Re: [PATCH RFC] fix RCU-callback-after-kmem_cache_destroy problemin sl[aou]b

[Matt Mackall]

On Mon, 2009-06-29 at 18:30 -0400, Christoph Lameter wrote:
> On Thu, 25 Jun 2009, Paul E. McKenney wrote:
> 
> > Jesper noted that kmem_cache_destroy() invokes synchronize_rcu() rather
> > than rcu_barrier() in the SLAB_DESTROY_BY_RCU case, which could result
> > in RCU callbacks accessing a kmem_cache after it had been destroyed.
> >
> > The following untested (might not even compile) patch proposes a fix.
> 
> It could be seen to be the responsibility of the caller of
> kmem_cache_destroy to insure that no accesses are pending.
> 
> If the caller specified destroy by rcu on cache creation then he also
> needs to be aware of not destroying the cache itself until all rcu actions
> are complete. This is similar to the caution that has to be execised then
> accessing cache data itself.

This is a reasonable point, and in keeping with the design principle
'callers should handle their own special cases'. However, I think it
would be more than a little surprising for kmem_cache_free() to do the
right thing, but not kmem_cache_destroy().

-- 
http://selenic.com : development and support for Mercurial and Linux


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/