Date: Fri, 8 Jun 2018 21:37:32 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: Mark Johnston <markj@freebsd.org> Cc: Ryan Libby <rlibby@freebsd.org>, Mateusz Guzik <mjguzik@gmail.com>, Justin Hibbits <jhibbits@freebsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r334708 - head/sys/kern Message-ID: <20180608183732.GK2450@kib.kiev.ua> In-Reply-To: <20180608183010.GC65388@pesky> References: <201806061257.w56CvCwq089369@repo.freebsd.org> <20180606140311.GU2450@kib.kiev.ua> <20180608033242.GA54099@pesky> <CAHgpiFyOQf6B3oGFGMz3avXqrrP0i6Puy9HqLER1XG5xE67BeQ@mail.gmail.com> <CAGudoHENGpCxn_omxfaRLOAH5fP6qdFcmmqZ7He%2BpcC=-1HFKQ@mail.gmail.com> <CAHgpiFzMQjHfnQLQrWc86FSxB2veHZeAc44qmROkaJugpGoU=g@mail.gmail.com> <20180608173755.GJ2450@kib.kiev.ua> <20180608183010.GC65388@pesky>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 08, 2018 at 02:30:10PM -0400, Mark Johnston wrote: > On Fri, Jun 08, 2018 at 08:37:55PM +0300, Konstantin Belousov wrote: > > On Thu, Jun 07, 2018 at 11:02:29PM -0700, Ryan Libby wrote: > > > On Thu, Jun 7, 2018 at 10:03 PM, Mateusz Guzik <mjguzik@gmail.com> wrote: > > > > Checking it without any locks is perfectly valid in this case. It is done > > > > after v_holdcnt gets bumped from a non-zero value. So at that time it > > > > is at least two. Of course that result is stale as an arbitrary number of > > > > other threads could have bumped and dropped the ref past that point. > > > > The minimum value is 1 since we hold the ref. But this means the > > > > vnode must not be on the free list and that's what the assertion is > > > > verifying. > > > > > > > > The problem is indeed lack of ordering against the code clearing the > > > > flag for the case where 2 threads to vhold and one does the 0->1 > > > > transition. > > > > > > > > That said, the fence is required for the assertion to work. > > > > > > > > > > Yeah, I agree with this logic. What I mean is that reordering between > > > v_holdcnt 0->1 and v_iflag is normally settled by the release and > > > acquisition of the vnode interlock, which we are supposed to hold for > > > v_*i*flag. A quick scan seems to show all of the checks of VI_FREE that > > > are not asserts do hold the vnode interlock. So, I'm just saying that I > > > don't think the possible reordering affects them. > > But do we know that only VI_FREE checks are affected ? > > > > My concern is that users of _vhold() rely on seeing up to date state of the > > vnode, and VI_FREE is only an example of the problem. Most likely, the > > code which fetched the vnode pointer before _vhold() call, should guarantee > > visibility. > > Wouldn't this be a problem only if we permit lockless accesses of vnode > state outside of _vhold() and other vnode subroutines? The current > protocol requires that the interlock be held, and this synchronizes with > code which performs 0->1 and 1->0 transitions of the hold count. If this > requirement is relaxed in the future, then fences would indeed be > needed. I do not claim that my concern is a real problem. I stated it as a thing to look at when deciding whether the fences should be added (unconditionally ?). If you argument is that the only current lock-less protocol for the struct vnode state is the v_holdcnt transitions for > 1, then I can agree with it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180608183732.GK2450>