From: Eric Biggers <ebiggers@kernel.org>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: "Tobin C. Harding" <me@tobin.cc>, linux-fsdevel@vger.kernel.org
Subject: Re: dcache locking question
Date: Fri, 15 Mar 2019 10:38:23 -0700 [thread overview]
Message-ID: <20190315173819.GB77949@gmail.com> (raw)
In-Reply-To: <20190315015021.GU2217@ZenIV.linux.org.uk>
On Fri, Mar 15, 2019 at 01:50:21AM +0000, Al Viro wrote:
>
> If it fails, we call __lock_parent(). Which
> * grabs RCU lock
> * drops ->d_lock (now we are not holding ->d_lock
> on anything).
> * fetches ->d_parent. Note the READ_ONCE() there -
> it's *NOT* stable (no ->d_lock held). We can't expect
> that ->d_parent won't change or that the reference it used
> to contribute to parent's refcount is there anymore; as
> the matter of fact, the only thing that prevents outright
> _freeing_ of the object 'parent' points to is rcu_read_lock()
> and RCU delay between dropping the last reference and
> actual freeing of the sucker. rcu_read_lock() is there,
> though, which makes it safe to grab ->d_lock on 'parent'.
>
> That 'parent' might very well have nothing to do with our
> dentry by now. We can check if it's equal to its
> ->d_parent, though. dentry->d_parent is *NOT* stable
> at that point. It might be changing right now.
>
> However, the first store to dentry->d_parent making it
> not equal to parent would have been done under parent->d_lock.
> And since we are holding parent->d_lock, we won't miss that
> store. We might miss subsequent ones, but if we observe
> dentry->d_parent == parent, we know that it's stable. And
> if we see dentry->d_parent != parent, we know that dentry
> has moved around and we need to retry anyway.
Why isn't it necessary to use READ_ONCE(dentry->d_parent) here?
if (unlikely(parent != dentry->d_parent)) {
Suppose 'parent' is 0xAAAABBBB, and 'dentry->d_parent' is 0xAAAAAAAA and is
concurrently changed to 0xBBBBBBBB.
d_parent could be read in two parts, 0xAAAA then 0xBBBB, resulting in it
appearing that d_parent == 0xAAAABBBB == parent.
Yes it won't really be compiled as that in practice, but I thought the point of
READ_ONCE() is to *guarantee* it's really done right...
- Eric
next prev parent reply other threads:[~2019-03-15 17:38 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-14 22:56 dcache locking question Tobin C. Harding
2019-03-14 23:09 ` Matthew Wilcox
2019-03-15 1:38 ` Tobin C. Harding
2019-03-14 23:19 ` Tobin C. Harding
2019-03-15 1:50 ` Al Viro
2019-03-15 17:38 ` Eric Biggers [this message]
2019-03-15 18:54 ` Al Viro
2019-03-16 22:31 ` Paul E. McKenney
2019-03-17 0:18 ` Al Viro
2019-03-17 0:50 ` Paul E. McKenney
2019-03-17 2:20 ` James Bottomley
2019-03-17 3:06 ` Al Viro
2019-03-17 4:23 ` James Bottomley
2019-03-18 0:35 ` Paul E. McKenney
2019-03-18 16:26 ` James Bottomley
2019-03-18 17:11 ` Paul E. McKenney
2019-03-19 15:45 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190315173819.GB77949@gmail.com \
--to=ebiggers@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=me@tobin.cc \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).