Re: [PATCH 1/2] smp_call_function_many SMP race

From: Andrew Morton
Date: Wed Jan 19 2011 - 19:43:22 EST

Next message: Huang Ying: "Re: [PATCH -v10 0/4] Lock-less list"
Previous message: David Miller: "Re: Bug#609371: linux-image-2.6.37-trunk-sparc64: module scsi_mod:Unknown relocation: 36"
In reply to: Milton Miller: "[PATCH 1/2] smp_call_function_many SMP race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 18 Jan 2011 15:07:25 -0600
Milton Miller <miltonm@xxxxxxx> wrote:

> I noticed a failure where we hit the following WARN_ON in
> generic_smp_call_function_interrupt:
>
> if (!cpumask_test_and_clear_cpu(cpu, data->cpumask))
> continue;
>
> data->csd.func(data->csd.info);
>
> refs = atomic_dec_return(&data->refs);
> WARN_ON(refs < 0); <-------------------------
>
> We atomically tested and cleared our bit in the cpumask, and yet the
> number of cpus left (ie refs) was 0. How can this be?
>
> It turns out commit 54fdade1c3332391948ec43530c02c4794a38172
> (generic-ipi: make struct call_function_data lockless)
> is at fault. It removes locking from smp_call_function_many and in
> doing so creates a rather complicated race.

I've been waving https://bugzilla.kernel.org/show_bug.cgi?id=23042 at
the x86 guys for a while now, to no avail. Do you think you just fixed
it?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Huang Ying: "Re: [PATCH -v10 0/4] Lock-less list"
Previous message: David Miller: "Re: Bug#609371: linux-image-2.6.37-trunk-sparc64: module scsi_mod:Unknown relocation: 36"
In reply to: Milton Miller: "[PATCH 1/2] smp_call_function_many SMP race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]