From: Waiman Long <longman@redhat.com>
To: Christoph Hellwig <hch@lst.de>,
linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Will Deacon <will@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
linux-ext4@vger.kernel.org, cluster-devel@redhat.com
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org
Subject: Re: [PATCH 02/12] locking/rwsem: Exit early when held by an anonymous owner
Date: Tue, 14 Jan 2020 13:17:45 -0500 [thread overview]
Message-ID: <925d1343-670e-8f92-0e73-6e9cee0d3ffb@redhat.com> (raw)
In-Reply-To: <20200114161225.309792-3-hch@lst.de>
On 1/14/20 11:12 AM, Christoph Hellwig wrote:
> The rwsem code overloads the owner field with either a task struct or
> negative magic numbers. Add a quick hack to catch these negative
> values early on. Without this spinning on a writer that replaced the
> owner with RWSEM_OWNER_UNKNOWN, rwsem_spin_on_owner can crash while
> deferencing the task_struct ->on_cpu field of a -8 value.
>
> XXX: This might be a bit of a hack as the code otherwise doesn't use
> the ERR_PTR family macros, better suggestions welcome.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> ---
> kernel/locking/rwsem.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/kernel/locking/rwsem.c b/kernel/locking/rwsem.c
> index 44e68761f432..6adc719a30a1 100644
> --- a/kernel/locking/rwsem.c
> +++ b/kernel/locking/rwsem.c
> @@ -725,6 +725,8 @@ rwsem_spin_on_owner(struct rw_semaphore *sem, unsigned long nonspinnable)
> state = rwsem_owner_state(owner, flags, nonspinnable);
> if (state != OWNER_WRITER)
> return state;
> + if (IS_ERR(owner))
> + return state;
>
> rcu_read_lock();
> for (;;) {
The owner field is just a pointer to the task structure with the lower 3
bits served as flag bits. Setting owner to RWSEM_OWNER_UNKNOWN (-2) will
stop optimistic spinning. So under what condition did the crash happen?
Anyway, PeterZ is working on revising the percpu-rwsem implementation to
more gracefully handle the frozen case. At the end, there will not be a
need for the RWSEM_OWNER_UNKNOWN magic and it can be removed.
Cheers,
Longman
RWSEM_OWNER_UNKNOWN
next prev parent reply other threads:[~2020-01-14 18:17 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-14 16:12 RFC: hold i_rwsem until aio completes Christoph Hellwig
2020-01-14 16:12 ` [PATCH 01/12] mm: fix a comment in sys_swapon Christoph Hellwig
2020-02-10 23:29 ` Andrew Morton
2020-02-12 7:37 ` Christoph Hellwig
2020-01-14 16:12 ` [PATCH 02/12] locking/rwsem: Exit early when held by an anonymous owner Christoph Hellwig
2020-01-14 18:17 ` Waiman Long [this message]
2020-01-14 18:25 ` Christoph Hellwig
2020-01-14 18:33 ` Waiman Long
2020-01-14 18:55 ` Waiman Long
2020-01-14 16:12 ` [PATCH 03/12] xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read Christoph Hellwig
2020-01-14 16:12 ` [PATCH 04/12] gfs2: move setting current->backing_dev_info Christoph Hellwig
2020-01-14 16:12 ` [PATCH 05/12] gfs2: fix O_SYNC write handling Christoph Hellwig
2020-02-06 15:31 ` [Cluster-devel] " Andreas Gruenbacher
2020-01-14 16:12 ` [PATCH 06/12] iomap: pass a flags value to iomap_dio_rw Christoph Hellwig
2020-01-14 16:12 ` [PATCH 07/12] iomap: allow holding i_rwsem until aio completion Christoph Hellwig
2020-01-14 16:12 ` [PATCH 08/12] ext4: hold i_rwsem until AIO completes Christoph Hellwig
2020-01-14 21:50 ` Theodore Y. Ts'o
2020-01-15 6:48 ` Christoph Hellwig
2020-01-14 16:12 ` [PATCH 09/12] gfs2: " Christoph Hellwig
2020-01-14 16:12 ` [PATCH 10/12] xfs: " Christoph Hellwig
2020-01-14 16:12 ` [PATCH 11/12] xfs: don't set IOMAP_DIO_SYNCHRONOUS for unaligned I/O Christoph Hellwig
2020-01-14 16:12 ` [PATCH 12/12] iomap: remove the inode_dio_begin/end calls Christoph Hellwig
2020-01-14 18:47 ` RFC: hold i_rwsem until aio completes Matthew Wilcox
2020-01-15 6:54 ` Christoph Hellwig
2020-01-14 19:27 ` Jason Gunthorpe
2020-01-15 6:56 ` Christoph Hellwig
2020-01-15 13:24 ` Jason Gunthorpe
2020-01-15 14:33 ` Peter Zijlstra
2020-01-15 14:49 ` Jason Gunthorpe
2020-01-15 19:03 ` Waiman Long
2020-01-15 19:07 ` Christoph Hellwig
2020-01-18 22:40 ` Matthew Wilcox
2020-01-15 15:36 ` Christoph Hellwig
2020-01-15 16:26 ` Jason Gunthorpe
2020-01-16 14:00 ` Jan Kara
2020-02-03 17:44 ` Christoph Hellwig
2020-01-18 9:28 ` Dave Chinner
2020-02-03 17:46 ` Christoph Hellwig
2020-02-03 23:02 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=925d1343-670e-8f92-0e73-6e9cee0d3ffb@redhat.com \
--to=longman@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=cluster-devel@redhat.com \
--cc=hch@lst.de \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-xfs@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).