From: Al Viro <viro@zeniv.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org
Subject: [possible bug] missed wakeup in do_sigtimedwait()?
Date: Sat, 4 Sep 2021 14:42:57 +0000 [thread overview]
Message-ID: <YTOF8VYTYNFYpB7O@zeniv-ca.linux.org.uk> (raw)
do_sigtimedwait():
spin_lock_irq(&tsk->sighand->siglock);
sig = dequeue_signal(tsk, &mask, info);
nope, nothing posted yet
if (!sig && timeout) {
/*
* None ready, temporarily unblock those we're interested
* while we are sleeping in so that we'll be awakened when
* they arrive. Unblocking is always fine, we can avoid
* set_current_blocked().
*/
tsk->real_blocked = tsk->blocked;
sigandsets(&tsk->blocked, &tsk->blocked, &mask);
recalc_sigpending();
spin_unlock_irq(&tsk->sighand->siglock);
... and now somebody sends us a signal. signal_wake_up() does nothing,
since we are still in TASK_RUNNING at that point
__set_current_state(TASK_INTERRUPTIBLE);
ret = freezable_schedule_hrtimeout_range(to, tsk->timer_slack_ns,
HRTIMER_MODE_REL);
... and we go to sleep for the duration of timeout or until the next
signal to arrive.
spin_lock_irq(&tsk->sighand->siglock);
__set_task_blocked(tsk, &tsk->real_blocked);
sigemptyset(&tsk->real_blocked);
sig = dequeue_signal(tsk, &mask, info);
... now we finally dequeue the sucker that had been pending through the
entire timeout period.
}
spin_unlock_irq(&tsk->sighand->siglock);
Looks like that __set_current_state() should've been done before dropping
the siglock. Am I missing something subtle here? It's not a terribly
wide window, but it's not impossible to hit e.g. on KVM and it does look
like a missed wakeup problem... For that matter, spin_unlock_irq() might
run irq handlers, so it's not impossible to hit on the real hardware either.
next reply other threads:[~2021-09-04 14:45 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-04 14:42 Al Viro [this message]
2021-09-04 16:59 ` [possible bug] missed wakeup in do_sigtimedwait()? Linus Torvalds
2021-09-04 17:12 ` Linus Torvalds
2021-09-04 18:11 ` Al Viro
2021-09-04 18:21 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YTOF8VYTYNFYpB7O@zeniv-ca.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox