[PATCH] Fix hardcoded cpu=0 in workqueue for per_cpu_ptr() calls
Tracked this down on an Ultra Enterprise 3000. It's a 6-way machine. Odd thing about this machine (and it's good for finding bugs like this) is that the CPU id's are not 0 based. For instance, on my machine the CPU's are 6/7/10/11/14/15. This caused some NULL pointer dereference in kernel/workqueue.c because for single_threaded workqueue's, it hardcoded the cpu to 0. I changed the 0's to any_online_cpu(cpu_online_mask), which cpumask.h claims is "First cpu in mask". So this fits the same usage. Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
ee500f2749
commit
bce61dd49d
|
@ -102,7 +102,7 @@ int fastcall queue_work(struct workqueue_struct *wq, struct work_struct *work)
|
||||||
|
|
||||||
if (!test_and_set_bit(0, &work->pending)) {
|
if (!test_and_set_bit(0, &work->pending)) {
|
||||||
if (unlikely(is_single_threaded(wq)))
|
if (unlikely(is_single_threaded(wq)))
|
||||||
cpu = 0;
|
cpu = any_online_cpu(cpu_online_map);
|
||||||
BUG_ON(!list_empty(&work->entry));
|
BUG_ON(!list_empty(&work->entry));
|
||||||
__queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work);
|
__queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
@ -118,7 +118,7 @@ static void delayed_work_timer_fn(unsigned long __data)
|
||||||
int cpu = smp_processor_id();
|
int cpu = smp_processor_id();
|
||||||
|
|
||||||
if (unlikely(is_single_threaded(wq)))
|
if (unlikely(is_single_threaded(wq)))
|
||||||
cpu = 0;
|
cpu = any_online_cpu(cpu_online_map);
|
||||||
|
|
||||||
__queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work);
|
__queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work);
|
||||||
}
|
}
|
||||||
|
@ -266,8 +266,8 @@ void fastcall flush_workqueue(struct workqueue_struct *wq)
|
||||||
might_sleep();
|
might_sleep();
|
||||||
|
|
||||||
if (is_single_threaded(wq)) {
|
if (is_single_threaded(wq)) {
|
||||||
/* Always use cpu 0's area. */
|
/* Always use first cpu's area. */
|
||||||
flush_cpu_workqueue(per_cpu_ptr(wq->cpu_wq, 0));
|
flush_cpu_workqueue(per_cpu_ptr(wq->cpu_wq, any_online_cpu(cpu_online_map)));
|
||||||
} else {
|
} else {
|
||||||
int cpu;
|
int cpu;
|
||||||
|
|
||||||
|
@ -320,7 +320,7 @@ struct workqueue_struct *__create_workqueue(const char *name,
|
||||||
lock_cpu_hotplug();
|
lock_cpu_hotplug();
|
||||||
if (singlethread) {
|
if (singlethread) {
|
||||||
INIT_LIST_HEAD(&wq->list);
|
INIT_LIST_HEAD(&wq->list);
|
||||||
p = create_workqueue_thread(wq, 0);
|
p = create_workqueue_thread(wq, any_online_cpu(cpu_online_map));
|
||||||
if (!p)
|
if (!p)
|
||||||
destroy = 1;
|
destroy = 1;
|
||||||
else
|
else
|
||||||
|
@ -374,7 +374,7 @@ void destroy_workqueue(struct workqueue_struct *wq)
|
||||||
/* We don't need the distraction of CPUs appearing and vanishing. */
|
/* We don't need the distraction of CPUs appearing and vanishing. */
|
||||||
lock_cpu_hotplug();
|
lock_cpu_hotplug();
|
||||||
if (is_single_threaded(wq))
|
if (is_single_threaded(wq))
|
||||||
cleanup_workqueue_thread(wq, 0);
|
cleanup_workqueue_thread(wq, any_online_cpu(cpu_online_map));
|
||||||
else {
|
else {
|
||||||
for_each_online_cpu(cpu)
|
for_each_online_cpu(cpu)
|
||||||
cleanup_workqueue_thread(wq, cpu);
|
cleanup_workqueue_thread(wq, cpu);
|
||||||
|
|
Loading…
Reference in New Issue