On 11/21, Ivo Sieben wrote:
> Hi
>
> 2012/11/19 Oleg Nesterov <oleg@xxxxxxxxxx>:
> >
> > Because on a second thought I suspect this change is wrong.
> >
> > Just for example, please look at kauditd_thread(). It does
> >
> > set_current_state(TASK_INTERRUPTIBLE);
> >
> > add_wait_queue(&kauditd_wait, &wait);
> >
> > if (!CONDITION) // <-- LOAD
> > schedule();
> >
> > And the last LOAD can leak into the critical section protected by
> > wait_queue_head_t->lock, and it can be reordered with list_add()
> > inside this critical section. In this case we can race with wake_up()
> > unless it takes the same lock.
> >
> > Oleg.
> >
>
> I agree that I should solve my problem using the waitqueue_active()
> function locally. I'll abandon this patch and fix it in the
> tty_ldisc.c.
>
> But we try to understand your fault scenario: How can the LOAD leak
> into the critical section? As far as we understand the spin_unlock()
> function also contains a memory barrier
^^^^^^^^^^^^^^
Not really, in general unlock is a one-way barrier.
> to prevent such a reordering
> from happening.
Please look at the comment above prepare_to_wait(), for example. Or
look at wmb() in try_to_wake_up().
I guess this is not possible on x86, but in general
X;
LOCK();
UNLOCK();
Y;
can be reordered as
LOCK();
Y;
X;
UNLOCK();
UNLOCK + LOCK is the full memory barrier.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-serial" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
