From: Oleg Nesterov <oleg@redhat.com>
To: Steven Rostedt <rostedt@goodmis.org>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Rik van Riel <riel@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] signal: simplify deadlock-avoidance in lock_task_sighand()
Date: Tue, 23 Sep 2014 21:03:48 +0200 [thread overview]
Message-ID: <20140923190348.GA13976@redhat.com> (raw)
In-Reply-To: <20140922172405.71c4a110@gandalf.local.home>
On 09/22, Steven Rostedt wrote:
>
> On Mon, 22 Sep 2014 21:11:30 +0200
> Oleg Nesterov <oleg@redhat.com> wrote:
>
> > > > @@ -1261,30 +1261,25 @@ struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
> > > > unsigned long *flags)
> > > > {
> > > > struct sighand_struct *sighand;
> > > > -
> > > > + /*
> > > > + * We are going to do rcu_read_unlock() under spin_lock_irqsave().
> > > > + * Make sure we can not be preempted after rcu_read_lock(), see
> > > > + * rcu_read_unlock() comment header for details.
> > > > + */
> > > > + preempt_disable();
> > >
> > > The sad part is, this is going to break -rt.
> >
> > Hmm, why??
>
> Because in -rt, siglock is a mutex.
Yes, thanks... I thougt that -rt should handle this somehow, we have
more examples of preempt_disable() + spin_lock().
OK, let's forger this patch. It was supposed to be a cleanup, it should
not disturb -rt.
> > In fact this deadlock is not really possible in any case, scheduler locks
> > should be fine under ->siglock (for example, signal_wake_up() is called
> > under this lock).
> >
> > But, the comment above rcu_read_unlock() says:
> >
> > Given that the set of locks acquired by rt_mutex_unlock() might change
> > at any time, a somewhat more future-proofed approach is to make sure
> > that that preemption never happens ...
>
> Hmm, I'm not sure we need to worry about this. As in -rt siglock is a
> mutex, which is rt_mutex() itself, I highly doubt we will have
> rt_mutex_unlock() grab siglock, otherwise that would cause havoc in -rt.
Yes. And, the changelog in a841796f "signal: align __lock_task_sighand() irq
disabling and RCU" says:
It is therefore possible that this RCU read-side critical
section will be preempted and later RCU priority boosted, which means
that rcu_read_unlock() will call rt_mutex_unlock() in order to deboost
itself, but with interrupts disabled. This results in lockdep splats
...
It is quite possible that a better long-term fix is to make rt_mutex_unlock()
disable irqs when acquiring the rt_mutex structure's ->wait_lock.
but this doesn't look right, raw_spin_lock(&lock->wait_lock) should be
fine with irqs disabled or I am totally confused. rt_mutex_adjust_prio()
does _irqsave/irqrestore, so this can't enable interrupts.
Paul, will you agree if we turn it into
struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
unsigned long *flags)
{
struct sighand_struct *sighand;
rcu_read_lock();
for (;;) {
sighand = rcu_dereference(tsk->sighand);
if (unlikely(sighand == NULL))
break;
spin_lock_irqsave(&sighand->siglock, *flags);
if (likely(sighand == tsk->sighand))
break;
spin_unlock_irqrestore(&sighand->siglock, *flags);
}
/*
* On the succesfull return we hold ->siglock. According to comment
* above rcu_read_unlock() this is against the rules, but scheduler
* locks are fine under this lock, signal_wake_up() takes them too.
*/
rcu_read_unlock();
return sighand;
}
?
Or I can leave this code alone, this is the minor cleanup. Just to me this
sequence
local_irq_save();
rcu_read_lock();
spin_lock();
looks a bit confusing/annoying even with the comment.
Oleg.
next prev parent reply other threads:[~2014-09-23 19:07 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-22 16:44 [PATCH 0/2] signal: simplify/document lock_task_sighand() logic Oleg Nesterov
2014-09-22 16:44 ` [PATCH 1/2] signal: simplify deadlock-avoidance in lock_task_sighand() Oleg Nesterov
2014-09-22 18:58 ` Steven Rostedt
2014-09-22 19:11 ` Oleg Nesterov
2014-09-22 21:24 ` Steven Rostedt
2014-09-23 11:45 ` Rik van Riel
2014-09-23 14:20 ` Peter Zijlstra
2014-09-23 14:30 ` Steven Rostedt
2014-09-23 19:03 ` Oleg Nesterov [this message]
2014-09-24 8:36 ` Paul E. McKenney
2014-09-23 15:55 ` Peter Zijlstra
2014-09-22 16:44 ` [PATCH 2/2] signal: document the RCU protection of ->sighand Oleg Nesterov
2014-09-22 19:00 ` Steven Rostedt
2014-09-23 11:50 ` Rik van Riel
2014-09-28 21:43 ` [PATCH v2 0/2] document ->sighand protection, rcu_read_unlock() deadlocks Oleg Nesterov
2014-09-28 21:44 ` [PATCH v2 1/2] signal: document the RCU protection of ->sighand Oleg Nesterov
2014-09-28 21:44 ` [PATCH v2 2/2] rcu: more info about potential deadlocks with rcu_read_unlock() Oleg Nesterov
2014-10-23 19:56 ` [PATCH v2 0/2] document ->sighand protection, rcu_read_unlock() deadlocks Oleg Nesterov
2014-10-23 20:29 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140923190348.GA13976@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.