Re: [PATCH V3] x86 spinlock: Fix memory corruption on completing completions

[Oleg Nesterov]

On 02/12, Raghavendra K T wrote:
>
> @@ -191,8 +189,7 @@ static inline void arch_spin_unlock_wait(arch_spinlock_t *lock)
>  		 * We need to check "unlocked" in a loop, tmp.head == head
>  		 * can be false positive because of overflow.
>  		 */
> -		if (tmp.head == (tmp.tail & ~TICKET_SLOWPATH_FLAG) ||
> -		    tmp.head != head)
> +		if (__tickets_equal(tmp.head, tmp.tail) || tmp.head != head)
>  			break;

Ah, it seems that "tmp.head != head" should be turned into
!__tickets_equal(), no?

Suppose that TICKET_SLOWPATH_FLAG is set after the first ACCESS_ONCE(head),
then tmp.head != head will be true before the first unlock we are waiting
for.

And perhaps you can turn these ACCESS_ONCE into READ_ONCE as well.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/