On Tue, Jun 05, 2012 at 02:00:30PM +0200, Eric Dumazet wrote:
> On Tue, 2012-06-05 at 13:27 +0200, Steffen Klassert wrote:
>
> > >
> > > By the way, I think we have a bug in inetpeer_gc_worker()
> > >
> > > Steffen ?
> > >
> > > We have no rcu grace period to make sure the following is safe :
> > >
> > > if (!atomic_read(&p->refcnt)) {
> > > list_del(&p->gc_list);
> > > kmem_cache_free(peer_cachep, p);
> > > }
> >
> > I think this is ok as it is. inetpeer_invalidate_tree()
> > unlinks the whole inetpeer tree from the inetpeer base and
> > adds it to a gc_list. These intetpeer entries are stale,
> > they can't be looked up again. So noone should increment the
> > refcount, they just wait until the refcount get zero.
> >
>
> Its not OK, lookups are done under rcu.
>
> Since there is no RCU grace period, the worker free the entries while
> another cpus are doing their lookups.
>
Lookups are done under rcu, yes. But a lookup will not find
these stale entries because the whole interpeer tree is removed
from the inetpeer base before the worker is scheduled. A lookup
would have to cerate a new inetpeer entry in this case.
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/containers
