Re: [PATCH 01/12] blkcg: obtaining blkg should be enclosed insidercu_read_lock()

[Vivek Goyal]

On Thu, Jan 19, 2012 at 07:39:38AM -0800, Tejun Heo wrote:
> Hello, Vivek.
> 
> On Thu, Jan 19, 2012 at 05:07:29AM -0500, Vivek Goyal wrote:
> > On Wed, Jan 18, 2012 at 05:11:19PM -0800, Tejun Heo wrote:
> > > When looking up or creating blkg's, both blk-throttle and cfq-iosched
> > > drops rcu_read_lock() right after lookup is complete.  This isn't
> > > safe.  Refcnt isn't incremented at that point and rcu lock is the only
> > > thing holding the blkg.  It shouldn't be dropped until after refcnt is
> > > incremented by the caller.
> > 
> > throtl_get_tg() and cfq_get_cfqg() are called with queue lock held and
> > tg and cfqg are protected by queue lock as they can not go away as long
> > as queue lock is held.
> 
> Ah, right.
> 
> > I had used rcu read lock to access blkcg pointer here. That's why when
> > we are done with accessing blkcg, we drop rcu read lock and return back
> > to caller with group pointer, which is aready holding either a queue
> > lock or rcu read lock to protect returned group pointer.
> >
> > So if we are protecting blkcg using rcu, then it should make sense to
> > take that lock inside throtl_get_tg() and cfq_get_cfqg() respectively and
> > it should not be left to the caller?
> 
> No, no matter whatever synchronization scheme is in use, the code is
> seriously screwed up if it's doing something like,
> 
> 	lock();
> 	a = lookup();
> 	unlock();
> 	return a;
> 
> You should *NEVER* be doing that.

I guess ioc_lookup_icq() is doing something similar. We call it under
queue lock. Take rcu lock inside for sanity of radix tree and then 
release rcu lock and return icq.

Thanks
Vivek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/