[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1185453451.6585.174.camel@localhost>
Date: Thu, 26 Jul 2007 08:37:31 -0400
From: Trond Myklebust <trond.myklebust@....uio.no>
To: Arnd Bergmann <arnd@...db.de>
Cc: Christian Krafft <krafft@...ibm.com>, linux-kernel@...r.kernel.org
Subject: Re: [patch] nfs: fix locking in nfs/inode.c in
nfs_free_open_context
On Thu, 2007-07-26 at 13:23 +0200, Arnd Bergmann wrote:
> On Wednesday 25 July 2007, Trond Myklebust wrote:
> >
> > On Wed, 2007-07-25 at 17:08 +0200, Christian Krafft wrote:
> >
> > > Obviously the locking code in nfs_free_open_context is wrong.
> > > Checking the list for entries and removing the entry should be an atomic operation.
> >
> > Wrong. It is quite safe to test the structure member ctx->list for
> > emptiness outside the spinlock because we have an explicit guarantee
> > that nobody else has a reference to this structure, plus the
> > atomic_dec_and_test() in kref_put() has acted as a memory barrier for
> > us.
>
> Well, the real question then is how the ctx can still be present in the
> nfsi->open_files list. Since we are in nfs_free_open_context(), there
> must not be any pointer to the ctx anywhere, but still we have this other
> thread calling get_nfs_open_context() on it.
Yup. That is definitely a bug. I wish we had a 'kref_put_and_lock' to
deal with these situations where you want to grab a lock atomically with
the last put. It would make krefs a lot more useful...
Trond
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists