[v1] rcu: Detect accidental reuse of rcu head

[PATCH 3/3] rcu: Avoid double rcu frees

Posted by Peter Xu 1 month, 2 weeks ago

Trap call_rcu1() to make sure it won't be invoked twice for one rcu head.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Xu <peterx@redhat.com>
---
 util/rcu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/util/rcu.c b/util/rcu.c
index b703c86f15..9272fe5796 100644
--- a/util/rcu.c
+++ b/util/rcu.c
@@ -307,6 +307,8 @@ static void *call_rcu_thread(void *opaque)
 
 void call_rcu1(struct rcu_head *node, void (*func)(struct rcu_head *node))
 {
+    /* Avoid double rcu frees */
+    assert(node->func == NULL);
     node->func = func;
     enqueue(node);
     qatomic_inc(&rcu_call_count);
-- 
2.50.1

Re: [PATCH 3/3] rcu: Avoid double rcu frees

Posted by Peter Maydell 1 month, 2 weeks ago

On Mon, 29 Sept 2025 at 20:08, Peter Xu <peterx@redhat.com> wrote:
>
> Trap call_rcu1() to make sure it won't be invoked twice for one rcu head.
>
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Peter Xu <peterx@redhat.com>
> ---
>  util/rcu.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/util/rcu.c b/util/rcu.c
> index b703c86f15..9272fe5796 100644
> --- a/util/rcu.c
> +++ b/util/rcu.c
> @@ -307,6 +307,8 @@ static void *call_rcu_thread(void *opaque)
>
>  void call_rcu1(struct rcu_head *node, void (*func)(struct rcu_head *node))
>  {
> +    /* Avoid double rcu frees */

I would maybe have this say "Catch accidental attempts to
use the same rcu node for two things at once", which
isn't the same as a "double free" in the usual sense.

> +    assert(node->func == NULL);
>      node->func = func;
>      enqueue(node);
>      qatomic_inc(&rcu_call_count);

thanks
-- PMM

Re: [PATCH 3/3] rcu: Avoid double rcu frees

Posted by Peter Xu 1 month, 2 weeks ago

On Tue, Sep 30, 2025 at 10:19:54AM +0100, Peter Maydell wrote:
> On Mon, 29 Sept 2025 at 20:08, Peter Xu <peterx@redhat.com> wrote:
> >
> > Trap call_rcu1() to make sure it won't be invoked twice for one rcu head.
> >
> > Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> > Signed-off-by: Peter Xu <peterx@redhat.com>
> > ---
> >  util/rcu.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/util/rcu.c b/util/rcu.c
> > index b703c86f15..9272fe5796 100644
> > --- a/util/rcu.c
> > +++ b/util/rcu.c
> > @@ -307,6 +307,8 @@ static void *call_rcu_thread(void *opaque)
> >
> >  void call_rcu1(struct rcu_head *node, void (*func)(struct rcu_head *node))
> >  {
> > +    /* Avoid double rcu frees */
> 
> I would maybe have this say "Catch accidental attempts to
> use the same rcu node for two things at once", which
> isn't the same as a "double free" in the usual sense.

Agree.  I'll also adjust the subject when repost, thanks.

> 
> > +    assert(node->func == NULL);
> >      node->func = func;
> >      enqueue(node);
> >      qatomic_inc(&rcu_call_count);
> 
> thanks
> -- PMM
> 

-- 
Peter Xu

[PATCH 1/3] qht: Zero-initialize qht_map
[PATCH 2/3] tests/test-rcu-*: Zero-initialize allocated elements
[PATCH 3/3] rcu: Avoid double rcu frees