rcu_do_batch() decrements rdp->qlen with irqs enabled.
This is not good, it can also be modified by call_rcu()
from interrupt.
So, is it worth fixing? The problem is mostly theoretical.
If yes, is it ok to use local_t ? Iirc, the were some
problems with local_t on some arches. Sometimes it is
just atomic_t ...
Otherwise, we can update ->qlen after the main loop,
local_irq_disable();
rdp->qlen -= count;
local_irq_enable();
What dou you think?
Oleg.
On Sun, Sep 10, 2006 at 07:08:20PM +0400, Oleg Nesterov wrote:
> rcu_do_batch() decrements rdp->qlen with irqs enabled.
> This is not good, it can also be modified by call_rcu()
> from interrupt.
>
> So, is it worth fixing? The problem is mostly theoretical.
I think we should fix it even though the problem is theoritical.
> If yes, is it ok to use local_t ? Iirc, the were some
> problems with local_t on some arches. Sometimes it is
> just atomic_t ...
AFAIK, x86 local_t is atomic. Not good.
>
> Otherwise, we can update ->qlen after the main loop,
>
> local_irq_disable();
> rdp->qlen -= count;
> local_irq_enable();
>
> What dou you think?
We should do this.
Thanks
Dipankar
rcu_do_batch() decrements rdp->qlen with irqs enabled. This is not good,
it can also be modified by call_rcu() from interrupt.
Decrement ->qlen once with irqs disabled, after a main loop.
Signed-off-by: Oleg Nesterov <[email protected]>
--- rc6-mm1/kernel/rcupdate.c~ 2006-08-22 16:22:49.000000000 +0400
+++ rc6-mm1/kernel/rcupdate.c 2006-09-11 01:24:17.000000000 +0400
@@ -241,12 +241,16 @@ static void rcu_do_batch(struct rcu_data
next = rdp->donelist = list->next;
list->func(list);
list = next;
- rdp->qlen--;
if (++count >= rdp->blimit)
break;
}
+
+ local_irq_disable();
+ rdp->qlen -= count;
+ local_irq_enable();
if (rdp->blimit == INT_MAX && rdp->qlen <= qlowmark)
rdp->blimit = blimit;
+
if (!rdp->donelist)
rdp->donetail = &rdp->donelist;
else
On Mon, Sep 11, 2006 at 01:32:43AM +0400, Oleg Nesterov wrote:
> rcu_do_batch() decrements rdp->qlen with irqs enabled. This is not good,
> it can also be modified by call_rcu() from interrupt.
>
> Decrement ->qlen once with irqs disabled, after a main loop.
>
> Signed-off-by: Oleg Nesterov <[email protected]>
>
> --- rc6-mm1/kernel/rcupdate.c~ 2006-08-22 16:22:49.000000000 +0400
> +++ rc6-mm1/kernel/rcupdate.c 2006-09-11 01:24:17.000000000 +0400
> @@ -241,12 +241,16 @@ static void rcu_do_batch(struct rcu_data
> next = rdp->donelist = list->next;
> list->func(list);
> list = next;
> - rdp->qlen--;
> if (++count >= rdp->blimit)
> break;
> }
> +
> + local_irq_disable();
> + rdp->qlen -= count;
> + local_irq_enable();
> if (rdp->blimit == INT_MAX && rdp->qlen <= qlowmark)
> rdp->blimit = blimit;
> +
> if (!rdp->donelist)
> rdp->donetail = &rdp->donelist;
> else
Looks good to me.
Thanks
Dipankar