[PATCH] Do not access buffers after dropping reference count

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] Do not access buffers after dropping reference count
@ 2008-07-22  2:16 Lachlan McIlroy
  2008-07-22  2:24 ` Dave Chinner
  0 siblings, 1 reply; 3+ messages in thread
From: Lachlan McIlroy @ 2008-07-22  2:16 UTC (permalink / raw)
  To: xfs-dev, xfs-oss

We should not access a buffer after dropping it's reference count otherwise
we could race with another thread that releases the final reference count
and frees the buffer causing us to access potentially unmapped memory.

Lachlan

--- fs/xfs/linux-2.6/xfs_buf.c_1.257	2008-07-16 17:38:00.000000000 +1000
+++ fs/xfs/linux-2.6/xfs_buf.c	2008-07-22 12:05:50.000000000 +1000
@@ -839,6 +839,7 @@ xfs_buf_rele(
 		return;
 	}
 
+	ASSERT(atomic_read(&bp->b_hold) > 0);
 	if (atomic_dec_and_lock(&bp->b_hold, &hash->bh_lock)) {
 		if (bp->b_relse) {
 			atomic_inc(&bp->b_hold);
@@ -852,11 +853,6 @@ xfs_buf_rele(
 			spin_unlock(&hash->bh_lock);
 			xfs_buf_free(bp);
 		}
-	} else {
-		/*
-		 * Catch reference count leaks
-		 */
-		ASSERT(atomic_read(&bp->b_hold) >= 0);
 	}
 }
 

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] Do not access buffers after dropping reference count
  2008-07-22  2:16 [PATCH] Do not access buffers after dropping reference count Lachlan McIlroy
@ 2008-07-22  2:24 ` Dave Chinner
  2008-07-22  2:55   ` Lachlan McIlroy
  0 siblings, 1 reply; 3+ messages in thread
From: Dave Chinner @ 2008-07-22  2:24 UTC (permalink / raw)
  To: Lachlan McIlroy; +Cc: xfs-dev, xfs-oss

On Tue, Jul 22, 2008 at 12:16:45PM +1000, Lachlan McIlroy wrote:
> We should not access a buffer after dropping it's reference count otherwise
> we could race with another thread that releases the final reference count
> and frees the buffer causing us to access potentially unmapped memory.

Looks OK. The commit message should point out this is a problem
only for DEBUG kernels, though.

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] Do not access buffers after dropping reference count
  2008-07-22  2:24 ` Dave Chinner
@ 2008-07-22  2:55   ` Lachlan McIlroy
  0 siblings, 0 replies; 3+ messages in thread
From: Lachlan McIlroy @ 2008-07-22  2:55 UTC (permalink / raw)
  To: Lachlan McIlroy, xfs-dev, xfs-oss

Dave Chinner wrote:
> On Tue, Jul 22, 2008 at 12:16:45PM +1000, Lachlan McIlroy wrote:
>> We should not access a buffer after dropping it's reference count otherwise
>> we could race with another thread that releases the final reference count
>> and frees the buffer causing us to access potentially unmapped memory.
> 
> Looks OK. The commit message should point out this is a problem
> only for DEBUG kernels, though.

Okay, will do.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2008-07-22  2:49 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-07-22  2:16 [PATCH] Do not access buffers after dropping reference count Lachlan McIlroy
2008-07-22  2:24 ` Dave Chinner
2008-07-22  2:55   ` Lachlan McIlroy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.