	unsigned char readbuf[RDS_BUFFER];
>  	int i = 0;
> +	DEFINE_WAIT(wait);
>  
>  	mutex_lock(&dev->lock);
>  	if (dev->rdsstat == 0)
>  		cadet_start_rds(dev);
> -	if (dev->rdsin == dev->rdsout) {
> +	while (1) {
> +		prepare_to_wait(&dev->read_queue, &wait, TASK_INTERRUPTIBLE);
> +		if (dev->rdsin != dev->rdsout)
> +			break;
> +
>  		if (file->f_flags & O_NONBLOCK) {
>  			i = -EWOULDBLOCK;
>  			goto unlock;
>  		}
>  		mutex_unlock(&dev->lock);
> -		interruptible_sleep_on(&dev->read_queue);
> +		schedule();
>  		mutex_lock(&dev->lock);
>  	}
> +

This seems overly complicated. Isn't it enough to replace interruptible_sleep_on
by 'wait_event_interruptible(&dev->read_queue, dev->rdsin != dev->rdsout);'?

Or am I missing something subtle?

Regards,

	Hans

>  	while (i < count && dev->rdsin != dev->rdsout)
>  		readbuf[i++] = dev->rdsbuf[dev->rdsout++];
>  
>  	if (i && copy_to_user(data, readbuf, i))
>  		i = -EFAULT;
>  unlock:
> +	finish_wait(&dev->read_queue, &wait);
>  	mutex_unlock(&dev->lock);
>  	return i;
>  }
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Arnd Bergmann Jan. 17, 2014, 2:28 p.m. UTC | #2
On Friday 17 January 2014, Hans Verkuil wrote:
> > @@ -323,25 +324,32 @@ static ssize_t cadet_read(struct file *file, char __user *data, size_t count, lo
> >       struct cadet *dev = video_drvdata(file);
> >       unsigned char readbuf[RDS_BUFFER];
> >       int i = 0;
> > +     DEFINE_WAIT(wait);
> >  
> >       mutex_lock(&dev->lock);
> >       if (dev->rdsstat == 0)
> >               cadet_start_rds(dev);
> > -     if (dev->rdsin == dev->rdsout) {
> > +     while (1) {
> > +             prepare_to_wait(&dev->read_queue, &wait, TASK_INTERRUPTIBLE);
> > +             if (dev->rdsin != dev->rdsout)
> > +                     break;
> > +
> >               if (file->f_flags & O_NONBLOCK) {
> >                       i = -EWOULDBLOCK;
> >                       goto unlock;
> >               }
> >               mutex_unlock(&dev->lock);
> > -             interruptible_sleep_on(&dev->read_queue);
> > +             schedule();
> >               mutex_lock(&dev->lock);
> >       }
> > +
> 
> This seems overly complicated. Isn't it enough to replace interruptible_sleep_on
> by 'wait_event_interruptible(&dev->read_queue, dev->rdsin != dev->rdsout);'?
> 
> Or am I missing something subtle?

The existing code sleeps with &dev->lock released because the cadet_handler()
function needs to grab (and release) the same lock before it can wake up
the reader thread.

Doing the simple wait_event_interruptible() would result in a deadlock here.

	Arnd
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/drivers/media/radio/radio-cadet.c b/drivers/media/radio/radio-cadet.c
index 545c04c..67b5bbf 100644
--- a/drivers/media/radio/radio-cadet.c
+++ b/drivers/media/radio/radio-cadet.c
@@ -39,6 +39,7 @@ 
 #include <linux/pnp.h>
 #include <linux/sched.h>
 #include <linux/io.h>		/* outb, outb_p			*/
+#include <linux/wait.h>
 #include <media/v4l2-device.h>
 #include <media/v4l2-ioctl.h>
 #include <media/v4l2-ctrls.h>
@@ -323,25 +324,32 @@  static ssize_t cadet_read(struct file *file, char __user *data, size_t count, lo
 	struct cadet *dev = video_drvdata(file);
 	unsigned char readbuf[RDS_BUFFER];
 	int i = 0;
+	DEFINE_WAIT(wait);
 
 	mutex_lock(&dev->lock);
 	if (dev->rdsstat == 0)
 		cadet_start_rds(dev);
-	if (dev->rdsin == dev->rdsout) {
+	while (1) {
+		prepare_to_wait(&dev->read_queue, &wait, TASK_INTERRUPTIBLE);
+		if (dev->rdsin != dev->rdsout)
+			break;
+
 		if (file->f_flags & O_NONBLOCK) {
 			i = -EWOULDBLOCK;
 			goto unlock;
 		}
 		mutex_unlock(&dev->lock);
-		interruptible_sleep_on(&dev->read_queue);
+		schedule();
 		mutex_lock(&dev->lock);
 	}
+
 	while (i < count && dev->rdsin != dev->rdsout)
 		readbuf[i++] = dev->rdsbuf[dev->rdsout++];
 
 	if (i && copy_to_user(data, readbuf, i))
 		i = -EFAULT;
 unlock:
+	finish_wait(&dev->read_queue, &wait);
 	mutex_unlock(&dev->lock);
 	return i;
 }