Re: [PATCH] cachefiles: fix multiple-put race.

From: David Howells
Date: Wed Jul 04 2018 - 05:15:06 EST

Next message: Tomer Maimon: "[PATCH v1 0/2] misc: Add NPCM7xx LPC BPC driver support"
Previous message: Vitaly Kuznetsov: "Re: [PATCH 1/1] X86/Hyper-V:: Fix the circular dependency in IPI enlightenment."
In reply to: NeilBrown: "[PATCH] cachefiles: fix multiple-put race."
Next in thread: David Howells: "[PATCH] cachefiles: Fix assertion "6 == 5 is false" at fs/fscache/operation.c:494"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

NeilBrown <neilb@xxxxxxxx> wrote:

> + fscache_enqueue_retrieval(monitor->op);
> +
> spin_lock(&object->work_lock);
> list_add_tail(&monitor->op_link, &monitor->op->to_do);
> spin_unlock(&object->work_lock);
>
> - fscache_enqueue_retrieval(monitor->op);

That won't necessarily work because the work processor can then happen before
you've added the work to the to_do list.

I'm thinking that KiranKumar's solution might be the best one.

The problem is that cachefiles_read_waiter() doesn't have a ref on the monitor
object but is entirely dependent on the waitqueue lock for safety. I think
KiranKumar's patch is correct to take a ref before doing the queuing. It
might be possible to then pass this along to the work processor, but that
might be too fiddly.

Actually, I want to get rid of the page monitoring stuff entirely as it's
quite fragile and use an iterator and direct-IO instead, but we have to fix
this for now.

David

Next message: Tomer Maimon: "[PATCH v1 0/2] misc: Add NPCM7xx LPC BPC driver support"
Previous message: Vitaly Kuznetsov: "Re: [PATCH 1/1] X86/Hyper-V:: Fix the circular dependency in IPI enlightenment."
In reply to: NeilBrown: "[PATCH] cachefiles: fix multiple-put race."
Next in thread: David Howells: "[PATCH] cachefiles: Fix assertion "6 == 5 is false" at fs/fscache/operation.c:494"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]