From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jens Axboe Subject: Re: [PATCH v3] loop: Limit the number of requests in the bio list Date: Wed, 14 Nov 2012 08:21:41 -0700 Message-ID: <50A3B705.7050008@kernel.dk> References: <1352824065-6734-1-git-send-email-lczerner@redhat.com> <50A27892.1030800@kernel.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, jmoyer@redhat.com, akpm@linux-foundation.org To: =?windows-1252?Q?Luk=E1=9A_Czerner?= Return-path: In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On 2012-11-14 02:02, Luk=E1=9A Czerner wrote: > On Tue, 13 Nov 2012, Jens Axboe wrote: >=20 >> Date: Tue, 13 Nov 2012 09:42:58 -0700 >> From: Jens Axboe >> To: Lukas Czerner >> Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, >> jmoyer@redhat.com, akpm@linux-foundation.org >> Subject: Re: [PATCH v3] loop: Limit the number of requests in the bi= o list >> >>> @@ -489,6 +491,12 @@ static void loop_make_request(struct request_q= ueue *q, struct bio *old_bio) >>> goto out; >>> if (unlikely(rw =3D=3D WRITE && (lo->lo_flags & LO_FLAGS_READ_ONL= Y))) >>> goto out; >>> + if (lo->lo_bio_count >=3D q->nr_congestion_on) { >>> + spin_unlock_irq(&lo->lo_lock); >>> + wait_event(lo->lo_req_wait, lo->lo_bio_count < >>> + q->nr_congestion_off); >>> + spin_lock_irq(&lo->lo_lock); >>> + } >> >> This makes me nervous. You are reading lo_bio_count outside the lock= =2E If >> you race with the prepare_to_wait() and condition check in >> __wait_event(), then you will sleep forever. >=20 > Hi Jens, >=20 > I am sorry for being dense, but I do not see how this would be > possible. The only place we increase the lo_bio_count is after that > piece of code (possibly after the wait). Moreover every time we're > decreasing the lo_bio_count and it is smaller than nr_congestion_off > we will wake_up(). >=20 > That's how wait_event/wake_up is supposed to be used, right ? It is, yes. But you are checking the condition without the lock, so you could be operating on a stale value. The point is, you have to safely check the condition _after prepare_to_wait() to be completely safe. And you do not. Either lo_bio_count needs to be atomic, or you need to use = a variant of wait_event() that holds the appropriate lock before prepare_to_wait() and condition check, then dropping it for the sleep. See wait_even_lock_irq() in drivers/md/md.h. --=20 Jens Axboe