* [nacked] percpu_ref-call-wake_up_all-after-percpu_ref_put-completes.patch removed from -mm tree
@ 2022-04-08 18:07 Andrew Morton
0 siblings, 0 replies; only message in thread
From: Andrew Morton @ 2022-04-08 18:07 UTC (permalink / raw)
To: mm-commits, zhouchengming, tj, songmuchun, ming.lei, dennis, cl,
zhengqi.arch, akpm
The patch titled
Subject: percpu_ref: call wake_up_all() after percpu_ref_put() completes
has been removed from the -mm tree. Its filename was
percpu_ref-call-wake_up_all-after-percpu_ref_put-completes.patch
This patch was dropped because it was nacked
------------------------------------------------------
From: Qi Zheng <zhengqi.arch@bytedance.com>
Subject: percpu_ref: call wake_up_all() after percpu_ref_put() completes
In the percpu_ref_call_confirm_rcu(), we call the wake_up_all() before
calling percpu_ref_put(), which will cause the value of percpu_ref to be
unstable when percpu_ref_switch_to_atomic_sync() returns.
CPU0 CPU1
percpu_ref_switch_to_atomic_sync(&ref)
--> percpu_ref_switch_to_atomic(&ref)
--> percpu_ref_get(ref); /* put after confirmation */
call_rcu(&ref->data->rcu, percpu_ref_switch_to_atomic_rcu);
percpu_ref_switch_to_atomic_rcu
--> percpu_ref_call_confirm_rcu
--> data->confirm_switch = NULL;
wake_up_all(&percpu_ref_switch_waitq);
/* here waiting to wake up */
wait_event(percpu_ref_switch_waitq, !ref->data->confirm_switch);
(A)percpu_ref_put(ref);
/* The value of &ref is unstable! */
percpu_ref_is_zero(&ref)
(B)percpu_ref_put(ref);
As shown above, assuming that the counts on each cpu add up to 0 before
calling percpu_ref_switch_to_atomic_sync(), we expect that after switching
to atomic mode, percpu_ref_is_zero() can return true. But actually it
will return different values in the two cases of A and B, which is not
what we expected.
Maybe the original purpose of percpu_ref_switch_to_atomic_sync() is just
to ensure that the conversion to atomic mode is completed, but it should
not return with an extra reference count.
Calling wake_up_all() after percpu_ref_put() ensures that the value of
percpu_ref is stable after percpu_ref_switch_to_atomic_sync() returns. So
just do it.
Link: https://lkml.kernel.org/r/20220407103335.36885-1-zhengqi.arch@bytedance.com
Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
Cc: Dennis Zhou <dennis@kernel.org>
Cc: Tejun Heo <tj@kernel.org>
Cc: Christoph Lameter <cl@linux.com>
Cc: Chengming Zhou <zhouchengming@bytedance.com>
Cc: Muchun Song <songmuchun@bytedance.com>
Cc: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
lib/percpu-refcount.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/lib/percpu-refcount.c~percpu_ref-call-wake_up_all-after-percpu_ref_put-completes
+++ a/lib/percpu-refcount.c
@@ -154,13 +154,14 @@ static void percpu_ref_call_confirm_rcu(
data->confirm_switch(ref);
data->confirm_switch = NULL;
- wake_up_all(&percpu_ref_switch_waitq);
if (!data->allow_reinit)
__percpu_ref_exit(ref);
/* drop ref from percpu_ref_switch_to_atomic() */
percpu_ref_put(ref);
+
+ wake_up_all(&percpu_ref_switch_waitq);
}
static void percpu_ref_switch_to_atomic_rcu(struct rcu_head *rcu)
_
Patches currently in -mm which might be from zhengqi.arch@bytedance.com are
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-04-08 18:07 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-08 18:07 [nacked] percpu_ref-call-wake_up_all-after-percpu_ref_put-completes.patch removed from -mm tree Andrew Morton
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).