[PATCH net-next] af_unix: fix a fatal race with bit fields
Eric Dumazet
eric.dumazet at gmail.com
Sat May 4 00:14:15 EST 2013
On Fri, 2013-05-03 at 11:01 +0930, Alan Modra wrote:
> On Tue, Apr 30, 2013 at 10:04:32PM -0700, Eric Dumazet wrote:
> > These kind of errors are pretty hard to find, its a pity to spend time
> > on them.
>
> Well, yes. From the first comment in gcc PR52080. "For the following
> testcase we generate a 8 byte RMW cycle on IA64 which causes locking
> problems in the linux kernel btrfs filesystem."
>
> Did someone fix btrfs, but not check other kernel locks? Having now
> hit the same problem again, have you checked that other kernel locks
> don't have adjacent bit fields in the same 64-bit word? And comment
> the struct to ensure someone doesn't optimize those unsigned chars
> back to bit fields.
Not only spinlock, but atomic_t followed by bit fields.
BTW, if a spinlock is followed by bit fields, but bit fields
only changed when this spinlock is held, there is no problem, unless
spinlock is a ticket spinlock.
In af_unix, bug happens because the bit fields were changed without
spinlock being held (another global spinlock is used instead)
(ppc64 doesnt use ticket spinlocks yet)
More information about the Linuxppc-dev
mailing list