__rpc_execute() calls ->tk_exit and goes to 'restarted' label.
What if ->tk_exit calls rpc_sleep_on() ? If it is possible, we
have a race.
CPU_0 (main loop in rpc_execute restarted) CPU_1
rpc_delete_timer:
if (RPC_IS_QUEUED()) // YES
return;
rpc_run_timer:
rpc_wake_up_task:
clear_bit(RPC_TASK_QUEUED)
preemption, or long interrupt
if (!RPC_IS_QUEUED()) // YES
task->tk_action()
__rpc_add_timer:
set_bit(RPC_TASK_HAS_TIMER)
mod_timer();
clear_bit(RPC_TASK_HAS_TIMER)
Now we have pending timer without RPC_TASK_HAS_TIMER bit set.
Is this patch makes any sense?
Oleg.
--- 2.6.12-rc5/net/sunrpc/sched.c~ Sun May 29 15:09:25 2005
+++ 2.6.12-rc5/net/sunrpc/sched.c Sun May 29 15:11:24 2005
@@ -135,8 +135,6 @@ __rpc_add_timer(struct rpc_task *task, r
static void
rpc_delete_timer(struct rpc_task *task)
{
- if (RPC_IS_QUEUED(task))
- return;
if (test_and_clear_bit(RPC_TASK_HAS_TIMER, &task->tk_runstate)) {
del_singleshot_timer_sync(&task->tk_timer);
dprintk("RPC: %4d deleting timer\n", task->tk_pid);
@@ -566,7 +564,6 @@ static int __rpc_execute(struct rpc_task
BUG_ON(RPC_IS_QUEUED(task));
- restarted:
while (1) {
/*
* Garbage collection of pending timers...
@@ -607,6 +604,7 @@ static int __rpc_execute(struct rpc_task
unlock_kernel();
}
+ restarted:
/*
* Lockless check for whether task is sleeping or not.
*/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
