From: Ingo Molnar <mingo@kernel.org>
To: Waiman Long <longman@redhat.com>
Cc: Jann Horn <jannh@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@redhat.com>, Will Deacon <will@kernel.org>,
Jonathan Corbet <corbet@lwn.net>,
linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org
Subject: Re: [PATCH] locking: Document that mutex_unlock() is non-atomic
Date: Fri, 1 Dec 2023 11:20:50 +0100 [thread overview]
Message-ID: <ZWmzgqcvMIvYvWw1@gmail.com> (raw)
In-Reply-To: <2f17a9a6-5781-43ef-a09b-f39310843fe6@redhat.com>
* Waiman Long <longman@redhat.com> wrote:
> On 11/30/23 15:48, Jann Horn wrote:
> > I have seen several cases of attempts to use mutex_unlock() to release an
> > object such that the object can then be freed by another task.
> > My understanding is that this is not safe because mutex_unlock(), in the
> > MUTEX_FLAG_WAITERS && !MUTEX_FLAG_HANDOFF case, accesses the mutex
> > structure after having marked it as unlocked; so mutex_unlock() requires
> > its caller to ensure that the mutex stays alive until mutex_unlock()
> > returns.
> >
> > If MUTEX_FLAG_WAITERS is set and there are real waiters, those waiters
> > have to keep the mutex alive, I think; but we could have a spurious
> > MUTEX_FLAG_WAITERS left if an interruptible/killable waiter bailed
> > between the points where __mutex_unlock_slowpath() did the cmpxchg
> > reading the flags and where it acquired the wait_lock.
>
> Could you clarify under what condition a concurrent task can decide to free
> the object holding the mutex? Is it !mutex_is_locked() or after a
> mutex_lock()/mutex_unlock sequence?
>
> mutex_is_locked() will return true if the mutex has waiter even if it is
> currently free.
I believe the correct condition is what the changelog already says:
"until mutex_unlock() returns".
What happens within mutex_unlock() is kernel implementation specific and
once a caller has called mutex_unlock(), the mutex must remain alive until
it returns. No other call can substitute for this: neither
mutex_is_locked(), nor some sort of mutex_lock()+mutex_unlock() sequence.
Thanks,
Ingo
next prev parent reply other threads:[~2023-12-01 10:20 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-30 20:48 [PATCH] locking: Document that mutex_unlock() is non-atomic Jann Horn
2023-11-30 21:53 ` Waiman Long
2023-11-30 22:24 ` Jann Horn
2023-11-30 23:56 ` Waiman Long
2023-12-01 10:33 ` [PATCH -v2] locking/mutex: " Ingo Molnar
2023-12-02 1:37 ` Bagas Sanjaya
2023-12-01 10:20 ` Ingo Molnar [this message]
2023-12-01 0:33 ` [PATCH] locking: " Waiman Long
2023-12-01 15:01 ` Jann Horn
[not found] ` <a9e19ad0-9a27-4885-a6ac-bebd3e997b02@redhat.com>
2023-12-01 16:03 ` Jann Horn
2023-12-01 18:12 ` David Laight
2023-12-01 18:18 ` Jann Horn
[not found] ` <1bcee696-d751-413c-a2ec-4a8480bae00b@redhat.com>
[not found] ` <780e652ff52044d4a213cacbd9276cf8@AcuMS.aculab.com>
2023-12-01 19:15 ` Waiman Long
2023-12-02 15:51 ` David Laight
2023-12-02 22:39 ` Waiman Long
2023-12-01 9:10 ` Peter Zijlstra
2023-12-01 15:58 ` Jann Horn
2023-12-01 10:44 ` [tip: locking/core] locking/mutex: " tip-bot2 for Jann Horn
2023-12-01 12:18 ` Peter Zijlstra
2024-01-08 8:45 ` [PATCH] locking/mutex: Clarify that mutex_unlock(), and most other sleeping locks, cannot be used to reference-count objects Ingo Molnar
2024-01-08 9:00 ` [PATCH -v2] locking/mutex: Clarify that mutex_unlock(), and most other sleeping locks, can still use the lock object after it's unlocked Ingo Molnar
2024-01-08 15:28 ` [PATCH] locking/mutex: Clarify that mutex_unlock(), and most other sleeping locks, cannot be used to reference-count objects Jann Horn
2024-01-08 9:01 ` [tip: locking/core] locking/mutex: Clarify that mutex_unlock(), and most other sleeping locks, can still use the lock object after it's unlocked tip-bot2 for Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZWmzgqcvMIvYvWw1@gmail.com \
--to=mingo@kernel.org \
--cc=corbet@lwn.net \
--cc=jannh@google.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=longman@redhat.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.