4 May
2024
4 May
'24
3:53 p.m.
On Sat, 4 May 2024 at 08:40, Linus Torvalds torvalds@linux-foundation.org wrote:
And maybe it's even *only* dma-buf that does that fget() in its ->poll() function. Even *then* it's not a dma-buf.c bug.
They all do in the sense that they do
poll_wait -> __pollwait -> get_file (*boom*)
but the boom is very small because the poll_wait() will be undone by poll_freewait(), and normally poll/select has held the file count elevated.
Except for epoll. Which leaves those pollwait entries around until it's done - but again will be held up on the ep->mtx before it does so.
So everybody does some f_count games, but possibly dma-buf is the only one that ends up expecting to hold on to the f_count for longer periods.
Linus