[PATCH] futex: bugfix for robust futex deadlock when waking only one threadin handle_futex_death

From: jiang . biao2
Date: Mon Apr 08 2013 - 03:58:17 EST

Next message: Alannisannettecdlpv: "hi:) I'm Alannisannettecdlpv."
Previous message: Lars-Peter Clausen: "[PATCH] staging: cptm1217: Use dev_pm_ops"
Next in thread: zhang . yi20: "[PATCH] futex: bugfix for robust futex deadlock when waking only one threadin handle_futex_death"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Zhang Yi <zhang.yi20@xxxxxxxxxx>

The function handle_futex_death just wakes one thread, which may be not
enough
when the owner process is dead. Think about this scene：
1. A robust futex is shared for two processes, each process has multi
threads
try to get the lock.
2. One of the threads gets the lock, and the others are waiting and sorted
in
order of priority.
3. The process to which the lock owner thread belongs is dying，and
handle_futex_death is called to wake the first waiter
4. When the first waiter belongs to the same process，it has no chance to
return
to the userspace to get the lock and will not call handle_futex_death any
more，
and then the rest threads of the other process will never be waked, and
will block
forever.

This patch wakes all the waiters when lock owner is in group-exit, letting
all
the waiters return to userspace and try to get the lock again.

Signed-off-by: Zhang Yi <zhang.yi20@xxxxxxxxxx>
Tested-by: Ma Chenggong <ma.chenggong@xxxxxxxxxx>
Reviewed-by: Liu Dong <liu.dong3@xxxxxxxxxx>
Reviewed-by: Cui Yunfeng <cui.yunfeng@xxxxxxxxxx>
Reviewed-by: Lu Zhongjun <lu.zhongjun@xxxxxxxxxx>
Reviewed-by: Jiang Biao <jiang.biao2@xxxxxxxxxx>

--- orig/linux-3.9-rc5/kernel/futex.c 2013-03-31 22:12:43.000000000
+0000
+++ new/linux-3.9-rc5/kernel/futex.c 2013-04-03 12:33:27.735392000
+0000
@@ -2545,8 +2545,10 @@ retry:
* Wake robust non-PI futexes here. The wakeup of
* PI futexes happens in exit_pi_state():
*/
- if (!pi && (uval & FUTEX_WAITERS))
- futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY);
+ if (!pi && (uval & FUTEX_WAITERS)){
+ int wake_nr = signal_group_exit(current->signal) ?
INT_MAX : 1;
+ futex_wake(uaddr, 1, wake_nr,
FUTEX_BITSET_MATCH_ANY);
+ }
}
return 0;
}
--------------------------------------------------------
ZTE Information Security Notice: The information contained in this mail (and any attachment transmitted herewith) is privileged and confidential and is intended for the exclusive use of the addressee(s). If you are not an intended recipient, any disclosure, reproduction, distribution or other dissemination or use of the information contained is strictly prohibited. If you have received this mail in error, please delete it and notify us immediately.
韬{.n?????%?lzwm?b?Р骒r?zXЩ??{ay????j?f＂?????ア?⒎?:+v???????赙zZ+????"?!?O???v??m?鹈n?帼Y&

Next message: Alannisannettecdlpv: "hi:) I'm Alannisannettecdlpv."
Previous message: Lars-Peter Clausen: "[PATCH] staging: cptm1217: Use dev_pm_ops"
Next in thread: zhang . yi20: "[PATCH] futex: bugfix for robust futex deadlock when waking only one threadin handle_futex_death"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]