From: Oleg Nesterov <oleg@redhat.com>
To: akpm@linux-foundation.org
Cc: linux-kernel@vger.kernel.org, bblum@google.com,
ebiederm@xmission.com, lizf@cn.fujitsu.com, matthltc@us.ibm.com,
menage@google.com
Subject: Re: + cgroups-add-functionality-to-read-write-lock-clone_thread-forking-pe r-threadgroup.patch added to -mm tree
Date: Fri, 21 Aug 2009 12:45:28 +0200 [thread overview]
Message-ID: <20090821104528.GA3487@redhat.com> (raw)
In-Reply-To: <20090821102611.GA2611@redhat.com>
In case I wasn't clear.
Let's suppose we have subthreads T1 and T2, and we have a reference to T1.
T1->thread_group->next == T2.
T1 dies, T1->thread_group->next is still T2.
T2 dies, rcu passed, its memory is freed and and re-used.
But T1->thread_group->next is still T2.
Now, we call threadgroup_fork_lock(T1), it sees T1->sighand == NULL and does
rcu_read_lock();
list_for_each_entry_rcu(T1->thread_group);
T1->thread_group->next points to nowhere.
Once again, I didn't actually read these patches, perhaps I missed something.
Oleg.
On 08/21, Oleg Nesterov wrote:
>
> On 08/20, Andrew Morton wrote:
> >
> > Subject: cgroups: add functionality to read/write lock CLONE_THREAD fork()ing per-threadgroup
> > From: Ben Blum <bblum@google.com>
> >
> > Add an rwsem that lives in a threadgroup's sighand_struct (next to the
> > sighand's atomic count, to piggyback on its cacheline), and two functions
> > in kernel/cgroup.c (for now) for easily+safely obtaining and releasing it.
>
> Sorry. Currently I have no time to read these patched. Absolutely :/
>
> But the very first change I noticed outside of cgroups.[ch] looks very wrong,
>
> > +struct sighand_struct *threadgroup_fork_lock(struct task_struct *tsk)
> > +{
> > + struct sighand_struct *sighand;
> > + struct task_struct *p;
> > +
> > + /* tasklist lock protects sighand_struct's disappearance in exit(). */
> > + read_lock(&tasklist_lock);
> > + if (likely(tsk->sighand)) {
> > + /* simple case - check the thread we were given first */
> > + sighand = tsk->sighand;
> > + } else {
> > + sighand = NULL;
> > + /*
> > + * tsk is exiting; try to find another thread in the group
> > + * whose sighand pointer is still alive.
> > + */
> > + rcu_read_lock();
> > + list_for_each_entry_rcu(p, &tsk->thread_group, thread_group) {
>
> If ->sighand == NULL we can't use list_for_each_entry_rcu(->thread_group),
> and rcu_read_lock() can't help.
>
> The task was removed from ->thread_group, its ->next points to nowhere.
>
> list_for_rcu(head) can _only_ work if we can trust head->next: it should
> point either to "head" (list_empty), or to the valid entry.
>
> Please correct me if I missed something.
>
> Otherwise, please send the changes which touch the process-management
> code separately. And please do not forget to CC people who work with
> this code ;)
>
> Oleg.
next prev parent reply other threads:[~2009-08-21 10:49 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-20 21:14 + cgroups-add-functionality-to-read-write-lock-clone_thread-forking-per-threadgroup.patch added to -mm tree akpm
2009-08-21 10:26 ` + cgroups-add-functionality-to-read-write-lock-clone_thread-forking-pe r-threadgroup.patch " Oleg Nesterov
2009-08-21 10:45 ` Oleg Nesterov [this message]
2009-08-21 23:37 ` Paul Menage
2009-08-22 13:09 ` Oleg Nesterov
2009-08-22 13:28 ` Paul Menage
[not found] ` <20090822130952.GA4240-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-01-03 19:06 ` Ben Blum
2010-01-03 19:06 ` Ben Blum
[not found] ` <20100103190613.GA13423-OM76b2Iv3yLQjUSlxSEPGw@public.gmane.org>
2010-01-03 19:07 ` [RFC] [PATCH 1/2] cgroups: read-write lock CLONE_THREAD forking per threadgroup Ben Blum
2010-01-03 19:07 ` Ben Blum
[not found] ` <20100103190752.GB13423-OM76b2Iv3yLQjUSlxSEPGw@public.gmane.org>
2010-01-05 18:53 ` Oleg Nesterov
2010-01-05 18:53 ` Oleg Nesterov
[not found] ` <20100105185330.GA17545-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-01-17 20:48 ` Ben Blum
2010-01-17 20:48 ` Ben Blum
[not found] ` <20100117204833.GA29596-DC+BO+AtSRVCM1neWV3AGuCmf2DRS9x2@public.gmane.org>
2010-03-22 10:22 ` Oleg Nesterov
2010-03-22 10:22 ` Oleg Nesterov
[not found] ` <20100322102247.GA8363-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2010-03-22 23:57 ` Paul Menage
2010-03-22 23:57 ` Paul Menage
2010-01-03 19:09 ` [RFC] [PATCH 2/2] cgroups: make procs file writable Ben Blum
2010-01-03 19:09 ` Ben Blum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090821104528.GA3487@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=bblum@google.com \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lizf@cn.fujitsu.com \
--cc=matthltc@us.ibm.com \
--cc=menage@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.