From: Oleg Nesterov <oleg@tv-sign.ru>
To: Roland McGrath <roland@redhat.com>
Cc: Ingo Molnar <mingo@elte.hu>, Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] de_thread: eliminate unneccessary sighand locking
Date: Tue, 28 Jun 2005 10:17:46 +0400 [thread overview]
Message-ID: <42C0EB8A.4F6F1336@tv-sign.ru> (raw)
In-Reply-To: 200506280150.j5S1oZ6V004866@magilla.sf.frob.com
Roland McGrath wrote:
>
> > while switching current->sighand de_thread does:
> >
> > write_lock_irq(&tasklist_lock);
> > spin_lock(&oldsighand->siglock);
> > spin_lock(&newsighand->siglock);
> >
> > current->sighand = newsighand;
> > recalc_sigpending();
> >
> > Is these 2 sighand locks are really needed?
>
> Yes. Other processes can do spin_lock_irq(&ourtask->sighand->siglock);
> without holding tasklist_lock. If someone just did that, they hold
> oldsighand->siglock but no newsighand->siglock, and may then be about to
> look at ourtask->sighand. By holding oldsighand->siglock, we ensure that
> we can't be colliding with anything like that.
I think this would be a bug. If some another process can spin for
ourtask->sighand->siglock without holding tasklist_lock it can
read ourtask->sighand == oldsighand and spin for oldsighand->siglock.
Then de_thread frees oldsighand:
if (atomic_dec_and_test(&oldsighand->count))
kmem_cache_free(sighand_cachep, oldsighand);
And we have use after free.
So I strongly believe we do not need to lock newsighand->siglock
at least.
And what about recalc_sigpending() ? Do you think it is needed?
> > The only possibility that I can imagine is that some process
> > does:
> > read_lock(tasklist_lock);
> > task = find_task();
> > spin_lock(task->sighand->siglock);
> > read_unlock(tasklist_lock);
> > play with task->signal
> >
> > Is this possible/allowed?
>
> Yes.
Just for my education, could you please point me to the existed
example?
Oleg.
next prev parent reply other threads:[~2005-06-28 8:56 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-19 16:13 [PATCH] de_thread: eliminate unneccessary sighand locking Oleg Nesterov
2005-06-28 1:50 ` Roland McGrath
2005-06-28 6:17 ` Oleg Nesterov [this message]
2005-06-28 6:27 ` Roland McGrath
2005-06-28 6:42 ` Ingo Molnar
2005-06-28 7:08 ` Roland McGrath
2005-06-28 7:16 ` Ingo Molnar
2005-06-28 7:26 ` Roland McGrath
2005-06-28 8:26 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42C0EB8A.4F6F1336@tv-sign.ru \
--to=oleg@tv-sign.ru \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=roland@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.