Re: [PATCH v3] skbuff: fix a data race in skb_queue_len()
From: Jason A. Donenfeld
Date: Thu Feb 06 2020 - 11:38:52 EST
Hi Eric,
On Tue, Feb 04, 2020 at 01:40:29PM -0500, Qian Cai wrote:
> - list->qlen--;
> + WRITE_ONCE(list->qlen, list->qlen - 1);
Sorry I'm a bit late to the party here, but this immediately jumped out.
This generates worse code with a bigger race in some sense:
list->qlen-- is:
0: 83 6f 10 01 subl $0x1,0x10(%rdi)
whereas WRITE_ONCE(list->qlen, list->qlen - 1) is:
0: 8b 47 10 mov 0x10(%rdi),%eax
3: 83 e8 01 sub $0x1,%eax
6: 89 47 10 mov %eax,0x10(%rdi)
Are you sure that's what we want?
Jason