From: Tony Battersby <tonyb@cybernetics.com>
To: Stefan Richter <stefanr@s5r6.in-berlin.de>
Cc: Greg KH <greg@kroah.com>,
FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>,
dgilbert@interlog.com, James.Bottomley@HansenPartnership.com,
hch@infradead.org, linux-scsi@vger.kernel.org
Subject: Re: [PATCH 0/2] sg: fix races during device removal (v2)
Date: Thu, 15 Jan 2009 14:20:49 -0500 [thread overview]
Message-ID: <496F8C91.9050208@cybernetics.com> (raw)
In-Reply-To: <496F84AA.9060708@s5r6.in-berlin.de>
Stefan Richter wrote:
> Tony Battersby wrote:
>
>> Stefan Richter wrote:
>>
>>> I believe your kref_get_not_zero() invention is because you want to
>>> count two unrelated numbers in the same counter. This won't work, I'm
>>> afraid.
>>>
>>>
>> It does work actually, just in a way that people don't seem to like very
>> much.
>>
>
> No, it doesn't work. You can track how many transactions are pending,
> and you can track how many sites look at memory X, but you can't track
> both issues in the same counter.
>
> If you only count pending transactions, you know when to deregister the
> device from the idr. But you don't know when it's OK to free the
> device's memory.
>
> If you cont only references to the memory, you know when it is OK to
> free it but you don't know when to deregister from the idr.
>
>
It does work because kref_get_not_zero() must be called while holding a
lock that prevents the destructor from freeing the memory (this
requirement is in the comments that I put above the function). If
kref_get_not_zero() returns false, then the caller forgets that it found
the object, drops the lock, and lets the destructor continue. It is
safe from all races that I can see if used properly. In my opinion, the
only legitimate objection that one could have is if the API is too hard
to understand and use correctly, thereby risking misuse or confusion by
people who don't understand it.
Let me give some examples:
* Example 1 *
CPU 1:
kref_put(): refcount 1 -> 0
CPU 2:
lock data structure
find object
kref_get_not_zero() returns false
forget object
unlock data structure
CPU 1:
lock data structure
remove object
unlock data structure
free object
* Example 2 *
CPU 1:
kref_put(): refcount 1 -> 0
lock data structure
remove object
unlock data structure
CPU 2:
lock data structure
object not found
unlock data structure
CPU 1:
free object
Can you point out an actual problem where this will fail to do the right
thing?
Tony
next prev parent reply other threads:[~2009-01-15 19:20 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-05 19:07 [PATCH 0/2] sg: fix races during device removal (v2) Tony Battersby
2009-01-08 23:21 ` Douglas Gilbert
2009-01-10 17:26 ` FUJITA Tomonori
2009-01-12 21:09 ` Tony Battersby
2009-01-13 16:24 ` FUJITA Tomonori
2009-01-14 20:31 ` Tony Battersby
2009-01-14 21:39 ` Greg KH
2009-01-14 21:59 ` Tony Battersby
2009-01-14 22:33 ` Stefan Richter
2009-01-14 22:53 ` Tony Battersby
2009-01-14 23:47 ` Stefan Richter
2009-01-15 14:47 ` Tony Battersby
2009-01-15 16:22 ` Stefan Richter
2009-01-15 16:44 ` Stefan Richter
2009-01-15 18:17 ` Tony Battersby
2009-01-15 18:47 ` Stefan Richter
2009-01-15 19:14 ` Stefan Richter
2009-01-15 19:20 ` Tony Battersby [this message]
2009-01-15 20:43 ` Stefan Richter
2009-01-15 21:43 ` Tony Battersby
2009-01-15 21:58 ` Stefan Richter
2009-01-15 22:23 ` Tony Battersby
2009-01-15 23:24 ` Stefan Richter
2009-01-16 14:16 ` Tony Battersby
2009-01-16 0:53 ` Stefan Richter
2009-01-16 8:09 ` Stefan Richter
2009-01-19 6:57 ` FUJITA Tomonori
2009-01-19 15:02 ` Tony Battersby
2009-01-19 23:03 ` [PATCH 1/2] sg: fix races during device removal (v4) Tony Battersby
2009-01-20 1:06 ` FUJITA Tomonori
2009-01-20 21:58 ` [PATCH 1/2] sg: fix races during device removal (v5) Tony Battersby
2009-01-21 18:25 ` Stefan Richter
2009-01-21 19:23 ` Tony Battersby
2009-01-21 19:45 ` [PATCH 1/2] sg: fix races during device removal (v6) Tony Battersby
2009-01-25 12:46 ` FUJITA Tomonori
2009-01-26 13:57 ` Douglas Gilbert
2009-01-28 1:51 ` FUJITA Tomonori
2009-01-28 15:06 ` James Bottomley
2009-01-20 22:00 ` [PATCH 2/2] sg: fix races with ioctl(SG_IO) (v2) Tony Battersby
2009-01-25 12:46 ` FUJITA Tomonori
2009-01-19 23:06 ` [PATCH 2/2] sg: fix races with ioctl(SG_IO) Tony Battersby
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=496F8C91.9050208@cybernetics.com \
--to=tonyb@cybernetics.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=dgilbert@interlog.com \
--cc=fujita.tomonori@lab.ntt.co.jp \
--cc=greg@kroah.com \
--cc=hch@infradead.org \
--cc=linux-scsi@vger.kernel.org \
--cc=stefanr@s5r6.in-berlin.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox