From: Manfred Spraul <manfred@colorfullife.com>
To: Bernhard Kaindl <bk@suse.de>
Cc: linux-kernel@vger.kernel.org
Subject: linux-kernel@vger.kernel.org
Date: Wed, 30 Oct 2002 18:57:37 +0100 [thread overview]
Message-ID: <3DC01D91.9020307@colorfullife.com> (raw)
You are right, there is a race in pipelined_send, but slightly different
than in your description:
pipelined_send is carefull not to read the msr pointer after
wake_up_process, but it does rely on the contents of the msr structure
after setting msr->r_msg.
I.e. the description is
CPU 1 CPU 2
sys_msgrcv()
(sleeps for messsage)
sys_msgsnd()
pipelined_send()
(woken up by a signal)
Notices that a message is there,
accepts the message and exists.
stack trashed, perhaps even task structure gone.
wake_up_process(msr->r_tsk)
*oops - msr is not valid anymore.
Is that possible? Do you apps use signals?
Your fix solves the problem, but I'd prefer to keep the current, lockless receive path - it avoids 50% of the spinlock operations.
I'll write a patch that adds the missing memory barriers and copies the fields before setting msr->r_msg.
--
Manfred
next reply other threads:[~2002-10-30 17:51 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-30 17:57 Manfred Spraul [this message]
2002-10-30 21:22 ` linux-kernel@vger.kernel.org Bill Davidsen
2002-10-30 21:37 ` [PATCH] IPC SMP race: msgrcv may not return before msgsnd is done Manfred Spraul
-- strict thread matches above, loose matches on Subject: below --
2022-10-14 8:51 linux-kernel@vger.kernel.org Mustafa Ayvaz
2011-01-24 16:43 linux-kernel@vger.kernel.org sen wang
2010-05-29 11:22 linux-kernel@vger.kernel.org uwaysi.bin.kareem
2009-10-11 6:22 linux-kernel@vger.kernel.org Boyan
[not found] <de72ca4e0905172314q3c55ec52ic9ab762a0352a91d@mail.gmail.com>
2009-05-18 7:06 ` linux-kernel@vger.kernel.org Sudarshan Soma
2008-03-09 17:02 linux-kernel@vger.kernel.org bruno.roussel
2007-08-14 9:58 linux-kernel@vger.kernel.org bizu
2007-08-14 9:58 linux-kernel@vger.kernel.org bizu
2005-07-05 13:58 Linux-kernel@vger.kernel.org linux-kernel
2004-07-26 15:44 linux-kernel@vger.kernel.org rap
2004-07-26 14:48 LINUX-KERNEL@VGER.KERNEL.ORG Returned mail
2004-06-21 9:19 linux-kernel@vger.kernel.org Romia Fersi
2003-06-18 21:46 linux-kernel@vger.kernel.org David Mosberger
2002-09-30 1:13 linux-kernel@vger.kernel.org omit_ECE
2002-09-30 1:18 ` linux-kernel@vger.kernel.org David S. Miller
2002-09-30 1:39 ` linux-kernel@vger.kernel.org Jeff Chua
2002-01-31 1:02 linux-kernel@vger.kernel.org Ulrich Weigand
2002-01-31 1:11 ` linux-kernel@vger.kernel.org Andrew Morton
2001-05-25 12:42 linux-kernel@vger.kernel.org Julien Laganier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3DC01D91.9020307@colorfullife.com \
--to=manfred@colorfullife.com \
--cc=bk@suse.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox