From mboxrd@z Thu Jan 1 00:00:00 1970 From: Oleg Nesterov Subject: Re: timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree Date: Fri, 11 Mar 2011 14:50:23 +0100 Message-ID: <20110311135023.GA23552@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline Sender: linux-api-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Alexander Shishkin Cc: Thomas Gleixner , Alexander Viro , Greg Kroah-Hartman , Feng Tang , Michael Tokarev , Marcelo Tosatti , John Stultz , Chris Friesen , Kay Sievers , "Kirill A. Shutemov" , Artem Bityutskiy , Davide Libenzi , Michael Kerrisk , linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Andrew Morton , linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-Id: linux-api@vger.kernel.org > @@ -218,10 +266,12 @@ SYSCALL_DEFINE4(timerfd_settime, int, uf > * it to the new values. > */ > for (;;) { > + spin_lock(¬ifiers_lock); > spin_lock_irq(&ctx->wqh.lock); > - if (hrtimer_try_to_cancel(&ctx->tmr) >= 0) > + if (!list_empty(¬ifiers_list) || hrtimer_try_to_cancel(&ctx->tmr) >= 0) > break; Confused. Why do we check the global notifiers_list? IOW. Suppose that this list is not empty and timerfd_settime() is called without TFD_NOTIFY_CLOCK_SET. Now we are going to reprogramm the timer without stopping it? And. What if timerfd_settime(TFD_NOTIFY_CLOCK_SET, utmr => NULL) is called twice? timerfd_setup() blindly does list_add(), and we corrupt the list, no? Oleg.