From: Oleg Nesterov <oleg@redhat.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>,
Ananth Mavinakayanahalli <ananth@in.ibm.com>,
Christoph Hellwig <hch@infradead.org>,
"Frank Ch. Eigler" <fche@redhat.com>, Ingo Molnar <mingo@elte.hu>,
Roland McGrath <roland@redhat.com>,
linux-kernel@vger.kernel.org, utrace-devel@redhat.com
Subject: Re: [RFC,PATCH 14/14] utrace core
Date: Wed, 2 Dec 2009 19:34:46 +0100 [thread overview]
Message-ID: <20091202183446.GA14799@redhat.com> (raw)
In-Reply-To: <1259697242.1697.1075.camel@laptop>
On 12/01, Peter Zijlstra wrote:
>
> > +static inline __must_check int utrace_control_pid(
> > + struct pid *pid, struct utrace_engine *engine,
> > + enum utrace_resume_action action)
> > +{
> > + /*
> > + * We don't bother with rcu_read_lock() here to protect the
> > + * task_struct pointer, because utrace_control will return
> > + * -ESRCH without looking at that pointer if the engine is
> > + * already detached. A task_struct pointer can't die before
> > + * all the engines are detached in release_task() first.
> > + */
> > + struct task_struct *task = pid_task(pid, PIDTYPE_PID);
> > + return unlikely(!task) ? -ESRCH : utrace_control(task, engine, action);
> > +}
>
> Is that comment correct? Without rcu_read_lock() the pidhash can change
> under our feet and maybe cause funny things?
I already tried to answer, but I guess my email was not very clear. Let me
try again.
pid_task() by itself is safe, but yes, it is possible that utrace_control()
is called with target == NULL, or this task_task was already freed/reused.
utrace_control(target) path does not use target until it verifies it is
safe to dereference it.
get_utrace_lock() calls rcu_read_lock() and checks that engine->ops
is not cleared (NULL or utrace_detached_ops). If we see the valid ->ops
under rcu_read_lock() it is safe to dereference target, even if we race
with release_task() we know that it has not passed utrace_release_task()
yet, and thus we know call_rcu(delayed_put_task_struct) was not yet
called _before_ we took rcu_read_lock().
If it is safe to dereference target, we can take utrace->lock. Once
we take this lock (and re-check engine->ops) the task can't go away
until we drop it, get_utrace_lock() drops rcu lock and returns with
utrace->lock held.
utrace_control() can safely play with target under utrace->lock.
> > + /*
> > + * If this flag is still set it's because there was a signal
> > + * handler setup done but no report_signal following it. Clear
> > + * the flag before we get to user so it doesn't confuse us later.
> > + */
> > + if (unlikely(utrace->signal_handler)) {
> > + spin_lock(&utrace->lock);
> > + utrace->signal_handler = 0;
> > + spin_unlock(&utrace->lock);
> > + }
>
> OK, so maybe you get to explain why this works..
Missed this part yesterday.
Well. ->signal_handler is set by handle_signal() when the signal was
delivered to the tracee. This flag is checked by utrace_get_signal()
to detect the stepping. But we should not return to user-mode with
this flag set, that is why utrace_resume() clears it.
However. This reminds me we were going to try to simplify this logic,
I'll try to think about this.
Oleg.
next prev parent reply other threads:[~2009-12-02 18:40 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-24 20:02 [RFC,PATCH 14/14] utrace core Oleg Nesterov
2009-11-24 20:32 ` Andi Kleen
2009-11-24 20:41 ` Oleg Nesterov
2009-11-24 21:26 ` Andi Kleen
2009-11-24 21:31 ` Frank Ch. Eigler
2009-11-24 21:34 ` Andi Kleen
2009-11-24 21:44 ` Oleg Nesterov
2009-11-25 8:46 ` Andi Kleen
2009-11-25 14:55 ` Oleg Nesterov
2009-11-25 16:00 ` Ingo Molnar
2009-11-25 21:50 ` Christoph Hellwig
2009-12-01 23:47 ` Roland McGrath
2009-12-01 19:54 ` Peter Zijlstra
2009-12-01 22:08 ` Oleg Nesterov
2009-12-07 18:34 ` Peter Zijlstra
2009-12-08 15:04 ` Oleg Nesterov
2009-12-08 15:29 ` Peter Zijlstra
2009-12-08 16:31 ` Oleg Nesterov
2009-12-08 18:19 ` Peter Zijlstra
2009-12-08 18:37 ` Oleg Nesterov
2009-12-13 20:48 ` Roland McGrath
2009-12-08 15:35 ` Peter Zijlstra
2009-12-08 17:51 ` Oleg Nesterov
2009-12-02 5:44 ` Roland McGrath
2009-12-02 18:34 ` Oleg Nesterov [this message]
2009-12-02 18:49 ` Oleg Nesterov
2009-12-05 19:14 ` Roland McGrath
2009-12-14 0:25 ` Roland McGrath
2009-12-14 13:51 ` Peter Zijlstra
2009-12-14 17:41 ` Oleg Nesterov
2009-12-14 19:31 ` Oleg Nesterov
2009-12-14 19:42 ` Roland McGrath
2009-12-16 11:18 ` Roland McGrath
2009-12-14 17:03 ` Oleg Nesterov
2009-12-14 19:44 ` Roland McGrath
2009-12-14 20:24 ` Oleg Nesterov
2009-12-15 2:59 ` Roland McGrath
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091202183446.GA14799@redhat.com \
--to=oleg@redhat.com \
--cc=adobriyan@gmail.com \
--cc=ananth@in.ibm.com \
--cc=fche@redhat.com \
--cc=hch@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=peterz@infradead.org \
--cc=roland@redhat.com \
--cc=utrace-devel@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.