From: "Paul E. McKenney" <paulmck@linux.ibm.com>
To: Colin Ian King <colin.king@canonical.com>
Cc: Josh Triplett <josh@joshtriplett.org>,
Steven Rostedt <rostedt@goodmis.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Lai Jiangshan <jiangshanlai@gmail.com>,
Joel Fernandes <joel@joelfernandes.org>,
rcu@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: rcu/nocb: Add bypass callback queueing, bug report
Date: Tue, 13 Aug 2019 08:23:50 -0700 [thread overview]
Message-ID: <20190813152350.GC28441@linux.ibm.com> (raw)
In-Reply-To: <e89f5af3-dcf3-986f-828f-14e10cef9915@canonical.com>
On Tue, Aug 13, 2019 at 01:34:02PM +0100, Colin Ian King wrote:
> Hi,
>
> Static analysis on linux-next today found an issue in the following commit:
>
> commit 1afc4b18724f8f7b7a21fdf66cd43cc4a932812d
> Author: Paul E. McKenney <paulmck@linux.ibm.com>
> Date: Tue Jul 2 16:03:33 2019 -0700
>
> rcu/nocb: Add bypass callback queueing
>
>
> The coverity report is as follows:
>
> 1783 // If we have advanced to a new jiffy, reset counts to allow
> 1784 // moving back from ->nocb_bypass to ->cblist.
> 1785 if (j == rdp->nocb_nobypass_last) {
> 1786 c = rdp->nocb_nobypass_count + 1;
> 1787 } else {
> 1788 WRITE_ONCE(rdp->nocb_nobypass_last, j);
> 1789 c = rdp->nocb_nobypass_count -
> nocb_nobypass_lim_per_jiffy;
> 1790 if (c > nocb_nobypass_lim_per_jiffy)
> 1791 c = nocb_nobypass_lim_per_jiffy;
>
> CID 85141 (#1 of 1): Unsigned compared against 0
> unsigned_compare: This less-than-zero comparison of an unsigned value is
> never true. c < 0UL.
>
> 1792 else if (c < 0)
> 1793 c = 0;
>
> Variable c is an unsigned long so the c < 0 check is never true. I'm not
> sure what the ramifications are if c is made a signed long instead, so
> I'm not fixing this and reporting this issue.
Good catch!!!
How about the alleged fix shown below?
Thanx, Paul
------------------------------------------------------------------------
diff --git a/kernel/rcu/tree_plugin.h b/kernel/rcu/tree_plugin.h
index 91cefa3bf943..2defc7fe74c3 100644
--- a/kernel/rcu/tree_plugin.h
+++ b/kernel/rcu/tree_plugin.h
@@ -1787,10 +1787,11 @@ static bool rcu_nocb_try_bypass(struct rcu_data *rdp, struct rcu_head *rhp,
} else {
WRITE_ONCE(rdp->nocb_nobypass_last, j);
c = rdp->nocb_nobypass_count - nocb_nobypass_lim_per_jiffy;
- if (c > nocb_nobypass_lim_per_jiffy)
- c = nocb_nobypass_lim_per_jiffy;
- else if (c < 0)
+ if (ULONG_CMP_LT(rdp->nocb_nobypass_count,
+ nocb_nobypass_lim_per_jiffy))
c = 0;
+ else if (c > nocb_nobypass_lim_per_jiffy)
+ c = nocb_nobypass_lim_per_jiffy;
}
WRITE_ONCE(rdp->nocb_nobypass_count, c);
prev parent reply other threads:[~2019-08-13 15:24 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-13 12:34 rcu/nocb: Add bypass callback queueing, bug report Colin Ian King
2019-08-13 15:23 ` Paul E. McKenney [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190813152350.GC28441@linux.ibm.com \
--to=paulmck@linux.ibm.com \
--cc=colin.king@canonical.com \
--cc=jiangshanlai@gmail.com \
--cc=joel@joelfernandes.org \
--cc=josh@joshtriplett.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=rcu@vger.kernel.org \
--cc=rostedt@goodmis.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.