Re: 2.6.23-rc6-mm1: IPC: sleeping function called ...

From: Jarek Poplawski
Date: Mon Sep 24 2007 - 03:41:20 EST

Next message: Christoph Hellwig: "Re: [PATCH] Move kasprintf.o to obj-y"
Previous message: Matti Linnanvuori: "[PATCH] include/linux/mutex.h: unclear reference to convention"
In reply to: Jarek Poplawski: "Re: 2.6.23-rc6-mm1: IPC: sleeping function called ..."
Next in thread: Nadia Derbey: "Re: 2.6.23-rc6-mm1: IPC: sleeping function called ..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 24, 2007 at 08:54:07AM +0200, Jarek Poplawski wrote:
> After rethinking, this scenario seems to be wrong or very unprobable
> (I'm not sure of all ways "if (--container...)" could be compiled),
> so there should be no such risk - double kfree/vfree is more probable,
> so no danger. More likely is such refcount abuse: ipc_rcu_getref() in
> do_msgsnd() done a bit after ipc_rcu_putref() in freeque() (msq
> pointer acquired by do_msgsend() before freeque() started); then,
> after schedule(), do_msgsnd() can work with kfreed msq_queue structure
> (at least considering classic RCU).

I see this scenario is even more impossible, so you were right,
it's all right at this point.

Jarek P.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christoph Hellwig: "Re: [PATCH] Move kasprintf.o to obj-y"
Previous message: Matti Linnanvuori: "[PATCH] include/linux/mutex.h: unclear reference to convention"
In reply to: Jarek Poplawski: "Re: 2.6.23-rc6-mm1: IPC: sleeping function called ..."
Next in thread: Nadia Derbey: "Re: 2.6.23-rc6-mm1: IPC: sleeping function called ..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]