Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp5674857ybn; Sun, 29 Sep 2019 03:28:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqwd9Y383iRBFALUFLiomVTDK+NcGmlluBNvc+cFbBN0rfc9FcD6q3QQ+0Ep8Ra8fYqoB1rL X-Received: by 2002:a05:6402:1426:: with SMTP id c6mr14235352edx.53.1569752919384; Sun, 29 Sep 2019 03:28:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569752919; cv=none; d=google.com; s=arc-20160816; b=kE9ZvV7/bQqLvXbB7qSDdZaXk/2JWI/I9GHX5uddoZRBcqSdPSAQqSgE1UEkTtjjp1 /nhjSxFKOJLLfD554FKknYFyUlpP377g1+iCfY8qFVdyZV6Y8zQ03nnMAU0hwraN37v+ tRunlFxlPNWdKNhmC8ehMe1k3xOln8o6j7jItc/ALubHAwOyENAj9y1KQGJpCG1WbI6f SixGrGrb/hRefY5RymtqYN3/n7vsLZwtX/KZEKPXpv2w8CDUH3WG1pPUmyJ7DJW6+alm gY4V3xlMPmzSud1f4+4wNJL/+KEj9m53uCbjp3J1/qNy8C6kpOUSilTzg+d6Rvrf87Ai +02w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:cc:from:references:to:subject:dkim-signature; bh=3hP7uG+9EHpW+fJgEuzdYOoEFGxgLjWCOaNYKY6K2pk=; b=ElOoVebEn4OWiqaOnO/29iTbD0jfnTPW4XicTqPyf/mY8takJjvst0INjkX9j8u0sg HUztM7AXasDle0qewphh1SUwb6xSSI6bcqIcEyauBOL7vOJ2c/M68ST93Twnhwt/cIK1 nqz5iLZD+owCwuxJ6tH0MPdi2fz8F7gl9UK9hkj3gKd/m7D+0MsLQPmKC7LUKLo902bI CkklVcxKNGvqfUsWl1De6jRWBbeG44DM0nD2tlYpzTioANaS2QSsuSR/WECx0hOJ60vn jXA9wdXRGFMdsKZvG6aBhP+4sY/QDcHdx1FH5u6IX5HAaYcVzlOCXOPdo/5ouG9qsX6W /jeQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@colorfullife-com.20150623.gappssmtp.com header.s=20150623 header.b=R6k+IuHh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f26si2170535eji.55.2019.09.29.03.28.04; Sun, 29 Sep 2019 03:28:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@colorfullife-com.20150623.gappssmtp.com header.s=20150623 header.b=R6k+IuHh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728696AbfI2KYf (ORCPT + 99 others); Sun, 29 Sep 2019 06:24:35 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:38223 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725974AbfI2KYe (ORCPT ); Sun, 29 Sep 2019 06:24:34 -0400 Received: by mail-wm1-f67.google.com with SMTP id 3so9647266wmi.3 for ; Sun, 29 Sep 2019 03:24:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=colorfullife-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:cc:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=3hP7uG+9EHpW+fJgEuzdYOoEFGxgLjWCOaNYKY6K2pk=; b=R6k+IuHh0gRSegIuiT0hMwL+K3vAe9e5Wwvl96aNU9EysAIdFVlr6wl9EbJBfqMmyH u8eAb8kmODEskCtvSxwdJmwJqYZEaa0TyZQ7NwZwAfNBcT2CkyZK/7qFGy1PY3ZKWmtv DrPikXDleJ3vvbApVCWZ7nLB6OAyGLUtad6gVGKk+EDOcl/Dhr46ScYDARCe7aSJNWlC DAzc15aI3RsmRsibnlUK6TrMzEOs56mQVXXv5dW0VYo8o+Ku/RVvD8iz3zpACkSLUIOB e7TxLKzKKuHsGbWMeNdjfi/77awvfDJG6uqp7JJbSVAbiAgCimPVOVd4vPCxeew7Ywhe IPKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:cc:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=3hP7uG+9EHpW+fJgEuzdYOoEFGxgLjWCOaNYKY6K2pk=; b=DsKDkjkx3Rm9Gg7IvTc69KWMHkPvl5eNydjvIUvI+4y3dlp/owbLTzqdNseXD8bjfj s9pp/iSGnIVvQ941FDxA3Cp2H65a8U7KSDo9ffHPpumKju/2VtiBHZSHEi0aZ0zoQTe8 jRHRJaNpce8GSD35a8JuvT+hdBZ4iCrxGawX/itARemHRxVBtshd8QF7nMDd4gQi2Rt2 19/CXFoHGb6aVe4uZwPLtftyZLMmQPqWCcNYQg2UffYLeTVETV1VJxQ9KfUN0KRQpG6a nzyouRNtzN0/7jatsdiSl3XvsBEtrNcixCzZJOSBGfcpAo8VDsElgtJeVSWmzBRcK3O3 E3wQ== X-Gm-Message-State: APjAAAXbDEHJQfg1zk5N/cQ4itVMxZploXV+51EvJThwfyaYBUSOhx9z c7f6Zl5uFw38BPilsNAx0kFAUQ== X-Received: by 2002:a05:600c:24ce:: with SMTP id 14mr13013085wmu.71.1569752673470; Sun, 29 Sep 2019 03:24:33 -0700 (PDT) Received: from linux-2.fritz.box (p200300D997073100A232ACDA09636D2D.dip0.t-ipconnect.de. [2003:d9:9707:3100:a232:acda:963:6d2d]) by smtp.googlemail.com with ESMTPSA id z189sm32449238wmc.25.2019.09.29.03.24.32 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 29 Sep 2019 03:24:32 -0700 (PDT) Subject: Re: [PATCH] ipc/sem: Fix race between to-be-woken task and waker To: Waiman Long , Davidlohr Bueso , Peter Zijlstra References: <20190920155402.28996-1-longman () redhat ! com> From: Manfred Spraul Cc: Linux Kernel Mailing List , 1vier1@web.de Message-ID: Date: Sun, 29 Sep 2019 12:24:31 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0 MIME-Version: 1.0 In-Reply-To: <20190920155402.28996-1-longman () redhat ! com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Waiman, I have now written the mail 3 times: Twice I thought that I found a race, but during further analysis, it always turns out that the spin_lock() is sufficient. First, to avoid any obvious things: Until the series with e.g. 27d7be1801a4824e, there was a race inside sem_lock(). Thus it was possible that multiple threads were operating on the same semaphore array, with obviously arbitrary impact. On 9/20/19 5:54 PM, Waiman Long wrote: > > + /* > + * A spurious wakeup at the right moment can cause race > + * between the to-be-woken task and the waker leading to > + * missed wakeup. Setting state back to TASK_INTERRUPTIBLE > + * before checking queue.status will ensure that the race > + * won't happen. > + * > + * CPU0 CPU1 > + * > + * wake_up_sem_queue_prepare(): > + * state = TASK_INTERRUPTIBLE status = error > + * try_to_wake_up(): > + * smp_mb() smp_mb() > + * if (status == -EINTR) if (!(p->state & state)) > + * schedule() goto out > + */ > + set_current_state(TASK_INTERRUPTIBLE); > + So the the hypothesis is that we have a race due to the optimization within try_to_wake_up(): If the status is already TASK_RUNNING, then the wakeup is a nop. Correct? The waker wants to use:     lock();     set_conditions();     unlock(); as the wake_q is a shared list, completely asynchroneously this will happen:     smp_mb(); //// ***1     if (current->state = TASK_INTERRUPTIBLE) current->state=TASK_RUNNING; The only guarantee is that this will happen after lock(), it may happen before set_conditions(). The task that goes to sleep uses:     lock();     check_conditions();     __set_current_state();     unlock(); //// ***2     schedule(); You propose to change that to:     lock();     set_current_state();     check_conditions();     unlock();     schedule(); I don't see a race anymore, and I don't see how the proposed change will help. e.g.: __set_current_state() and smp_mb() have paired memory barriers ***1 and ***2 above. --     Manfred