Skip to content

Commit 2431774

Browse files
paulmckrcupaulmckrcu
committed
rcu: Mark accesses to rcu_state.n_force_qs
This commit marks accesses to the rcu_state.n_force_qs. These data races are hard to make happen, but syzkaller was equal to the task. Reported-by: [email protected] Acked-by: Marco Elver <[email protected]> Signed-off-by: Paul E. McKenney <[email protected]>
1 parent 6880fa6 commit 2431774

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

kernel/rcu/tree.c

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1907,7 +1907,7 @@ static void rcu_gp_fqs(bool first_time)
19071907
struct rcu_node *rnp = rcu_get_root();
19081908

19091909
WRITE_ONCE(rcu_state.gp_activity, jiffies);
1910-
rcu_state.n_force_qs++;
1910+
WRITE_ONCE(rcu_state.n_force_qs, rcu_state.n_force_qs + 1);
19111911
if (first_time) {
19121912
/* Collect dyntick-idle snapshots. */
19131913
force_qs_rnp(dyntick_save_progress_counter);
@@ -2550,7 +2550,7 @@ static void rcu_do_batch(struct rcu_data *rdp)
25502550
/* Reset ->qlen_last_fqs_check trigger if enough CBs have drained. */
25512551
if (count == 0 && rdp->qlen_last_fqs_check != 0) {
25522552
rdp->qlen_last_fqs_check = 0;
2553-
rdp->n_force_qs_snap = rcu_state.n_force_qs;
2553+
rdp->n_force_qs_snap = READ_ONCE(rcu_state.n_force_qs);
25542554
} else if (count < rdp->qlen_last_fqs_check - qhimark)
25552555
rdp->qlen_last_fqs_check = count;
25562556

@@ -2898,10 +2898,10 @@ static void __call_rcu_core(struct rcu_data *rdp, struct rcu_head *head,
28982898
} else {
28992899
/* Give the grace period a kick. */
29002900
rdp->blimit = DEFAULT_MAX_RCU_BLIMIT;
2901-
if (rcu_state.n_force_qs == rdp->n_force_qs_snap &&
2901+
if (READ_ONCE(rcu_state.n_force_qs) == rdp->n_force_qs_snap &&
29022902
rcu_segcblist_first_pend_cb(&rdp->cblist) != head)
29032903
rcu_force_quiescent_state();
2904-
rdp->n_force_qs_snap = rcu_state.n_force_qs;
2904+
rdp->n_force_qs_snap = READ_ONCE(rcu_state.n_force_qs);
29052905
rdp->qlen_last_fqs_check = rcu_segcblist_n_cbs(&rdp->cblist);
29062906
}
29072907
}
@@ -4128,7 +4128,7 @@ int rcutree_prepare_cpu(unsigned int cpu)
41284128
/* Set up local state, ensuring consistent view of global state. */
41294129
raw_spin_lock_irqsave_rcu_node(rnp, flags);
41304130
rdp->qlen_last_fqs_check = 0;
4131-
rdp->n_force_qs_snap = rcu_state.n_force_qs;
4131+
rdp->n_force_qs_snap = READ_ONCE(rcu_state.n_force_qs);
41324132
rdp->blimit = blimit;
41334133
rdp->dynticks_nesting = 1; /* CPU not up, no tearing. */
41344134
rcu_dynticks_eqs_online();

0 commit comments

Comments
 (0)