lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150210111411.GA25614@redhat.com>
Date:	Tue, 10 Feb 2015 12:14:11 +0100
From:	Oleg Nesterov <oleg@...hat.com>
To:	Darren Hart <darren@...art.com>
Cc:	Peter Zijlstra <peterz@...radead.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Jerome Marchand <jmarchan@...hat.com>,
	Larry Woodman <lwoodman@...hat.com>,
	Mateusz Guzik <mguzik@...hat.com>,
	LKML <linux-kernel@...r.kernel.org>, dvhart@...radead.org
Subject: Re: [PATCH 0/1] futex: check PF_KTHREAD rather than !p->mm to
	filter out kthreads

Hi Darren,

On 02/09, Darren Hart wrote:
>
> I will prepare the test that Peter suggested so we have something to
> test with now as well as run for regressions over time.

Just in case, I already wrote the stupid test-case:

	#include <stdio.h>
	#include <unistd.h>
	#include <signal.h>
	#include <sys/syscall.h>
	#include <sys/wait.h>
	#include <sys/mman.h>
	#include <assert.h>

	#define FUTEX_LOCK_PI	6

	struct robust_list {
		struct robust_list *next;
	};

	struct robust_list_head {
		struct robust_list list;
		long futex_offset;
		struct robust_list *list_op_pending;
	};

	int main(void)
	{
		int *mutex = mmap(NULL, 4, PROT_READ|PROT_WRITE,
					MAP_ANONYMOUS|MAP_SHARED, -1,0);
		assert((void *)mutex != MAP_FAILED);

		for (;;) {
			int err, pid = fork();

			if (!pid) {
				struct robust_list_head head;

				head.list.next = &head.list;
				head.futex_offset = 0;
				head.list_op_pending = (void *)mutex + 1;

				assert(syscall(__NR_set_robust_list, &head, sizeof(head)) == 0);
				kill(getpid(), SIGSTOP);
				_exit(0);
			}

			assert(waitpid(-1, NULL, WSTOPPED) == pid);

			*mutex = pid;
			kill(pid, SIGKILL);
			err = syscall(__NR_futex, mutex, FUTEX_LOCK_PI, 0,0,0);
			assert(wait(NULL) == pid);

			if (err) {
				printf("err=%d %m\n", err);
				kill(0, SIGKILL);
			}
		}

		return 0;
	}

it needs ~20 secs to fail on my machine. Probably it can be improved.

> Hrm, if we cleared the TID mask, and the pi chain is empty, can we not
> clear the waiters?

In this case the waiter should take care, I guess.


OK. I'll try to make at least the 1st fix today (EXITING -> EXITPIDONE
livelock).

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ