[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20151104115538.GK17308@twins.programming.kicks-ass.net>
Date: Wed, 4 Nov 2015 12:55:38 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Sebastian Andrzej Siewior <bigeasy@...utronix.de>
Cc: linux-kernel@...r.kernel.org, George Spelvin <linux@...izon.com>,
Thomas Gleixner <tglx@...utronix.de>,
Davidlohr Bueso <dave@...olabs.net>,
Manfred Spraul <manfred@...orfullife.com>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH v2] ipc/msg: Implement lockless pipelined wakeups
On Tue, Nov 03, 2015 at 04:03:29PM +0100, Sebastian Andrzej Siewior wrote:
> - struct msg_msg *volatile r_msg;
> + struct msg_msg *r_msg;
> + wake_q_add(wake_q, msr->r_tsk);
> msr->r_msg = msg;
> + /*
> + * Rely on the implicit cmpxchg barrier from
> + * wake_q_add such that we can ensure that
Davidlohr, didn't you want to make that cmpxchg_relaxed() or
cmpxchg_release() ?
> + * updating msr->r_msg is the last write
> + * operation: As once set, the receiver can
> + * continue, and if we don't have the reference
Which seems to suggest you want to at least make that WRITE_ONCE()
> + * count from the wake_q, yet, at that point we
> + * can later have a use-after-free condition and
> + * bogus wakeup.
> + */
And I agree with DAvidlohr that the comment is placed oddly, one would
expect it between wake_q_add() and the store in question.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists