linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Re: timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree
@ 2011-03-11 13:50 Oleg Nesterov
  2011-03-11 15:08 ` Alexander Shishkin
  2011-03-11 16:23 ` Thomas Gleixner
  0 siblings, 2 replies; 3+ messages in thread
From: Oleg Nesterov @ 2011-03-11 13:50 UTC (permalink / raw)
  To: Alexander Shishkin
  Cc: Thomas Gleixner, Alexander Viro, Greg Kroah-Hartman, Feng Tang,
	Michael Tokarev, Marcelo Tosatti, John Stultz, Chris Friesen,
	Kay Sievers, Kirill A. Shutemov, Artem Bityutskiy,
	Davide Libenzi, Michael Kerrisk, linux-api, Andrew Morton,
	linux-kernel

> @@ -218,10 +266,12 @@ SYSCALL_DEFINE4(timerfd_settime, int, uf
>  	 * it to the new values.
>  	 */
>  	for (;;) {
> +		spin_lock(&notifiers_lock);
>  		spin_lock_irq(&ctx->wqh.lock);
> -		if (hrtimer_try_to_cancel(&ctx->tmr) >= 0)
> +		if (!list_empty(&notifiers_list) || hrtimer_try_to_cancel(&ctx->tmr) >= 0)
>  			break;

Confused. Why do we check the global notifiers_list?

IOW. Suppose that this list is not empty and timerfd_settime() is called
without TFD_NOTIFY_CLOCK_SET. Now we are going to reprogramm the timer
without stopping it?

And. What if timerfd_settime(TFD_NOTIFY_CLOCK_SET, utmr => NULL) is called
twice? timerfd_setup() blindly does list_add(), and we corrupt the list, no?

Oleg.


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree
  2011-03-11 13:50 timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree Oleg Nesterov
@ 2011-03-11 15:08 ` Alexander Shishkin
  2011-03-11 16:23 ` Thomas Gleixner
  1 sibling, 0 replies; 3+ messages in thread
From: Alexander Shishkin @ 2011-03-11 15:08 UTC (permalink / raw)
  To: Oleg Nesterov
  Cc: Thomas Gleixner, Alexander Viro, Greg Kroah-Hartman, Feng Tang,
	Michael Tokarev, Marcelo Tosatti, John Stultz, Chris Friesen,
	Kay Sievers, Kirill A. Shutemov, Artem Bityutskiy,
	Davide Libenzi, Michael Kerrisk, linux-api, Andrew Morton,
	linux-kernel, Alexander Shishkin

On Fri, Mar 11, 2011 at 02:50:23PM +0100, Oleg Nesterov wrote:
> > @@ -218,10 +266,12 @@ SYSCALL_DEFINE4(timerfd_settime, int, uf
> >  	 * it to the new values.
> >  	 */
> >  	for (;;) {
> > +		spin_lock(&notifiers_lock);
> >  		spin_lock_irq(&ctx->wqh.lock);
> > -		if (hrtimer_try_to_cancel(&ctx->tmr) >= 0)
> > +		if (!list_empty(&notifiers_list) || hrtimer_try_to_cancel(&ctx->tmr) >= 0)
> >  			break;
> 
> Confused. Why do we check the global notifiers_list?

You're right, it's a bug, should be &ctx->notifiers_list.

> IOW. Suppose that this list is not empty and timerfd_settime() is called
> without TFD_NOTIFY_CLOCK_SET. Now we are going to reprogramm the timer
> without stopping it?
> 
> And. What if timerfd_settime(TFD_NOTIFY_CLOCK_SET, utmr => NULL) is called
> twice? timerfd_setup() blindly does list_add(), and we corrupt the list, no?

Another catch.

There will be a quite a bit of rework required, though, considering tglx's
comments.

Thanks!
--
Alex

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree
  2011-03-11 13:50 timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree Oleg Nesterov
  2011-03-11 15:08 ` Alexander Shishkin
@ 2011-03-11 16:23 ` Thomas Gleixner
  1 sibling, 0 replies; 3+ messages in thread
From: Thomas Gleixner @ 2011-03-11 16:23 UTC (permalink / raw)
  To: Oleg Nesterov
  Cc: Alexander Shishkin, Alexander Viro, Greg Kroah-Hartman,
	Feng Tang, Michael Tokarev, Marcelo Tosatti, John Stultz,
	Chris Friesen, Kay Sievers, Kirill A. Shutemov, Artem Bityutskiy,
	Davide Libenzi, Michael Kerrisk, linux-api, Andrew Morton,
	linux-kernel

On Fri, 11 Mar 2011, Oleg Nesterov wrote:

> > @@ -218,10 +266,12 @@ SYSCALL_DEFINE4(timerfd_settime, int, uf
> >  	 * it to the new values.
> >  	 */
> >  	for (;;) {
> > +		spin_lock(&notifiers_lock);
> >  		spin_lock_irq(&ctx->wqh.lock);
> > -		if (hrtimer_try_to_cancel(&ctx->tmr) >= 0)
> > +		if (!list_empty(&notifiers_list) || hrtimer_try_to_cancel(&ctx->tmr) >= 0)
> >  			break;
> 
> Confused. Why do we check the global notifiers_list?
> 
> IOW. Suppose that this list is not empty and timerfd_settime() is called
> without TFD_NOTIFY_CLOCK_SET. Now we are going to reprogramm the timer
> without stopping it?
> 
> And. What if timerfd_settime(TFD_NOTIFY_CLOCK_SET, utmr => NULL) is called
> twice? timerfd_setup() blindly does list_add(), and we corrupt the list, no?

And why is this hack in -mm at all ?

Thanks,

	tglx

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-03-11 16:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-03-11 13:50 timerfd-add-tfd_notify_clock_set-to-watch-for-clock-changes.patch added to -mm tree Oleg Nesterov
2011-03-11 15:08 ` Alexander Shishkin
2011-03-11 16:23 ` Thomas Gleixner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).