On 12/01, Peter Zijlstra wrote:
>
> > +static inline __must_check int utrace_control_pid(
> > + struct pid *pid, struct utrace_engine *engine,
> > + enum utrace_resume_action action)
> > +{
> > + /*
> > + * We don't bother with rcu_read_lock() here to protect the
> > + * task_struct pointer, because utrace_control will return
> > + * -ESRCH without looking at that pointer if the engine is
> > + * already detached. A task_struct pointer can't die before
> > + * all the engines are detached in release_task() first.
> > + */
> > + struct task_struct *task = pid_task(pid, PIDTYPE_PID);
> > + return unlikely(!task) ? -ESRCH : utrace_control(task, engine, action);
> > +}
>
> Is that comment correct? Without rcu_read_lock() the pidhash can change
> under our feet and maybe cause funny things?
I already tried to answer, but I guess my email was not very clear. Let me
try again.
pid_task() by itself is safe, but yes, it is possible that utrace_control()
is called with target == NULL, or this task_task was already freed/reused.
utrace_control(target) path does not use target until it verifies it is
safe to dereference it.
get_utrace_lock() calls rcu_read_lock() and checks that engine->ops
is not cleared (NULL or utrace_detached_ops). If we see the valid ->ops
under rcu_read_lock() it is safe to dereference target, even if we race
with release_task() we know that it has not passed utrace_release_task()
yet, and thus we know call_rcu(delayed_put_task_struct) was not yet
called _before_ we took rcu_read_lock().
If it is safe to dereference target, we can take utrace->lock. Once
we take this lock (and re-check engine->ops) the task can't go away
until we drop it, get_utrace_lock() drops rcu lock and returns with
utrace->lock held.
utrace_control() can safely play with target under utrace->lock.
> > + /*
> > + * If this flag is still set it's because there was a signal
> > + * handler setup done but no report_signal following it. Clear
> > + * the flag before we get to user so it doesn't confuse us later.
> > + */
> > + if (unlikely(utrace->signal_handler)) {
> > + spin_lock(&utrace->lock);
> > + utrace->signal_handler = 0;
> > + spin_unlock(&utrace->lock);
> > + }
>
> OK, so maybe you get to explain why this works..
Missed this part yesterday.
Well. ->signal_handler is set by handle_signal() when the signal was
delivered to the tracee. This flag is checked by utrace_get_signal()
to detect the stepping. But we should not return to user-mode with
this flag set, that is why utrace_resume() clears it.
However. This reminds me we were going to try to simplify this logic,
I'll try to think about this.
Oleg.
