Re: [PATCH v4] slow-work: add (module*)work->ops->owner to fix raceswith module clients
From: Gregory Haskins
Date: Tue Jun 30 2009 - 08:09:33 EST
Michael S. Tsirkin wrote:
> On Tue, Jun 30, 2009 at 10:18:32AM +0100, steve@xxxxxxxxxxx wrote:
>
>> Hi,
>>
>> On Tue, Jun 30, 2009 at 12:07:15PM +0300, Michael S. Tsirkin wrote:
>>
>>> On Tue, Jun 30, 2009 at 09:43:03AM +0100, Steven Whitehouse wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm happy to ACK this, but the race doesn't exist in GFS2's case because
>>>> we wait for all work related to each GFS2 fs at umount time and the
>>>> module unload cannot happen until all GFS2 fs are umounted,
>>>>
>>>> Steve.
>>>>
>>> I wonder whether the following holds:
>>>
>>> static void gfs2_recover_put_ref(struct slow_work *work)
>>> {
>>> struct gfs2_jdesc *jd = container_of(work, struct gfs2_jdesc, jd_work);
>>> clear_bit(JDF_RECOVERY, &jd->jd_flags);
>>> smp_mb__after_clear_bit();
>>> wake_up_bit(&jd->jd_flags, JDF_RECOVERY);
>>>
>>> <- umount can complete here?
>>>
>>> }
>>>
>>>
>>> If yes, .text of the module could go away between the point marked by <-
>>> and return from gfs2_recover_put_ref.
>>>
>>>
>>>
>> Well in theory, yes. In reality I don't think it could ever happen
>>
>
> Right. IIUC, that's all Gregory's patch is trying to address: a
> theoretical race condition.
>
>
Yeah, I never actually saw a crash. I just noticed the hole via code
inspection.
Regards,
-Greg
Attachment:
signature.asc
Description: OpenPGP digital signature