Re: [PATCH v4 14/16] locking/rwsem: Guard against making count negative

[Peter Zijlstra]

On Sat, Apr 13, 2019 at 01:22:57PM -0400, Waiman Long wrote:
>  inline void __down_read(struct rw_semaphore *sem)
>  {
> +     long count = atomic_long_fetch_add_acquire(RWSEM_READER_BIAS,
> +                                                &sem->count);
> +
> +     if (unlikely(count & RWSEM_READ_FAILED_MASK)) {
> +             rwsem_down_read_failed(sem, count);
>               DEBUG_RWSEMS_WARN_ON(!is_rwsem_reader_owned(sem), sem);
>       } else {
>               rwsem_set_reader_owned(sem);

*groan*, that is not provably correct. It is entirely possible to get
enough fetch_add()s piled on top of one another to overflow regardless.

Unlikely, yes, impossible, no.

This makes me nervious as heck, I really don't want to ever have to
debug something like that :-(