From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: Pingfan Liu <kernelfans@gmail.com>
Cc: linux-xfs@vger.kernel.org, Brian Foster <bfoster@redhat.com>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] xfs/log: protect the logging content under xc_ctx_lock
Date: Wed, 30 Oct 2019 09:48:25 -0700 [thread overview]
Message-ID: <20191030164825.GJ15222@magnolia> (raw)
In-Reply-To: <1572442631-4472-1-git-send-email-kernelfans@gmail.com>
On Wed, Oct 30, 2019 at 09:37:11PM +0800, Pingfan Liu wrote:
> xc_cil_lock is not enough to protect the integrity of a trans logging.
> Taking the scenario:
> cpuA cpuB cpuC
>
> xlog_cil_insert_format_items()
>
> spin_lock(&cil->xc_cil_lock)
> link transA's items to xc_cil,
> including item1
> spin_unlock(&cil->xc_cil_lock)
> xlog_cil_push() fetches transA's item under xc_cil_lock
> issue transB, modify item1
> xlog_write(), but now, item1 contains content from transB and we have a broken transA
>
> Survive this race issue by putting under the protection of xc_ctx_lock.
> Meanwhile the xc_cil_lock can be dropped as xc_ctx_lock does it against
> xlog_cil_insert_items()
How did you trigger this race? Is there a test case to reproduce, or
did you figure this out via code inspection?
--D
>
> Signed-off-by: Pingfan Liu <kernelfans@gmail.com>
> Cc: "Darrick J. Wong" <darrick.wong@oracle.com>
> Cc: Brian Foster <bfoster@redhat.com>
> To: linux-xfs@vger.kernel.org
> Cc: linux-fsdevel@vger.kernel.org
> ---
> fs/xfs/xfs_log_cil.c | 35 +++++++++++++++++++----------------
> 1 file changed, 19 insertions(+), 16 deletions(-)
>
> diff --git a/fs/xfs/xfs_log_cil.c b/fs/xfs/xfs_log_cil.c
> index 004af09..f8df3b5 100644
> --- a/fs/xfs/xfs_log_cil.c
> +++ b/fs/xfs/xfs_log_cil.c
> @@ -723,22 +723,6 @@ xlog_cil_push(
> */
> lv = NULL;
> num_iovecs = 0;
> - spin_lock(&cil->xc_cil_lock);
> - while (!list_empty(&cil->xc_cil)) {
> - struct xfs_log_item *item;
> -
> - item = list_first_entry(&cil->xc_cil,
> - struct xfs_log_item, li_cil);
> - list_del_init(&item->li_cil);
> - if (!ctx->lv_chain)
> - ctx->lv_chain = item->li_lv;
> - else
> - lv->lv_next = item->li_lv;
> - lv = item->li_lv;
> - item->li_lv = NULL;
> - num_iovecs += lv->lv_niovecs;
> - }
> - spin_unlock(&cil->xc_cil_lock);
>
> /*
> * initialise the new context and attach it to the CIL. Then attach
> @@ -783,6 +767,25 @@ xlog_cil_push(
> up_write(&cil->xc_ctx_lock);
>
> /*
> + * cil->xc_cil_lock around this loop can be dropped, since xc_ctx_lock
> + * protects us against xlog_cil_insert_items().
> + */
> + while (!list_empty(&cil->xc_cil)) {
> + struct xfs_log_item *item;
> +
> + item = list_first_entry(&cil->xc_cil,
> + struct xfs_log_item, li_cil);
> + list_del_init(&item->li_cil);
> + if (!ctx->lv_chain)
> + ctx->lv_chain = item->li_lv;
> + else
> + lv->lv_next = item->li_lv;
> + lv = item->li_lv;
> + item->li_lv = NULL;
> + num_iovecs += lv->lv_niovecs;
> + }
> +
> + /*
> * Build a checkpoint transaction header and write it to the log to
> * begin the transaction. We need to account for the space used by the
> * transaction header here as it is not accounted for in xlog_write().
> --
> 2.7.5
>
next prev parent reply other threads:[~2019-10-30 16:48 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-30 6:29 [PATCH] xfs/log: protect xc_cil in xlog_cil_push() Pingfan Liu
2019-10-30 12:53 ` Brian Foster
2019-10-30 13:33 ` Pingfan Liu
2019-10-30 13:37 ` [PATCH] xfs/log: protect the logging content under xc_ctx_lock Pingfan Liu
2019-10-30 16:48 ` Darrick J. Wong [this message]
2019-10-31 3:48 ` Pingfan Liu
2019-10-31 21:40 ` Dave Chinner
2019-11-01 3:39 ` Pingfan Liu
2019-10-31 21:25 ` [PATCH] xfs/log: protect xc_cil in xlog_cil_push() Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191030164825.GJ15222@magnolia \
--to=darrick.wong@oracle.com \
--cc=bfoster@redhat.com \
--cc=kernelfans@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).