[Linux-cachefs] [PATCH 2/4] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read
Andrea Parri
andrea.parri at amarulasolutions.com
Wed Oct 17 15:11:34 UTC 2018
Hi David,
On Wed, Oct 17, 2018 at 03:23:38PM +0100, David Howells wrote:
> From: kiran.modukuri <kiran.modukuri at gmail.com>
>
> The code in fscache_retrieval_complete is using atomic_sub followed by an
> atomic_read:
>
> atomic_sub(n_pages, &op->n_pages);
> if (atomic_read(&op->n_pages) <= 0)
> fscache_op_complete(&op->op, true);
>
> This causes two threads doing a decrement of n_pages to race with each
> other seeing the op->refcount 0 at same time - and they end up calling
> fscache_op_complete() in both the threads leading to an assertion failure.
>
> Fix this by using atomic_sub_return() instead of two calls.
Seems a case for atomic_sub_return_relaxed()... why not?
Andrea
More information about the Linux-cachefs
mailing list