Re: [PATCH v4 14/16] locking/rwsem: Guard against making count negative

From: Peter Zijlstra
Date: Thu Apr 18 2019 - 09:51:59 EST


On Sat, Apr 13, 2019 at 01:22:57PM -0400, Waiman Long wrote:
> inline void __down_read(struct rw_semaphore *sem)
> {
> + long count = atomic_long_fetch_add_acquire(RWSEM_READER_BIAS,
> + &sem->count);
> +
> + if (unlikely(count & RWSEM_READ_FAILED_MASK)) {
> + rwsem_down_read_failed(sem, count);
> DEBUG_RWSEMS_WARN_ON(!is_rwsem_reader_owned(sem), sem);
> } else {
> rwsem_set_reader_owned(sem);

*groan*, that is not provably correct. It is entirely possible to get
enough fetch_add()s piled on top of one another to overflow regardless.

Unlikely, yes, impossible, no.

This makes me nervious as heck, I really don't want to ever have to
debug something like that :-(