Re: [PATCH] fix wait_task_inactive race (was Re: Race condition in ptrace)

From: Ingo Molnar
Date: Sun Feb 06 2005 - 02:23:35 EST

Next message: Lee Revell: "Re: Please open sysfs symbols to proprietary modules"
Previous message: Jeff Garzik: "Re: [patch] scsi/libata: correct bug for ULi M5281"
In reply to: Nick Piggin: "[PATCH] fix wait_task_inactive race (was Re: Race condition in ptrace)"
Next in thread: Nick Piggin: "Re: [PATCH] fix wait_task_inactive race (was Re: Race condition inptrace)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Nick Piggin <nickpiggin@xxxxxxxxxxxx> wrote:

> When a task is put to sleep, it is dequeued from the runqueue
> while it is still running. The problem is that the runqueue
> lock can be dropped and retaken in schedule() before the task
> actually schedules off, and wait_task_inactive did not account
> for this.

ugh. This has been the Nth time we got bitten by the fundamental
unrobustness of non-atomic scheduling on some architectures ...
(And i'll say the N+1th time that this is not good.)

> +static int task_onqueue(runqueue_t *rq, task_t *p)
> +{
> + return (p->array || task_running(rq, p));
> +}

the fix looks good, but i'd go for the simplified oneliner patch below.
I dont like the name 'task_onqueue()', a because a task is 'on the
queue' when it has p->array != NULL. The task is running when it's
task_running(). On architectures with nonatomic scheduling a task may
be running while not on the queue and external observers with the
runqueue lock might notice this - and wait_task_inactive() has to take
care of this case. I'm not sure how introducing a function named
"task_onqueue()" will make the situation any clearer.

ok?

Ingo

--
When a task is put to sleep, it is dequeued from the runqueue
while it is still running. The problem is that one some arches
that has non-atomic scheduling, the runqueue lock can be
dropped and retaken in schedule() before the task actually
schedules off, and wait_task_inactive did not account for this.

Signed-off-by: Nick Piggin <nickpiggin@xxxxxxxxxxxx>
Signed-off-by: Ingo Molnar <mingo@xxxxxxx>

---

linux/kernel/sched.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)

--- linux/kernel/sched.c.orig
+++ linux/kernel/sched.c
@@ -867,7 +875,7 @@ void wait_task_inactive(task_t * p)
repeat:
rq = task_rq_lock(p, &flags);
/* Must be off runqueue entirely, not preempted. */
- if (unlikely(p->array)) {
+ if (unlikely(p->array || task_running(rq, p))) {
/* If it's preempted, we yield. It could be a while. */
preempted = !task_running(rq, p);
task_rq_unlock(rq, &flags);

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Lee Revell: "Re: Please open sysfs symbols to proprietary modules"
Previous message: Jeff Garzik: "Re: [patch] scsi/libata: correct bug for ULi M5281"
In reply to: Nick Piggin: "[PATCH] fix wait_task_inactive race (was Re: Race condition in ptrace)"
Next in thread: Nick Piggin: "Re: [PATCH] fix wait_task_inactive race (was Re: Race condition inptrace)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]