From: Manfred Spraul <manfred@colorfullife.com>
To: Bernhard Kaindl <bk@suse.de>
Cc: linux-kernel@vger.kernel.org
Subject: linux-kernel@vger.kernel.org
Date: Wed, 30 Oct 2002 18:57:37 +0100 [thread overview]
Message-ID: <3DC01D91.9020307@colorfullife.com> (raw)
You are right, there is a race in pipelined_send, but slightly different
than in your description:
pipelined_send is carefull not to read the msr pointer after
wake_up_process, but it does rely on the contents of the msr structure
after setting msr->r_msg.
I.e. the description is
CPU 1 CPU 2
sys_msgrcv()
(sleeps for messsage)
sys_msgsnd()
pipelined_send()
(woken up by a signal)
Notices that a message is there,
accepts the message and exists.
stack trashed, perhaps even task structure gone.
wake_up_process(msr->r_tsk)
*oops - msr is not valid anymore.
Is that possible? Do you apps use signals?
Your fix solves the problem, but I'd prefer to keep the current, lockless receive path - it avoids 50% of the spinlock operations.
I'll write a patch that adds the missing memory barriers and copies the fields before setting msr->r_msg.
--
Manfred
next reply other threads:[~2002-10-30 17:51 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-30 17:57 Manfred Spraul [this message]
2002-10-30 21:22 ` linux-kernel@vger.kernel.org Bill Davidsen
2002-10-30 21:37 ` [PATCH] IPC SMP race: msgrcv may not return before msgsnd is done Manfred Spraul
-- strict thread matches above, loose matches on Subject: below --
2022-10-14 8:51 linux-kernel@vger.kernel.org Mustafa Ayvaz
2011-01-24 16:43 linux-kernel@vger.kernel.org sen wang
2010-05-29 11:22 linux-kernel@vger.kernel.org uwaysi.bin.kareem
2009-10-11 6:22 linux-kernel@vger.kernel.org Boyan
[not found] <de72ca4e0905172314q3c55ec52ic9ab762a0352a91d@mail.gmail.com>
2009-05-18 7:06 ` linux-kernel@vger.kernel.org Sudarshan Soma
2008-03-09 17:02 linux-kernel@vger.kernel.org bruno.roussel
2007-08-14 9:58 linux-kernel@vger.kernel.org bizu
2007-08-14 9:58 linux-kernel@vger.kernel.org bizu
2005-07-05 13:58 Linux-kernel@vger.kernel.org linux-kernel
2004-07-26 15:44 linux-kernel@vger.kernel.org rap
2004-07-26 14:48 LINUX-KERNEL@VGER.KERNEL.ORG Returned mail
2004-06-21 9:19 linux-kernel@vger.kernel.org Romia Fersi
2003-06-18 21:46 linux-kernel@vger.kernel.org David Mosberger
2002-09-30 1:13 linux-kernel@vger.kernel.org omit_ECE
2002-09-30 1:18 ` linux-kernel@vger.kernel.org David S. Miller
2002-09-30 1:39 ` linux-kernel@vger.kernel.org Jeff Chua
2002-01-31 1:02 linux-kernel@vger.kernel.org Ulrich Weigand
2002-01-31 1:11 ` linux-kernel@vger.kernel.org Andrew Morton
2001-05-25 12:42 linux-kernel@vger.kernel.org Julien Laganier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3DC01D91.9020307@colorfullife.com \
--to=manfred@colorfullife.com \
--cc=bk@suse.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.