mirror of
https://github.com/followmsi/android_kernel_google_msm.git
synced 2024-11-06 23:17:41 +00:00
[PATCH] s390: pfault interrupt race
There is a race in pfault_interrupt. That function gets called two times for each pfault notification. Once with a subcode of 0 to indicate that a real page is not available and once with a subcode of 0x80 to indicate that the page is present again. Since the two external interrupts can be delivered on two different cpus the order in which the two calls are made is unpredictable. It is possible that the subcode 0x80 interrupt is completed before the subcode 0x00 interrupt has done the wake_up() call. To avoid calling wake_up() on an already removed task structure proper task structure reference counting is needed. Increase the reference counter in the subcode 0x00 interrupt before setting pfault_wait to zero and return the reference after the wake_up call. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
4c24da79e2
commit
b6d09449d5
1 changed files with 4 additions and 1 deletions
|
@ -563,12 +563,14 @@ pfault_interrupt(struct pt_regs *regs, __u16 error_code)
|
|||
* interrupt. pfault_wait is valid. Set pfault_wait
|
||||
* back to zero and wake up the process. This can
|
||||
* safely be done because the task is still sleeping
|
||||
* and can't procude new pfaults. */
|
||||
* and can't produce new pfaults. */
|
||||
tsk->thread.pfault_wait = 0;
|
||||
wake_up_process(tsk);
|
||||
put_task_struct(tsk);
|
||||
}
|
||||
} else {
|
||||
/* signal bit not set -> a real page is missing. */
|
||||
get_task_struct(tsk);
|
||||
set_task_state(tsk, TASK_UNINTERRUPTIBLE);
|
||||
if (xchg(&tsk->thread.pfault_wait, 1) != 0) {
|
||||
/* Completion interrupt was faster than the initial
|
||||
|
@ -578,6 +580,7 @@ pfault_interrupt(struct pt_regs *regs, __u16 error_code)
|
|||
* mode and can't produce new pfaults. */
|
||||
tsk->thread.pfault_wait = 0;
|
||||
set_task_state(tsk, TASK_RUNNING);
|
||||
put_task_struct(tsk);
|
||||
} else
|
||||
set_tsk_need_resched(tsk);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue