SMP Race in brelse

From: Daniel Phillips (phillips@innominate.de)
Date: Fri Feb 02 2001 - 09:19:34 EST

Next message: Tigran Aivazian: "Re: SMP Race in brelse"
Previous message: Hans Reiser: "Re: ReiserFS Oops (2.4.1, deterministic, symlink"
Next in thread: Tigran Aivazian: "Re: SMP Race in brelse"
Reply: Tigran Aivazian: "Re: SMP Race in brelse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is a rare SMP race in brelse:

1138 void __brelse(struct buffer_head * buf)
1139 {
1140 if (atomic_read(&buf->b_count)) {
1141 atomic_dec(&buf->b_count);
1142 return;
1143 }
1144 printk("VFS: brelse: Trying to free free buffer\n");
1145 }

cpu1 cpu2

Starting with buf->b_count = 1, if we have:

   if (atomic_read(&buf->b_count))
                                         if (atomic_read(&buf->b_count))
       atomic_dec(&buf->b_count);
                                              atomic_dec(&buf->b_count);

buf->b_count is now 0, but it should be -1, we fail to to report
an erroneous extra brelse.

-- 
Daniel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tigran Aivazian: "Re: SMP Race in brelse"
Previous message: Hans Reiser: "Re: ReiserFS Oops (2.4.1, deterministic, symlink"
Next in thread: Tigran Aivazian: "Re: SMP Race in brelse"
Reply: Tigran Aivazian: "Re: SMP Race in brelse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 07 2001 - 21:00:15 EST