On 06/29, Artem Bityutskiy wrote: > > On Wed, 2010-06-23 at 21:41 +0200, Oleg Nesterov wrote: > > On 06/23, Kees Cook wrote: > > > > > > @@ -956,7 +957,15 @@ void set_task_comm(struct task_struct *tsk, char *buf) > > > */ > > > memset(tsk->comm, 0, TASK_COMM_LEN); > > > wmb(); > > > > Off-topic. I'd wish I could understand this barrier. Since the lockless > > reader doesn't do rmb() I don't see how this can help. > > This wmb() looks wrong to me as well. To achieve what the comment in > this function says, it should be smp_wmb() and we should have smp_rmb() > in the reading side, AFAIU. > > > OTOH, I don't > > understand why it is needed, we never change ->comm[TASK_COMM_LEN-1] == '0'. > > I think the idea was that readers can see incomplete names, but not > messed up names, consisting of old and new ones. OK, agreed, comm[TASK_COMM_LEN-1] == '0' can't help to avoid the messed names. But nether can help smp_rmb() in the reading (lockless) side? Say, printk("comm=%s\n", current->comm); if we add rmb() before printk, it can't make any difference. The lockless code should do something like get_comm_lockless(char *to, char *comm) { while (*comm++ = *to++) rmb(); } to ensure it sees the result of memset(tsk->comm, 0, TASK_COMM_LEN); wmb(); strcpy(tsk->comm, buf); in the right order. otherwise printk("comm=%s\n", current->comm) can read, say, comm[1] before set_task_comm->memset(), and comm[0] after set_task_comm->strcpy(). So, afaics, set_task_comm()->wmb() buys nothing and should be removed. The last zero char in task_struct->comm[] is always here, at least this guarantees that strcpy(char *dest, tsk->comm) is always safe. (I cc'ed the expert, Paul can correct me) Oleg. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html