On Mon, Feb 16, 2015 at 09:13:36PM +0100, Oleg Nesterov wrote:
> diff --git a/kernel/futex.c b/kernel/futex.c
> index b101381..c1104a8 100644
> +++ b/kernel/futex.c
> @@ -716,11 +716,13 @@ void exit_pi_state_list(struct task_struct *curr)
>
> if (!futex_cmpxchg_enabled)
> return;
> +
> /*
> + * attach_to_pi_owner() can no longer add the new entry. But
> + * we have to be careful versus waiters unqueueing themselves.
> */
> + curr->flags |= PF_EXITPIDONE;
> +
> raw_spin_lock_irq(&curr->pi_lock);
> while (!list_empty(head)) {
>
Should we not set PF_EXITPIDONE _inside_ the pi_lock? To properly
serialize against the below check?
> @@ -905,24 +907,12 @@ static int attach_to_pi_owner(u32 uval, union futex_key
> *key,
> return -EPERM;
> }
>
> raw_spin_lock_irq(&p->pi_lock);
> + if (unlikely(p->flags & PF_EXITPIDONE)) {
> + /* exit_pi_state_list() was already called */
> raw_spin_unlock_irq(&p->pi_lock);
> put_task_struct(p);
> + return -ESRCH;
> }
>
> /*
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
