From: Steven Rostedt <rostedt@goodmis.org>
To: Ingo Molnar <mingo@elte.hu>
Cc: Christian Borntraeger <borntrae@de.ibm.com>,
linux-kernel@vger.kernel.org,
Rusty Russell <rusty@rustcorp.com.au>,
Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@timesys.com>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
Andrew Morton <akpm@osdl.org>
Subject: Re: [PATCH] bug in futex unqueue_me
Date: Sun, 30 Jul 2006 19:53:21 -0400 [thread overview]
Message-ID: <1154303601.10074.64.camel@localhost.localdomain> (raw)
In-Reply-To: <20060730063821.GA8748@elte.hu>
On Sun, 2006-07-30 at 08:38 +0200, Ingo Molnar wrote:
> * Christian Borntraeger <borntrae@de.ibm.com> wrote:
>
> > From: Christian Borntraeger <borntrae@de.ibm.com>
> >
> > This patch adds a barrier() in futex unqueue_me to avoid aliasing of
> > two pointers.
> >
> > On my s390x system I saw the following oops:
>
> > So the code becomes more or less:
> > if (q->lock_ptr != 0) spin_lock(q->lock_ptr)
> > instead of
> > if (lock_ptr != 0) spin_lock(lock_ptr)
> >
> > Which caused the oops from above.
>
> interesting, how is this possible? We do a spin_lock(lock_ptr), and
> taking a spinlock is an implicit barrier(). So gcc must not delay
> evaluating lock_ptr to inside the critical section. And as far as i can
> see the s390 spinlock implementation goes through an 'asm volatile'
> piece of code, which is a barrier already. So how could this have
> happened? I have nothing against adding a barrier(), but we should first
> investigate why the spin_lock() didnt act as a barrier - there might be
> other, similar bugs hiding. (we rely on spin_lock()s barrier-ness in a
> fair number of places)
Ingo, this spinlock is probably still a barrier, but is it still a
barrier on itself? That is, the problem here is that we have the
compiler optimizing the lock_ptr temp variable that is used inside the
spin_lock. So does a spin_lock protect itself, or just the stuff inside
it?
Here we need a barrier to keep gcc from optimizing the use of the lock
and not what the lock is protecting.
I don't know about other areas in the kernel that has a dynamic spin
lock like this that needs protection.
-- Steve
next prev parent reply other threads:[~2006-07-30 23:53 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-27 16:41 [PATCH] bug in futex unqueue_me Christian Borntraeger
2006-07-30 6:38 ` Ingo Molnar
2006-07-30 23:53 ` Steven Rostedt [this message]
2006-07-31 8:04 ` Christian Borntraeger
2006-07-31 11:49 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1154303601.10074.64.camel@localhost.localdomain \
--to=rostedt@goodmis.org \
--cc=akpm@osdl.org \
--cc=borntrae@de.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=rusty@rustcorp.com.au \
--cc=schwidefsky@de.ibm.com \
--cc=tglx@timesys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.