linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Alan Stern <stern@rowland.harvard.edu>
To: "Luck, Tony" <tony.luck@intel.com>
Cc: Greg KH <gregkh@suse.de>, Ingo Molnar <mingo@elte.hu>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	"Rafael J. Wysocki" <rjw@sisk.pl>,
	"Srivatsa S. Bhat" <srivatsa.bhat@linux.vnet.ibm.com>,
	Sergei Trofimovich <slyich@gmail.com>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Kay Sievers <kay.sievers@vrfy.org>,
	Linux PM mailing list <linux-pm@vger.kernel.org>,
	Borislav Petkov <bp@amd64.org>,
	"tglx@linutronix.de" <tglx@linutronix.de>,
	"prasad@linux.vnet.ibm.com" <prasad@linux.vnet.ibm.com>,
	Ming Lei <tom.leiming@gmail.com>,
	Djalal Harouni <tixxdz@opendz.org>,
	Borislav Petkov <borislav.petkov@amd.com>,
	Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>,
	Andi Kleen <ak@linux.intel.com>,
	"gouders@et.bocholt.fh-gelsenkirchen.de" 
	<gouders@et.bocholt.fh-gelsenkirchen.de>,
	Marcos Souza <marcos.mage@gmail.com>,
	"justinmattock@gmail.com" <justinmattock@gmail.com>,
	Jeff Chua <jeff.chua.linux@gmail.com>
Subject: RE: [PATCH] mce: fix warning messages about static struct mce_device
Date: Wed, 18 Jan 2012 13:10:57 -0500 (EST)	[thread overview]
Message-ID: <Pine.LNX.4.44L0.1201181257540.1343-100000@iolanthe.rowland.org> (raw)
In-Reply-To: <3908561D78D1C84285E8C5FCA982C28F01CF24@ORSMSX104.amr.corp.intel.com>

On Wed, 18 Jan 2012, Luck, Tony wrote:

> Greg said:
> > It was already fixed that way, but the problem is that you can not have
> > statically allocated 'struct device' objects in the system.
> 
> and then Alan said:
> > There's an additional requirement: Device structures may not be reused.  
> > Not even if the caller clears all the fields to 0 in between.  That was
> > the real bug in the original code -- and adding a dummy release routine
> > wouldn't fix it.
> 
> There seems to be some curious logic happening here which I don't understand
> at all. How can the code that deals with 'struct device' tell whether it was
> statically declared or dynamically allocated? Why would it care?
> 
> What happens if we play by the rules using a dynamic structure and do
> 
>  device_register() + device_create_file(dev)
>    ...
>  device_remove_file(dev) + device_unregister()
> 
> then later come back to re-add this and by pure random fluke kzalloc()
> gives us back the exact same block of memory that we used for dev before?

Okay, that's a reasonable question.

> By Alan's logic we are screwed - we are re-using the same device structure
> (unless kfree() + kzalloc() does some magic pixie dust thing so that this
> same block of memory is now not the same device structure we had before, even
> though it has the same address).

No, it's a new structure that just happens to occupy the same address
as the old structure.  :-)  The real point is that kzalloc() won't give
you that address for the new structure before kfree() has deallocated
the old one.

Normally kfree() would be called by the release routine.  Therefore if
kzalloc() gives you the same address, you can be sure that the release
routine has run.  The problem with statically allocated device
structures is that they generally don't have release routines (as in
this MCE case).

Now if you had a static structure and you gave it a release routine
then yes -- you could reuse it _provided_ you waited for the release
routine to be called first.  But that's not under your control; the
release routine won't be called until all the references have been
dropped, which can take an arbitrarily long time.  It's better to avoid 
the whole issue by not using static allocation.

> In summary - I can totally buy the argument that you must start with a zeroed
> struct device (and that it is just fine that device_unregister() doesn't waste
> cpu cycles cleaning up the structure just in case someone will re-use it, because
> that isn't going to be the common case).
> 
> I just don't understand the magical difference between a static structure that
> has been memset() to all zero, and a dynamic block returned from kzalloc().

The difference is that a block returned from kzalloc() is _known_ not
to have any pre-existing references.  A static structure that has been
reset to all zero may still have some; in general you can't know.

There's nothing special about the driver model code in this respect.  
The same restriction applies wherever object lifetimes are controlled
by reference counting.

Alan Stern


  parent reply	other threads:[~2012-01-18 18:11 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-01-16 22:40 [PATCH] mce: fix warning messages about static struct mce_device Greg KH
2012-01-17  0:14 ` Djalal Harouni
2012-01-17  0:15   ` Greg KH
2012-01-17  0:21     ` Linus Torvalds
2012-01-17  1:00       ` Greg KH
2012-01-17  8:38 ` Ingo Molnar
2012-01-17 15:51   ` Greg KH
2012-01-17 16:28     ` Greg KH
2012-01-18  9:31     ` Ingo Molnar
2012-01-18 14:42       ` Greg KH
2012-01-18 15:51         ` Alan Stern
2012-01-18 17:28           ` Luck, Tony
2012-01-18 17:54             ` Srivatsa S. Bhat
2012-01-18 18:10             ` Alan Stern [this message]
2012-01-18 18:50               ` Kay Sievers
2012-01-18 19:00                 ` Luck, Tony
2012-01-18 19:31                 ` Srivatsa S. Bhat
2012-01-19 12:32                 ` Ingo Molnar
2012-01-19 13:29                   ` Srivatsa S. Bhat
2012-01-19 15:13                     ` Alan Stern
2012-01-19 19:38                       ` Ingo Molnar
2012-01-19 20:52                         ` Alan Stern
2012-01-19 12:28         ` Ingo Molnar
2012-01-26 23:49           ` MCE: convert static array of pointers to per-cpu variables Greg KH
2012-01-27 13:14             ` Srivatsa S. Bhat
2012-01-17 12:36 ` [PATCH] mce: fix warning messages about static struct mce_device Srivatsa S. Bhat
2012-01-17 15:52   ` Greg KH

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Pine.LNX.4.44L0.1201181257540.1343-100000@iolanthe.rowland.org \
    --to=stern@rowland.harvard.edu \
    --cc=ak@linux.intel.com \
    --cc=borislav.petkov@amd.com \
    --cc=bp@amd64.org \
    --cc=gouders@et.bocholt.fh-gelsenkirchen.de \
    --cc=gregkh@suse.de \
    --cc=jeff.chua.linux@gmail.com \
    --cc=justinmattock@gmail.com \
    --cc=kay.sievers@vrfy.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pm@vger.kernel.org \
    --cc=marcos.mage@gmail.com \
    --cc=mingo@elte.hu \
    --cc=prasad@linux.vnet.ibm.com \
    --cc=rjw@sisk.pl \
    --cc=seto.hidetoshi@jp.fujitsu.com \
    --cc=slyich@gmail.com \
    --cc=srivatsa.bhat@linux.vnet.ibm.com \
    --cc=tglx@linutronix.de \
    --cc=tixxdz@opendz.org \
    --cc=tom.leiming@gmail.com \
    --cc=tony.luck@intel.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).