diff for duplicates of <20200828100022.1099682-4-npiggin@gmail.com> diff --git a/a/content_digest b/N1/content_digest index 8de4a48..0ba106e 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -3,16 +3,16 @@ "Subject\0[PATCH 3/4] sparc64: remove mm_cpumask clearing to fix kthread_use_mm race\0" "Date\0Fri, 28 Aug 2020 20:00:21 +1000\0" "To\0linux-mm@kvack.org\0" - "Cc\0Nicholas Piggin <npiggin@gmail.com>" - linux-arch@vger.kernel.org - linux-kernel@vger.kernel.org - linuxppc-dev@lists.ozlabs.org - Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com> - Andrew Morton <akpm@linux-foundation.org> + "Cc\0linux-arch@vger.kernel.org" Jens Axboe <axboe@kernel.dk> Peter Zijlstra <peterz@infradead.org> - David S. Miller <davem@davemloft.net> - " sparclinux@vger.kernel.org\0" + Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com> + linux-kernel@vger.kernel.org + Nicholas Piggin <npiggin@gmail.com> + sparclinux@vger.kernel.org + Andrew Morton <akpm@linux-foundation.org> + linuxppc-dev@lists.ozlabs.org + " David S. Miller <davem@davemloft.net>\0" "\00:1\0" "b\0" "The de facto (and apparently uncommented) standard for using an mm had,\n" @@ -182,4 +182,4 @@ "-- \n" 2.23.0 -30cc44aca03bfa6c4c36c780b4803ba5dbce24f407874bbdefe4dc10b3f69d89 +7f029240c7089f4d9caefd42673da5a25f74fd8634c9f9e3ef1eb35ac3c79c50
diff --git a/a/1.txt b/N2/1.txt index e28c7a8..c3d884d 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -14,14 +14,14 @@ kthread_use_mm() is not). io_uring 2b188cc1bb857 ("Add io_uring IO interface") added code which does a kthread_use_mm() from a mmget_not_zero() refcount. -The problem with this is code which previously assumed mm == current->mm -and mm->mm_users == 1 implies the mm will remain single-threaded at +The problem with this is code which previously assumed mm = current->mm +and mm->mm_users = 1 implies the mm will remain single-threaded at least until this thread creates another mm_users reference, has now broken. arch/sparc/kernel/smp_64.c: - if (atomic_read(&mm->mm_users) == 1) { + if (atomic_read(&mm->mm_users) = 1) { cpumask_copy(mm_cpumask(mm), cpumask_of(cpu)); goto local_flush_and_out; } @@ -33,7 +33,7 @@ vs fs/io_uring.c return -EFAULT; kthread_use_mm(ctx->sqo_mm); -mmget_not_zero() could come in right after the mm_users == 1 test, then +mmget_not_zero() could come in right after the mm_users = 1 test, then kthread_use_mm() which sets its CPU in the mm_cpumask. That update could be lost if cpumask_copy() occurs afterward. @@ -78,7 +78,7 @@ index e286e2badc8a..e38d8bf454e8 100644 - * that processes tsk->active_mm->cpu_vm_mask does not have the - * current cpu's bit set, that tlb context is flushed locally. - * -- * If the address space is non-shared (ie. mm->count == 1) we avoid +- * If the address space is non-shared (ie. mm->count = 1) we avoid - * cross calls when we want to flush the currently running process's - * tlb state. This is done by clearing all cpu bits except the current - * processor's in current->mm->cpu_vm_mask and performing the @@ -105,7 +105,7 @@ index e286e2badc8a..e38d8bf454e8 100644 u32 ctx = CTX_HWBITS(mm->context); - int cpu = get_cpu(); -- if (atomic_read(&mm->mm_users) == 1) { +- if (atomic_read(&mm->mm_users) = 1) { - cpumask_copy(mm_cpumask(mm), cpumask_of(cpu)); - goto local_flush_and_out; - } @@ -131,7 +131,7 @@ index e286e2badc8a..e38d8bf454e8 100644 info.nr = nr; info.vaddrs = vaddrs; -- if (mm == current->mm && atomic_read(&mm->mm_users) == 1) +- if (mm = current->mm && atomic_read(&mm->mm_users) = 1) - cpumask_copy(mm_cpumask(mm), cpumask_of(cpu)); - else - smp_call_function_many(mm_cpumask(mm), tlb_pending_func, @@ -147,7 +147,7 @@ index e286e2badc8a..e38d8bf454e8 100644 unsigned long context = CTX_HWBITS(mm->context); - int cpu = get_cpu(); -- if (mm == current->mm && atomic_read(&mm->mm_users) == 1) +- if (mm = current->mm && atomic_read(&mm->mm_users) = 1) - cpumask_copy(mm_cpumask(mm), cpumask_of(cpu)); - else - smp_cross_call_masked(&xcall_flush_tlb_page, diff --git a/a/content_digest b/N2/content_digest index 8de4a48..4c23b34 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,7 +1,7 @@ "ref\020200828100022.1099682-1-npiggin@gmail.com\0" "From\0Nicholas Piggin <npiggin@gmail.com>\0" "Subject\0[PATCH 3/4] sparc64: remove mm_cpumask clearing to fix kthread_use_mm race\0" - "Date\0Fri, 28 Aug 2020 20:00:21 +1000\0" + "Date\0Fri, 28 Aug 2020 10:00:21 +0000\0" "To\0linux-mm@kvack.org\0" "Cc\0Nicholas Piggin <npiggin@gmail.com>" linux-arch@vger.kernel.org @@ -31,14 +31,14 @@ "io_uring 2b188cc1bb857 (\"Add io_uring IO interface\") added code which\n" "does a kthread_use_mm() from a mmget_not_zero() refcount.\n" "\n" - "The problem with this is code which previously assumed mm == current->mm\n" - "and mm->mm_users == 1 implies the mm will remain single-threaded at\n" + "The problem with this is code which previously assumed mm = current->mm\n" + "and mm->mm_users = 1 implies the mm will remain single-threaded at\n" "least until this thread creates another mm_users reference, has now\n" "broken.\n" "\n" "arch/sparc/kernel/smp_64.c:\n" "\n" - " if (atomic_read(&mm->mm_users) == 1) {\n" + " if (atomic_read(&mm->mm_users) = 1) {\n" " cpumask_copy(mm_cpumask(mm), cpumask_of(cpu));\n" " goto local_flush_and_out;\n" " }\n" @@ -50,7 +50,7 @@ " return -EFAULT;\n" " kthread_use_mm(ctx->sqo_mm);\n" "\n" - "mmget_not_zero() could come in right after the mm_users == 1 test, then\n" + "mmget_not_zero() could come in right after the mm_users = 1 test, then\n" "kthread_use_mm() which sets its CPU in the mm_cpumask. That update could\n" "be lost if cpumask_copy() occurs afterward.\n" "\n" @@ -95,7 +95,7 @@ "- * that processes tsk->active_mm->cpu_vm_mask does not have the\n" "- * current cpu's bit set, that tlb context is flushed locally.\n" "- *\n" - "- * If the address space is non-shared (ie. mm->count == 1) we avoid\n" + "- * If the address space is non-shared (ie. mm->count = 1) we avoid\n" "- * cross calls when we want to flush the currently running process's\n" "- * tlb state. This is done by clearing all cpu bits except the current\n" "- * processor's in current->mm->cpu_vm_mask and performing the\n" @@ -122,7 +122,7 @@ " \tu32 ctx = CTX_HWBITS(mm->context);\n" "-\tint cpu = get_cpu();\n" " \n" - "-\tif (atomic_read(&mm->mm_users) == 1) {\n" + "-\tif (atomic_read(&mm->mm_users) = 1) {\n" "-\t\tcpumask_copy(mm_cpumask(mm), cpumask_of(cpu));\n" "-\t\tgoto local_flush_and_out;\n" "-\t}\n" @@ -148,7 +148,7 @@ " \tinfo.nr = nr;\n" " \tinfo.vaddrs = vaddrs;\n" " \n" - "-\tif (mm == current->mm && atomic_read(&mm->mm_users) == 1)\n" + "-\tif (mm = current->mm && atomic_read(&mm->mm_users) = 1)\n" "-\t\tcpumask_copy(mm_cpumask(mm), cpumask_of(cpu));\n" "-\telse\n" "-\t\tsmp_call_function_many(mm_cpumask(mm), tlb_pending_func,\n" @@ -164,7 +164,7 @@ " \tunsigned long context = CTX_HWBITS(mm->context);\n" "-\tint cpu = get_cpu();\n" " \n" - "-\tif (mm == current->mm && atomic_read(&mm->mm_users) == 1)\n" + "-\tif (mm = current->mm && atomic_read(&mm->mm_users) = 1)\n" "-\t\tcpumask_copy(mm_cpumask(mm), cpumask_of(cpu));\n" "-\telse\n" "-\t\tsmp_cross_call_masked(&xcall_flush_tlb_page,\n" @@ -182,4 +182,4 @@ "-- \n" 2.23.0 -30cc44aca03bfa6c4c36c780b4803ba5dbce24f407874bbdefe4dc10b3f69d89 +d2f1bad2cf53ef7a813acb8a2dfb5406f6c05980306d9bff77d91866bd4fdd98
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.