From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: [PATCH RESEND] vfs: Fix missed wakeup in I_NEW handling Date: Thu, 8 Mar 2012 03:19:16 +0000 Message-ID: <20120308031916.GU23916@ZenIV.linux.org.uk> References: <1331139940-32534-1-git-send-email-jack@suse.cz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-fsdevel@vger.kernel.org, Dave Chinner To: Jan Kara Return-path: Received: from zeniv.linux.org.uk ([195.92.253.2]:58703 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754642Ab2CHDTS (ORCPT ); Wed, 7 Mar 2012 22:19:18 -0500 Content-Disposition: inline In-Reply-To: <1331139940-32534-1-git-send-email-jack@suse.cz> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Wed, Mar 07, 2012 at 06:05:40PM +0100, Jan Kara wrote: > Commit 250df6ed removed wake_up_inode() (in particular a memory barrier before > wake_up_bit()) on the basis that i_state transitions are protected by i_lock. > That would be fine if all the readers of i_state were using i_lock as well. But > wait_on_inode() doesn't use i_lock and thus the following can happen due to > reordering: > > CPU 1 CPU 2 > unlock_new_inode() > spin_lock(&inode->i_lock); > wake_up_bit(&inode->i_state, __I_NEW); > wait_on_inode() > wait_on_bit(&inode->i_state, __I_NEW); > inode->i_state &= ~I_NEW; > ^^^ this store was reordered > spin_unlock(&inode->i_lock); > > And waiter on CPU2 sleeps forever (or for a really long time). > > We fix the issue by using i_lock in wait_on_inode() in the spirit of commit > 250df6ed. Applied (along with a bunch of other stuff; will push to Linus tomorrow)