[PATCH v2 1/2] signal: document the RCU protection of ->sighand

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Rik van Riel <riel@redhat.com>,
	Steven Rostedt <rostedt@goodmis.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	linux-kernel@vger.kernel.org
Subject: [PATCH v2 1/2] signal: document the RCU protection of ->sighand
Date: Sun, 28 Sep 2014 23:44:18 +0200	[thread overview]
Message-ID: <20140928214418.GA17965@redhat.com> (raw)
In-Reply-To: <20140928214357.GA17874@redhat.com>

__cleanup_sighand() frees sighand without RCU grace period. This is
correct but this looks "obviously buggy" and constantly confuses the
readers, add the comments to explain how this works.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Steven Rostedt <rostedt@goodmis.org>
Reviewed-by: Rik van Riel <riel@redhat.com>
---
 kernel/fork.c   |    5 ++++-
 kernel/signal.c |   12 +++++++++++-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 1380d8a..2dd9f1d 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1017,11 +1017,14 @@ void __cleanup_sighand(struct sighand_struct *sighand)
 {
 	if (atomic_dec_and_test(&sighand->count)) {
 		signalfd_cleanup(sighand);
+		/*
+		 * sighand_cachep is SLAB_DESTROY_BY_RCU so we can free it
+		 * without an RCU grace period, see __lock_task_sighand().
+		 */
 		kmem_cache_free(sighand_cachep, sighand);
 	}
 }
 
-
 /*
  * Initialize POSIX timer handling for a thread group.
  */
diff --git a/kernel/signal.c b/kernel/signal.c
index 8f0876f..c187133 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -1275,7 +1275,17 @@ struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
 			local_irq_restore(*flags);
 			break;
 		}
-
+		/*
+		 * This sighand can be already freed and even reused, but
+		 * we rely on SLAB_DESTROY_BY_RCU and sighand_ctor() which
+		 * initializes ->siglock: this slab can't go away, it has
+		 * the same object type, ->siglock can't be reinitialized.
+		 *
+		 * We need to ensure that tsk->sighand is still the same
+		 * after we take the lock, we can race with de_thread() or
+		 * __exit_signal(). In the latter case the next iteration
+		 * must see ->sighand == NULL.
+		 */
 		spin_lock(&sighand->siglock);
 		if (likely(sighand == tsk->sighand)) {
 			rcu_read_unlock();
-- 
1.5.5.1

next prev parent reply	other threads:[~2014-09-28 21:47 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-09-22 16:44 [PATCH 0/2] signal: simplify/document lock_task_sighand() logic Oleg Nesterov
2014-09-22 16:44 ` [PATCH 1/2] signal: simplify deadlock-avoidance in lock_task_sighand() Oleg Nesterov
2014-09-22 18:58   ` Steven Rostedt
2014-09-22 19:11     ` Oleg Nesterov
2014-09-22 21:24       ` Steven Rostedt
2014-09-23 11:45         ` Rik van Riel
2014-09-23 14:20           ` Peter Zijlstra
2014-09-23 14:30             ` Steven Rostedt
2014-09-23 19:03         ` Oleg Nesterov
2014-09-24  8:36           ` Paul E. McKenney
2014-09-23 15:55   ` Peter Zijlstra
2014-09-22 16:44 ` [PATCH 2/2] signal: document the RCU protection of ->sighand Oleg Nesterov
2014-09-22 19:00   ` Steven Rostedt
2014-09-23 11:50   ` Rik van Riel
2014-09-28 21:43 ` [PATCH v2 0/2] document ->sighand protection, rcu_read_unlock() deadlocks Oleg Nesterov
2014-09-28 21:44   ` Oleg Nesterov [this message]
2014-09-28 21:44   ` [PATCH v2 2/2] rcu: more info about potential deadlocks with rcu_read_unlock() Oleg Nesterov
2014-10-23 19:56   ` [PATCH v2 0/2] document ->sighand protection, rcu_read_unlock() deadlocks Oleg Nesterov
2014-10-23 20:29     ` Paul E. McKenney

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1380d8a dfblob:2dd9f1d dfblob:8f0876f dfblob:c187133 )
 OR (
bs:"[PATCH v2 1/2] signal: document the RCU protection of ->sighand" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140928214418.GA17965@redhat.com \
    --to=oleg@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=paulmck@linux.vnet.ibm.com \
    --cc=peterz@infradead.org \
    --cc=riel@redhat.com \
    --cc=rostedt@goodmis.org \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.