Hello,
On Sat, Jul 21, 2012 at 02:20:06PM -0400, Andy Walls wrote:
> > + worker->current_work = work;
> > spin_unlock_irq(&worker->lock);
> >
> > if (work) {
> > __set_current_state(TASK_RUNNING);
> > work->func(work);
>
> If the call to 'work->func(work);' frees the memory pointed to by
> 'work', 'worker->current_work' points to deallocated memory.
> So 'worker->current_work' will only ever used as a unique 'work'
> identifier to handle, correct?
Yeah. flush_kthread_work(@work) which can only be called if @work is
known to be alive looks at the pointer to determine whether it's the
current work item on the worker.
> > void flush_kthread_work(struct kthread_work *work)
> > {
> > - int seq = work->queue_seq;
> > + struct kthread_flush_work fwork = {
> > + KTHREAD_WORK_INIT(fwork.work, kthread_flush_work_fn),
> > + COMPLETION_INITIALIZER_ONSTACK(fwork.done),
> > + };
> > + struct kthread_worker *worker;
> > + bool noop = false;
> > +
>
> You might want a check for 'work == NULL' here, to gracefully handle
> code like the following:
>
> void driver_work_handler(struct kthread_work *work)
> {
> ...
> kfree(work);
> }
>
> struct kthread_work *driver_queue_batch(void)
> {
> struct kthread_work *work = NULL;
> ...
> while (driver_more_stuff_todo()) {
> work = kzalloc(sizeof(struct kthread work), GFP_WHATEVER);
> ...
> queue_kthread_work(&driver_worker, work);
> }
> return work;
> }
>
> void driver_foobar(void)
> {
> ...
> flush_kthread_work(driver_queue_batch());
> ...
> }
workqueue's flush_work() doesn't allow %NULL pointer. I don't want to
make the behaviors deviate and don't see much point in changing
workqueue's behavior at this point.
Thanks.
--
tejun
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
