Commit bce61dd4 authored by Ben Collins's avatar Ben Collins Committed by Linus Torvalds
Browse files

[PATCH] Fix hardcoded cpu=0 in workqueue for per_cpu_ptr() calls



Tracked this down on an Ultra Enterprise 3000.  It's a 6-way machine.  Odd
thing about this machine (and it's good for finding bugs like this) is that
the CPU id's are not 0 based.  For instance, on my machine the CPU's are
6/7/10/11/14/15.

This caused some NULL pointer dereference in kernel/workqueue.c because for
single_threaded workqueue's, it hardcoded the cpu to 0.

I changed the 0's to any_online_cpu(cpu_online_mask), which cpumask.h
claims is "First cpu in mask".  So this fits the same usage.

Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent ee500f27
...@@ -102,7 +102,7 @@ int fastcall queue_work(struct workqueue_struct *wq, struct work_struct *work) ...@@ -102,7 +102,7 @@ int fastcall queue_work(struct workqueue_struct *wq, struct work_struct *work)
if (!test_and_set_bit(0, &work->pending)) { if (!test_and_set_bit(0, &work->pending)) {
if (unlikely(is_single_threaded(wq))) if (unlikely(is_single_threaded(wq)))
cpu = 0; cpu = any_online_cpu(cpu_online_map);
BUG_ON(!list_empty(&work->entry)); BUG_ON(!list_empty(&work->entry));
__queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work); __queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work);
ret = 1; ret = 1;
...@@ -118,7 +118,7 @@ static void delayed_work_timer_fn(unsigned long __data) ...@@ -118,7 +118,7 @@ static void delayed_work_timer_fn(unsigned long __data)
int cpu = smp_processor_id(); int cpu = smp_processor_id();
if (unlikely(is_single_threaded(wq))) if (unlikely(is_single_threaded(wq)))
cpu = 0; cpu = any_online_cpu(cpu_online_map);
__queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work); __queue_work(per_cpu_ptr(wq->cpu_wq, cpu), work);
} }
...@@ -266,8 +266,8 @@ void fastcall flush_workqueue(struct workqueue_struct *wq) ...@@ -266,8 +266,8 @@ void fastcall flush_workqueue(struct workqueue_struct *wq)
might_sleep(); might_sleep();
if (is_single_threaded(wq)) { if (is_single_threaded(wq)) {
/* Always use cpu 0's area. */ /* Always use first cpu's area. */
flush_cpu_workqueue(per_cpu_ptr(wq->cpu_wq, 0)); flush_cpu_workqueue(per_cpu_ptr(wq->cpu_wq, any_online_cpu(cpu_online_map)));
} else { } else {
int cpu; int cpu;
...@@ -320,7 +320,7 @@ struct workqueue_struct *__create_workqueue(const char *name, ...@@ -320,7 +320,7 @@ struct workqueue_struct *__create_workqueue(const char *name,
lock_cpu_hotplug(); lock_cpu_hotplug();
if (singlethread) { if (singlethread) {
INIT_LIST_HEAD(&wq->list); INIT_LIST_HEAD(&wq->list);
p = create_workqueue_thread(wq, 0); p = create_workqueue_thread(wq, any_online_cpu(cpu_online_map));
if (!p) if (!p)
destroy = 1; destroy = 1;
else else
...@@ -374,7 +374,7 @@ void destroy_workqueue(struct workqueue_struct *wq) ...@@ -374,7 +374,7 @@ void destroy_workqueue(struct workqueue_struct *wq)
/* We don't need the distraction of CPUs appearing and vanishing. */ /* We don't need the distraction of CPUs appearing and vanishing. */
lock_cpu_hotplug(); lock_cpu_hotplug();
if (is_single_threaded(wq)) if (is_single_threaded(wq))
cleanup_workqueue_thread(wq, 0); cleanup_workqueue_thread(wq, any_online_cpu(cpu_online_map));
else { else {
for_each_online_cpu(cpu) for_each_online_cpu(cpu)
cleanup_workqueue_thread(wq, cpu); cleanup_workqueue_thread(wq, cpu);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment