On 08/24/2012 07:28 AM, Minchan Kim wrote: > On Thu, Aug 23, 2012 at 05:10:00PM -0500, Seth Jennings wrote: >> On 08/23/2012 03:56 PM, Minchan Kim wrote: >>> Hi Seth, >>> >>> On Thu, Aug 23, 2012 at 10:33:09AM -0500, Seth Jennings wrote: >>>> This patchset fixes a regression in 3.6 by reverting two dependent >>>> commits that made changes to zcache_do_preload(). >>>> >>>> The commits undermine an assumption made by tmem_put() in >>>> the cleancache path that preemption is disabled. This change >>>> introduces a race condition that can result in the wrong page >>>> being returned by tmem_get(), causing assorted errors (segfaults, >>>> apparent file corruption, etc) in userspace. >>>> >>>> The corruption was discussed in this thread: >>>> https://lkml.org/lkml/2012/8/17/494 >>> >>> I think changelog isn't enough to explain what's the race. >>> Could you write it down in detail? >> >> I didn't come upon this solution via code inspection, but >> rather through discovering that the issue didn't exist in >> v3.5 and just looking at the changes since then. > > Okay, then, why do you think the patchsets are culprit? > I didn't look the cleanup patch series of Xiao at that time > so I can be wrong but as I just look through patch of > "zcache: optimize zcache_do_preload", I can't find any fault > because zcache_put_page checks irq_disable so we don't need > to disable preemption so it seems that patch is correct to me. > If the race happens by preemption, BUG_ON in zcache_put_page > should catch it. Confused me too! And the first patch just do the cleanup, it is not different before the patch and after the patch, what i missed? _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
