Re: [PATCH] futex: fix a race condition between REQUEUE_PI and task death

[Thomas Gleixner]

On Sat, 25 Oct 2014, Brian Silverman wrote:
> On Sat, 25 Oct 2014, Thomas Gleixner wrote:
> 
> > > pi_state_free and exit_pi_state_list both clean up futex_pi_state's.
> > > exit_pi_state_list takes the hb lock first, and most callers of
> > > pi_state_free do too. requeue_pi didn't, which causes lots of problems.
> >
> > "causes lots of problems" is not really a good explanation of the root
> > cause. That wants a proper description of the race, i.e.
> >
> > CPU 0              CPU 1
> > ...                ....
> >
> > I'm surely someone who is familiar with that code, but it took me
> > quite some time to understand whats going on. The casual reader will
> > just go into brain spiral mode and give up.
> 
> Thinking about it again, I'm no longer so sure that exit_pi_state_list is the
> only place that it can race against. However, I did catch that one with a
> particularly lucky crashdump, so I know it _can_ happen there. Is just
> giving an example for that good?

Sure. That immediately makes clear whats going on.

Thanks,

	tglx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/