Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / abd63f44a170e72fadcdad35fb508722352c4deb^! / . / fs / f2fs / segment.c
commitabd63f44a170e72fadcdad35fb508722352c4deb[log] [tgz]
authorChao Yu <yuchao0@huawei.com>Thu Aug 31 18:56:05 2017 +0800
committerJaegeuk Kim <jaegeuk@kernel.org>Thu Sep 21 13:56:04 2017 -0700
treecc17d92a5682a0a57610f063d680e8024209d5b3
parenta69c9747c89b615912980169fd9130b6f5a96748 [diff] [blame]
f2fs: avoid race in between atomic_read & atomic_inc

Previously, we will miss merging flush command during fsync due to below
race condition:

Thread A 		Thread B		Thread C
- f2fs_issue_flush
 - atomic_read(&issing_flush)
			- f2fs_issue_flush
			 - atomic_read(&issing_flush)
						- f2fs_issue_flush
						 - atomic_read(&issing_flush)
  - atomic_inc(&issing_flush)
			  - atomic_inc(&issing_flush)
						  - atomic_inc(&issing_flush)
   - submit_flush_wait
			   - submit_flush_wait
						   - submit_flush_wait

It needs to use atomic_inc_return instead to avoid such race.

Signed-off-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
index 1b688d09..7ac4e6b 100644
--- a/fs/f2fs/segment.c
+++ b/fs/f2fs/segment.c

@@ -536,8 +536,7 @@
 		return ret;
 	}
 
-	if (!atomic_read(&fcc->issing_flush)) {
-		atomic_inc(&fcc->issing_flush);
+	if (atomic_inc_return(&fcc->issing_flush) == 1) {
 		ret = submit_flush_wait(sbi);
 		atomic_dec(&fcc->issing_flush);
 
@@ -547,7 +546,6 @@
 
 	init_completion(&cmd.wait);
 
-	atomic_inc(&fcc->issing_flush);
 	llist_add(&cmd.llnode, &fcc->issue_list);
 
 	/* update issue_list before we wake up issue_flush thread */