On Thu, Jun 15, 2023 at 01:57:37PM +0900, Damien Le Moal wrote: > > No. scsi_device_get just increments a reference count, and thus > > prevents ->release from beeing called. ->remove is not in any way > > affected by the refcount. > > What ->remove cb are you talking about ? The gendev one ? The one for the device locked. > I am trying to understand why the use of device_lock() helps in any way given > that this is not used by any other functions in scsi. And given that The device model locks the device before calling ->remove. > scsi_rescan_device() should always be called with a ref on the scsi device (and > so on the gendev as well) held, why would this function be racy with device remove ? Because ->remove ould otherwise be called at the same time as ->rescan. > Note that I did find a couple of places where scsi_rescan_device() seems to not > be called with a reference to the scsi dev held, e.g. store_rescan_field() and > store_state_field(). You need both a valid reference and ensure ->remove is not called at the same time.
