On Sun, May 28, 2017 at 07:16:55PM +0200, Hans de Goede wrote:
Since commit a39be606f99d ("drm: Do a full device unregister when unplugging") drm_unplug_dev has been calling drm_dev_unregister followed by a drm_put_dev when open_count reaches 0. This drm_put_dev calls drm_dev_unregister again. Since drm_dev_unregister is not protected against being called multiple times this leads to havoc.
This commit fixes this by calling drm_dev_unref instead of drm_put_dev.
Fixes: a39be606f99d ("drm: Do a full device unregister when unplugging") Cc: Chris Wilson chris@chris-wilson.co.uk Cc: Marco Diego Aurélio Mesquita marcodiegomesquita@gmail.com Reported-by: Marco Diego Aurélio Mesquita marcodiegomesquita@gmail.com Signed-off-by: Hans de Goede hdegoede@redhat.com
Note I don't have any USB display devices at hand for testing atm so this patch has only been compile tested.
Not tested it either, but yes we do end up calling drm_device_unregister() twice and indeed that looks bad.
This morning I was thinking about kselftests to simulate the different conditions and avoid us having to get our hands dirty with real hw. It also reminded me of https://patchwork.kernel.org/patch/9678823/ which has the tantalising prospect of removing drm_unplug_dev() entirely.
Another benefit is the removal of one more call to drm_put_dev() which has been deprecated for a while.
The patch definitely fixes a bug at first glance, but I wonder if it is really telling me that the call to drm_device_unregister() here is the fundamental issue. But I am short of actual answers. -Chris