• Simon Derr's avatar
    9P: Fix race in p9_read_work() · 0462194d
    Simon Derr authored
    Race scenario between p9_read_work() and p9_poll_mux()
    
    Data arrive, Rworksched is set, p9_read_work() is called.
    
    thread A                                thread B
    
                                            p9_read_work()
                                                    .
                                            reads data
                                                    .
                                            checks if new data ready. No.
                                                    .
                                            gets preempted
                                                    .
    More data arrive, p9_poll_mux() is called.      .
                                                    .
                                                    .
    p9_poll_mux()                                   .
                                                    .
    if (!test_and_set_bit(Rworksched,               .
                          &m->wsched)) {            .
      schedule_work(&m->rq);                        .
    }                                               .
                                                    .
    -> does not schedule work because               .
       Rworksched is set                            .
                                                    .
                                            clear_bit(Rworksched, &m->wsched);
                                            return;
    
    No work has been scheduled, and yet data are waiting.
    
    Currently p9_read_work() checks if there is data to read,
    and if not, it clears Rworksched.
    
    I think it should clear Rworksched first, and then check if there is data to read.
    Signed-off-by: default avatarSimon Derr <simon.derr@bull.net>
    Signed-off-by: default avatarEric Van Hensbergen <ericvh@gmail.com>
    0462194d
trans_fd.c 23.9 KB