Re: [RFC][PATCH] sched: Fix TASK_DEAD race in finish_task_switch()

From: Linus Torvalds
Date: Tue Sep 29 2015 - 13:42:05 EST

Next message: Chris Metcalf: "Re: [PATCH v7 07/11] arch/x86: enable task isolation functionality"
Previous message: santosh shilimkar: "Re: [PATCH 0/2] memory: Fix module autoload for OF platform driver"
In reply to: Peter Zijlstra: "Re: [RFC][PATCH] sched: Fix TASK_DEAD race in finish_task_switch()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 29, 2015 at 12:50 PM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> The control dependency creates a LOAD->STORE order, that is, no STOREs
> can happen until we observe !p->on_cpu.

Fair enough.

> Right, but wmb isn't sufficient as it doesn't order the prev->state LOAD
> vs the prev->on_cpu = 0 STORE. If those happen in the wrong order the
> described race can happen and we get a use-after-free.

.. and you convinced me. The patch is good. Ack.

Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Metcalf: "Re: [PATCH v7 07/11] arch/x86: enable task isolation functionality"
Previous message: santosh shilimkar: "Re: [PATCH 0/2] memory: Fix module autoload for OF platform driver"
In reply to: Peter Zijlstra: "Re: [RFC][PATCH] sched: Fix TASK_DEAD race in finish_task_switch()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]