On Tue, Nov 03, 2015 at 04:03:29PM +0100, Sebastian Andrzej Siewior wrote: > - struct msg_msg *volatile r_msg; > + struct msg_msg *r_msg;
> + wake_q_add(wake_q, msr->r_tsk); > msr->r_msg = msg; > + /* > + * Rely on the implicit cmpxchg barrier from > + * wake_q_add such that we can ensure that Davidlohr, didn't you want to make that cmpxchg_relaxed() or cmpxchg_release() ? > + * updating msr->r_msg is the last write > + * operation: As once set, the receiver can > + * continue, and if we don't have the reference Which seems to suggest you want to at least make that WRITE_ONCE() > + * count from the wake_q, yet, at that point we > + * can later have a use-after-free condition and > + * bogus wakeup. > + */ And I agree with DAvidlohr that the comment is placed oddly, one would expect it between wake_q_add() and the store in question. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
