Re: [PATCH v4 3/3] RDS: make sure not to loop forever inside rds_send_xmit

[David Miller]

From: Sowmini Varadhan <sowmini.varadhan@xxxxxxxxxx>
Date: Tue,  7 Apr 2015 16:38:04 -0400

> @@ -157,6 +160,17 @@ int rds_send_xmit(struct rds_connection *conn)
>  	}
>  
>  	/*
> +	 * we record the send generation after doing the xmit acquire.
> +	 * if someone else manages to jump in and do some work, we'll use
> +	 * this to avoid a goto restart farther down.
> +	 *
> +	 * we don't need a lock because the counter is only incremented
> +	 * while we have the in_xmit bit held.
> +	 */
> +	conn->c_send_gen++;
> +	send_gen = conn->c_send_gen;

This increment does need to either be changed to be an atomic_t
or covered by a lock.

Otherwise two concurrent callers can both try to increment it at
the same time, and it only effectively increments once.  That's
corrupted state and will break all of the new logic added here.

Still very unhappy with this patch series submission, as I still find
new problems every time I look at these changes.  Are you evaluating
them and double checking all of the claims in the commit log message
and comments, and logic in these, or are you just passing them off
upstream after testing and leaving the checking to people like me?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/