[patch 1/2] eventfd use waitqueue lock ...

From: Davide Libenzi
Date: Fri May 18 2007 - 15:02:50 EST

Next message: Davide Libenzi: "[patch 2/2] timerfd use waitqueue lock ..."
Previous message: Michal Piotrowski: "Re: [patch 00/10] Slab defragmentation V2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The eventfd was using the unlocked waitqueue operations, but it was
using a different lock, so poll_wait() would race with it. This patch
makes eventfd directly use the waitqueue lock.

Signed-off-by: Davide Libenzi <davidel@xxxxxxxxxxxxxxx>

- Davide

Index: linux-2.6.mod/fs/eventfd.c
===================================================================
--- linux-2.6.mod.orig/fs/eventfd.c 2007-05-18 10:33:39.000000000 -0700
+++ linux-2.6.mod/fs/eventfd.c 2007-05-18 11:05:01.000000000 -0700
@@ -17,7 +17,6 @@
#include <linux/eventfd.h>

struct eventfd_ctx {
- spinlock_t lock;
wait_queue_head_t wqh;
/*
* Every time that a write(2) is performed on an eventfd, the
@@ -45,13 +44,13 @@

if (n < 0)
return -EINVAL;
- spin_lock_irqsave(&ctx->lock, flags);
+ spin_lock_irqsave(&ctx->wqh.lock, flags);
if (ULLONG_MAX - ctx->count < n)
n = (int) (ULLONG_MAX - ctx->count);
ctx->count += n;
if (waitqueue_active(&ctx->wqh))
wake_up_locked(&ctx->wqh);
- spin_unlock_irqrestore(&ctx->lock, flags);
+ spin_unlock_irqrestore(&ctx->wqh.lock, flags);

return n;
}
@@ -70,14 +69,14 @@

poll_wait(file, &ctx->wqh, wait);

- spin_lock_irqsave(&ctx->lock, flags);
+ spin_lock_irqsave(&ctx->wqh.lock, flags);
if (ctx->count > 0)
events |= POLLIN;
if (ctx->count == ULLONG_MAX)
events |= POLLERR;
if (ULLONG_MAX - 1 > ctx->count)
events |= POLLOUT;
- spin_unlock_irqrestore(&ctx->lock, flags);
+ spin_unlock_irqrestore(&ctx->wqh.lock, flags);

return events;
}
@@ -92,7 +91,7 @@

if (count < sizeof(ucnt))
return -EINVAL;
- spin_lock_irq(&ctx->lock);
+ spin_lock_irq(&ctx->wqh.lock);
res = -EAGAIN;
ucnt = ctx->count;
if (ucnt > 0)
@@ -110,9 +109,9 @@
res = -ERESTARTSYS;
break;
}
- spin_unlock_irq(&ctx->lock);
+ spin_unlock_irq(&ctx->wqh.lock);
schedule();
- spin_lock_irq(&ctx->lock);
+ spin_lock_irq(&ctx->wqh.lock);
}
__remove_wait_queue(&ctx->wqh, &wait);
__set_current_state(TASK_RUNNING);
@@ -122,7 +121,7 @@
if (waitqueue_active(&ctx->wqh))
wake_up_locked(&ctx->wqh);
}
- spin_unlock_irq(&ctx->lock);
+ spin_unlock_irq(&ctx->wqh.lock);
if (res > 0 && put_user(ucnt, (__u64 __user *) buf))
return -EFAULT;

@@ -143,7 +142,7 @@
return -EFAULT;
if (ucnt == ULLONG_MAX)
return -EINVAL;
- spin_lock_irq(&ctx->lock);
+ spin_lock_irq(&ctx->wqh.lock);
res = -EAGAIN;
if (ULLONG_MAX - ctx->count > ucnt)
res = sizeof(ucnt);
@@ -159,9 +158,9 @@
res = -ERESTARTSYS;
break;
}
- spin_unlock_irq(&ctx->lock);
+ spin_unlock_irq(&ctx->wqh.lock);
schedule();
- spin_lock_irq(&ctx->lock);
+ spin_lock_irq(&ctx->wqh.lock);
}
__remove_wait_queue(&ctx->wqh, &wait);
__set_current_state(TASK_RUNNING);
@@ -171,7 +170,7 @@
if (waitqueue_active(&ctx->wqh))
wake_up_locked(&ctx->wqh);
}
- spin_unlock_irq(&ctx->lock);
+ spin_unlock_irq(&ctx->wqh.lock);

return res;
}
@@ -210,7 +209,6 @@
return -ENOMEM;

init_waitqueue_head(&ctx->wqh);
- spin_lock_init(&ctx->lock);
ctx->count = count;

/*

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Davide Libenzi: "[patch 2/2] timerfd use waitqueue lock ..."
Previous message: Michal Piotrowski: "Re: [patch 00/10] Slab defragmentation V2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]