Date: Sun, 23 Nov 2008 22:55:11 +0100
From: Oleg Nesterov <oleg@redhat.com>
To: akpm@linux-foundation.org
Cc: linux-kernel@vger.kernel.org, roland@redhat.com, mingo@elte.hu,
       rnalumasu@gmail.com
Subject: do_wait() vs do_notify_parent_cldstop() theoretical race?
Message-ID: <20081123215511.GB9097@redhat.com>
References: <200811212015.mALKFMs4019558@imap1.linux-foundation.org> <20081123213929.GA9097@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20081123213929.GA9097@redhat.com>
User-Agent: Mutt/1.5.18 (2008-05-17)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1090
Lines: 37

Looking at do_wait(), suddenly I am starting to suspect we have the
highly theoretical race with do_notify_parent_cldstop().

	do_wait:

		add_wait_queue(...);

		current->state = TASK_INTERRUPTIBLE;

		read_lock(tasklist_lock);

		... try to find the "interesting" task ...

		read_unlock(tasklist_lock);

		if (!retval)	// not found
			schedule();

We don't race with do_notify_parent() because it takes tasklist
for writing. But do_notify_parent_cldstop() can run in parallel
under read_lock(tasklist).

Now suppose that "->state = TASK_INTERRUPTIBLE" leaks deeply into
the critical section. In theory, it is possible that wait_consider_task()
checks task_is_stopped_or_traced() or SIGNAL_STOP_CONTINUED first, then
CPU sets state = TASK_INTERRUPTIBLE. And we can miss the event if
do_notify_parent_cldstop() happens in between.

No?

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/