From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933287AbcBYRec (ORCPT ); Thu, 25 Feb 2016 12:34:32 -0500 Received: from zeniv.linux.org.uk ([195.92.253.2]:40118 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932994AbcBYReb (ORCPT ); Thu, 25 Feb 2016 12:34:31 -0500 Date: Thu, 25 Feb 2016 17:34:23 +0000 From: Al Viro To: Peter Zijlstra Cc: Oleg Nesterov , Sasha Levin , akpm@linux-foundation.org, linux-kernel@vger.kernel.org, mingo@kernel.org Subject: Re: [PATCH] signals: work around random wakeups in sigsuspend() Message-ID: <20160225173423.GY17997@ZenIV.linux.org.uk> References: <1453735306-13519-1-git-send-email-sasha.levin@oracle.com> <20160125190915.GA9362@redhat.com> <20160225031852.GV17997@ZenIV.linux.org.uk> <20160225081144.GX6357@twins.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160225081144.GX6357@twins.programming.kicks-ass.net> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 25, 2016 at 09:11:44AM +0100, Peter Zijlstra wrote: > > Out of curiousity - where did that stray wakeup come from? PTRACE_KILL > > used to trigger those, but that got fixed. How does one trigger that > > kind of bugs on the current kernels? > > Its a regular TASK_INTERRUPTIBLE sleep, for those spurious wakeups are > not a bug, they're pretty fundamentally allowed. They are, which makes any code that doesn't expect them in such situations buggy. > See: lkml.kernel.org/r/CA+55aFwHkOo+YGWKYROmce1-H_uG3KfEUmCkJUerTj=ojY2H6Q@mail.gmail.com I know. The question is not whether the code must take them into account (it must; it's a bug not to), it's what's a good way to trigger such bugs. IOW, how to stress-test for such bugs? PTRACE_KILL used to be a convenient way to arrange for a wakeup delivered to victim engaged in something we want to stress; it doesn't do blind wake_up_process() anymore, so that trick is gone. Is there anything similar? Suppose I have a dodgy waitqueue code (pardon the redundancy) in some filesystem. I have some idea how to maneuver a process into such-and-such part of that code; is there any convenient way to turn that into "... OK, now let's add bombing it with stray wakeups"?