Re: [PATCH RFC 3/5] sched/cpufreq: Fix incorrect RCU API usage

Thu, 21 Feb 2019 07:53:13 -0800 

On Thu, Feb 21, 2019 at 04:31:17PM +0100, Peter Zijlstra wrote:
> On Thu, Feb 21, 2019 at 10:21:39AM -0500, Joel Fernandes wrote:
> > On Thu, Feb 21, 2019 at 10:18:05AM +0100, Peter Zijlstra wrote:
> > > On Thu, Feb 21, 2019 at 12:49:40AM -0500, Joel Fernandes (Google) wrote:
> > > > @@ -34,8 +34,12 @@ void cpufreq_add_update_util_hook(int cpu, struct 
> > > > update_util_data *data,
> > > >         if (WARN_ON(!data || !func))
> > > >                 return;
> > > >  
> > > > -       if (WARN_ON(per_cpu(cpufreq_update_util_data, cpu)))
> > > > +       rcu_read_lock();
> > > > +       if (WARN_ON(rcu_dereference(per_cpu(cpufreq_update_util_data, 
> > > > cpu)))) {
> > > > +               rcu_read_unlock();
> > > >                 return;
> > > > +       }
> > > > +       rcu_read_unlock();
> > > >  
> > > >         data->func = func;
> > > >         rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), 
> > > > data);
> > > 
> > > This doesn't make any kind of sense to me.
> > > 
> > 
> > As per the rcu_assign_pointer() line, I inferred that
> > cpufreq_update_util_data is expected to be RCU protected. Reading the 
> > pointer
> > value of RCU pointers generally needs to be done from RCU read section, and
> > using rcu_dereference() (or using rcu_access()).
> > 
> > In this patch, I changed cpufreq_update_util_data to be __rcu annotated to
> > avoid the sparse error thrown by rcu_assign_pointer().
> > 
> > Instead of doing that, If your intention here is RELEASE barrier, should I
> > just replace in this function:
> >     rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), data);
> > with:
> >     smp_store_release(per_cpu(cpufreq_update_util_data, cpu), data))
> > ?
> > 
> > It would be nice IMO to be explicit about the intention of release/publish
> > semantics by using smp_store_release().
> 
> No, it is RCU managed, it should be RCU. The problem is that the hunk
> above is utter crap.
> 
> All that does is read the pointer, it never actually dereferences it.

For whatever it is worth, in that case it could use rcu_access_pointer().
And this primitive does not do the lockdep check for being within an RCU
read-side critical section.  As Peter says, if there is no dereferencing,
there can be no use-after-free bug, so the RCU read-side critical is
not needed.

Good eyes, Peter!  ;-)

                                                        Thanx, Paul

Reply via email to