Bug 16255

Summary: 2.6.35-rc3 deadlocks on semaphore operations
Product: Process Management Reporter: Maciej Rutecki (maciej.rutecki)
Component: OtherAssignee: process_other
Status: CLOSED CODE_FIX    
Severity: normal CC: cl, maciej.rutecki, manfred, rjw
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 2.6.35-rc3 Subsystem:
Regression: Yes Bisected commit-id:
Bug Depends on:    
Bug Blocks: 16055    
Attachments: bugfix

Description Maciej Rutecki 2010-06-20 06:54:16 UTC 
Subject    : 2.6.35-rc3 deadlocks on semaphore operations
Submitter  : Christoph Lameter <cl@linux-foundation.org>
Date       : 2010-06-18 14:49
Message-ID : alpine.DEB.2.00.1006180940140.11575@router.home
References : http://marc.info/?l=linux-kernel&m=127687262727707&w=2

This entry is being used for tracking a regression from 2.6.34.  Please don't
close it until the problem is fixed in the mainline.
Comment 1 Manfred Spraul 2010-06-23 16:30:02 UTC 
Created attachment 26915 [details]
bugfix

Hi,

I think I found it:
Previously, queue.status was never IN_WAKEUP when the semaphore spinlock was held.

The last patch changes that:
Now the change from IN_WAKEUP to the final result code happens after the the semaphore spinlock is dropped.
Thus a task can observe IN_WAKEUP even when it acquired the semaphore spinlock.

As a result, semop() sometimes returned 1 (IN_WAKEUP) for a successful operation.

Attached is a patch that should fix the bug.

-- 
    Manfred
Comment 2 Manfred Spraul 2010-07-02 16:41:29 UTC 
The bugfix is in Andrew's tree and I couldn't find any further regressions.

Maciej, could you close the bug when the patch appears in mainline?
Comment 3 Rafael J. Wysocki 2010-07-08 23:16:58 UTC 
Patch : http://marc.info/?l=linux-kernel&m=127731055203402&w=2
Handled-By : Manfred Spraul <manfred@colorfullife.com>
Comment 4 Rafael J. Wysocki 2010-07-23 11:25:37 UTC 
Fixed by commit c61284e99191b2284fb74dae6961d4d09e4e59e8 .