Re: [PATCH 2/4] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read

From: Andrea Parri
Date: Wed Oct 17 2018 - 11:11:47 EST

Next message: Pavel Tatashin: "Re: [mm PATCH v3 1/6] mm: Use mm_zero_struct_page from SPARC on all 64b architectures"
Previous message: Mathieu Desnoyers: "Re: [RFC PATCH for 4.21 06/16] cpu_opv: Provide cpu_opv system call (v8)"
In reply to: David Howells: "[PATCH 2/4] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read"
Next in thread: David Howells: "Re: [PATCH 2/4] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi David,

On Wed, Oct 17, 2018 at 03:23:38PM +0100, David Howells wrote:
> From: kiran.modukuri <kiran.modukuri@xxxxxxxxx>
>
> The code in fscache_retrieval_complete is using atomic_sub followed by an
> atomic_read:
>
> atomic_sub(n_pages, &op->n_pages);
> if (atomic_read(&op->n_pages) <= 0)
> fscache_op_complete(&op->op, true);
>
> This causes two threads doing a decrement of n_pages to race with each
> other seeing the op->refcount 0 at same time - and they end up calling
> fscache_op_complete() in both the threads leading to an assertion failure.
>
> Fix this by using atomic_sub_return() instead of two calls.

Seems a case for atomic_sub_return_relaxed()... why not?

Andrea

Next message: Pavel Tatashin: "Re: [mm PATCH v3 1/6] mm: Use mm_zero_struct_page from SPARC on all 64b architectures"
Previous message: Mathieu Desnoyers: "Re: [RFC PATCH for 4.21 06/16] cpu_opv: Provide cpu_opv system call (v8)"
In reply to: David Howells: "[PATCH 2/4] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read"
Next in thread: David Howells: "Re: [PATCH 2/4] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]