Re: [BUG] TASK_DEAD task is able to be woken up in special condition
From: Peter Zijlstra
Date: Mon Jan 16 2012 - 08:38:11 EST
On Mon, 2012-01-16 at 20:51 +0900, Yasunori Goto wrote:
> try_to_wake_up() has a problem which may change status from TASK_DEAD to
> TASK_RUNNING in race condition with SMI or guest environment of virtual
> machine. (See: https://lkml.org/lkml/2011/12/21/523)
> As a result, exited task is scheduled() again and panic occurs.
>
> By this patch, do_exit() waits for releasing task->pi_lock which is used
> in try_to_wake_up(). It guarantees the task becomes TASK_DEAD after
> waking up.
This Changelog isn't very good. Please spell out the problem instead of
referring to it so that people using git-blame and the like don't then
have to go look up some (possibly non-existent) web-resource.
> Signed-off-by: Yasunori Goto <y-goto@xxxxxxxxxxxxxx>
>
> ---
> kernel/exit.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> Index: linux-3.2/kernel/exit.c
> ===================================================================
> --- linux-3.2.orig/kernel/exit.c
> +++ linux-3.2/kernel/exit.c
> @@ -1038,6 +1038,14 @@ NORET_TYPE void do_exit(long code)
>
> preempt_disable();
> exit_rcu();
> +
> + /*
> + * try_to_wake_up() might be waking me up due to race condition.
> + * Make sure it is finished.
> + */
That comment is waaaay too terse. What race and what must be finished?
> + smp_mb();
> + raw_spin_unlock_wait(&tsk->pi_lock);
> +
> /* causes final put_task_struct in finish_task_switch(). */
> tsk->state = TASK_DEAD;
> schedule();
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/