Re: [PATCH,RFC] perf: panic due to inclied cpu context task_ctxvalue

[Peter Zijlstra]

On Wed, 2011-03-30 at 17:32 +0200, Oleg Nesterov wrote:
> probably smp_mb__after_atomic_inc() needs a comment...
> 
> It is needed to avoid the race between perf_sched_events_dec() and
> perf_sched_events_inc().
> 
> Suppose that we have a single event, both counters == 1. We create
> another event and call perf_sched_events_inc(). Without the barrier
> we could increment the counters in reverse order,
> 
>         jump_label_inc(&perf_sched_events_in);
>         /* ---- WINDOW ---- */
>         jump_label_inc(&perf_sched_events_out);
> 
> Now, if perf_sched_events_dec() is called in between, it can disable
> _out but not _in. This means we can leak ->task_ctx again. 

But in that case we need an mb in perf_sched_events_dec() too, because
for the !JUMP_LABEL case that's a simple atomic_dec() and combined with
synchronize_sched() being a nop for num_online_cpus()==1 there's no
ordering there either.

Also, wouldn't this then require an smp_rmb() in the
perf_event_task_sched_{in,out} COND_STMT/JUMP_LABEL read side?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/