Re: [rfc] x86, bts: fix crash
From: Oleg Nesterov
Date: Mon Mar 30 2009 - 09:33:00 EST
On 03/30, Metzger, Markus T wrote:
>
> >The benefit would be that I don't need to hook into do_exit() anymore.
Metzger, I got lost ;) And I didn't sleep today, so most probably I missed
what you mean...
do you mean the helper below will be called under write_lock_irq(tasklist)?
In that case,
> >This would rid us of the nasty ->ptraced loop.
> >I will give it a try.
> >
> >
> >I use something like this to wait for the context switch:
> > nvcsw = task->nvcsw + 1;
> > nivcsw = task->nivcsw + 1;
> > for (;;) {
> > if (nvcsw < task->nvcsw)
> > break;
> > if (nivcsw < task->nivcsw)
> > break;
Not exactly right, schedule() increments nvcsw/nivcsw before context_switch().
But this is fixable.
However. What if this task spins in TASK_RUNNING waiting for tasklist_lock ?
This is deadlockable even with CONFIG_PREEMPT, we take tasklit for reading
in interrupt context.
Afaics, we can also deadlock if task_cpu(task) sends IPI to us (with wait = 1),
the sender spins with preemption disabled.
> > if (task->state != TASK_RUNNING)
> > break;
> > }
> >
>
> That is not quite right, as well. There's a race on the task state.
> In my example, I got TASK_DEAD before the dying task could complete its
> final schedule(), and the cpu continued tracing.
But we still have the same problems.
If the tracee doesn't call a blocking syscall, its ->state is always RUNNING.
It could be woken right after we see !TASK_RUNNING or !task_running().
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/