Re: Race condition in 2.4 tasklet handling (cli() broken?)

From: TeJun Huh
Date: Fri Aug 22 2003 - 23:12:28 EST

Next message: Randy.Dunlap: "selinux build failure"
Previous message: Randy.Dunlap: "Re: [RFC] [PATCH] linux-2.4.22-rc2_proc-interrupts-fix_A0.patch"
In reply to: TeJun Huh: "Race condition in 2.4 tasklet handling"
Next in thread: TeJun Huh: "Re: Race condition in 2.4 tasklet handling (cli() broken?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Additional suspicious things.

1. tasklet_kill() has similar race condition. mb() required before
tasklet_unlock_wait().

2. local_bh_count() and global_bh_lock tests inside wait_on_irq()
suggests that cli() tries to block not only interrupt handling but all
softirq handlings of all cpus; however, current implementation does
not guarantee that.

Because local_bh_count is adjusted in do_softirq() _after_
decrementing local_irq_count(), other cpus may happily begin
softirq/tasklet/bh handling while a cpu is inside cli() - sti()
critical section.

If softirq handling is not guaranteed to be blocked during cli() -
sti() critical section, local_bh_count() and global_bh_lock tests
inside wait_on_irq() are redundant, and if it should be guranteed,
current implementation seems broken.

--
tejun
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy.Dunlap: "selinux build failure"
Previous message: Randy.Dunlap: "Re: [RFC] [PATCH] linux-2.4.22-rc2_proc-interrupts-fix_A0.patch"
In reply to: TeJun Huh: "Race condition in 2.4 tasklet handling"
Next in thread: TeJun Huh: "Re: Race condition in 2.4 tasklet handling (cli() broken?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]