Re: Possible memory ordering bug in page reclaim?

From: Herbert Xu
Date: Sat Oct 15 2005 - 03:01:44 EST

Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> wrote:
>> > 1 2
>> > find_get_page();
>> > write to page write_lock(tree_lock);
>> > SetPageDirty(); if (page_count != 2
>> > put_page(); || PageDirty())
>> >
>> > Now I'm worried that 2 might see PageDirty *before* SetPageDirty in
>> page->flags
>> > 1, and page_count *after* put_page in 1.
> yup, now the question is wether PG_Dirty will be visible to CPU 2 before
> the page count is decremented right ? That depends on put_page, I
> suppose. If it's doing a simple atomic, there is an issue. But atomics
> with return has been so often abused as locks that they may have been
> implemented with a barrier... (On ppc64, it will do an eieio, thus I
> think it should be ok).

Yes atomic_add_negative should always be a barrier.

> There is also a problem the other way around. Write to page, then set
> page dirty... those writes may be visible to CPU 2 (that is the page
> content be dirty) before find_get_page even increased the page count,
> unless there is a barrier in there too.

find_get_page does a read_unlock_irq after the increment which also
serves as a barrier.

