Re: [RFC] Race condition?

• Next message: Oliver Neukum: "Re: manipulating sigmask from filesystems and drivers"
• Previous message: Gerald Champagne: "ide prd table size"
• In reply to: Oliver Neukum: "Re: [RFC] Race condition?"
• Next in thread: Oliver Neukum: "Re: [RFC] Race condition?"
• Reply: Oliver Neukum: "Re: [RFC] Race condition?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Oliver Neukum wrote:
> Am Freitag, 2. August 2002 15:46 schrieb Kasper Dupont:
>
>>Is there a race condition in this piece of code from do_fork in
>
> It would seem so. Perhaps the BKL was taken previously.
>

Even if it was, I doubt the code ever knowingly relied upon it. If I
know that I'm protected under a lock, I rarely go to the trouble of
atomic operations.

The root of the problem is that the reference count is being relied on
for the wrong thing. There is a race on p->user between the
dup_task_struct() and whenever the atomic_inc(&p->user->__count)
occcurs. The user reference count needs to be incremented in
dup_task_struct(), before the copy occurs.

-- 
Dave Hansen
haveblue@us.ibm.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: Oliver Neukum: "Re: manipulating sigmask from filesystems and drivers"
• Previous message: Gerald Champagne: "ide prd table size"
• In reply to: Oliver Neukum: "Re: [RFC] Race condition?"
• Next in thread: Oliver Neukum: "Re: [RFC] Race condition?"
• Reply: Oliver Neukum: "Re: [RFC] Race condition?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Aug 07 2002 - 22:00:20 EST