On Fri, Mar 21, 2025 at 03:19:10PM +0100, Kirill A. Korinsky wrote:
> On Fri, 21 Mar 2025 12:11:33 +0100,
> Martin Pieuchot <mpi@grenadille.net> wrote:
> > 
> > ok with me for both diffs.  Thanks for your work!
> > 
> > The only remaining issue I can spot is that there's a race in the video(4)'s
> > close path which can lead to a double close, but this can be addressed later.
> >
> 
> Thanks, both diff are commited.
> 
> Do you mean something like this as fix of double close?
> 
> Index: sys/dev/video.c
> ===================================================================
> RCS file: /home/cvs/src/sys/dev/video.c,v
> diff -u -p -r1.60 video.c
> --- sys/dev/video.c	21 Mar 2025 13:27:37 -0000	1.60
> +++ sys/dev/video.c	21 Mar 2025 14:17:28 -0000
> @@ -181,9 +181,16 @@ videoclose(dev_t dev, int flags, int fmt
>  	if (sc == NULL)
>  		return (ENXIO);
>  
> -	error = video_stop(sc);
> +	if (!sc->sc_open) {
> +		error = ENXIO;
> +		goto done;
> +	}
> +
>  	sc->sc_open = 0;
>  
> +	error = video_stop(sc);
> +
> +done:
>  	device_unref(&sc->dev);
>  	return (error);
>  }
> 

Concurrent videoopen() could be called during possible context switch
provided by sc->hw_if->close(). At least uvideo_vs_close() has such
points.