-----BEGIN PGP SIGNED MESSAGE-----No, this can't happen:
On 11/21/2014 03:09 PM, Andrew Morton wrote:
On Fri, 21 Nov 2014 14:52:26 -0500 Rik van Riel <riel@xxxxxxxxxx>NULL pointer dereference in spin_lock from sem_lock,
When manipulating just one semaphore with semop, sem_lock onlyWhat are the runtime effects of the bug?
takes that single semaphore's lock. This creates a problem during
initialization of the semaphore array, when the data structures
used by sem_lock have not been set up yet. The sma->lock is
already held by newary, and we just have to make sure everything
else waits on that lock during initialization.
Luckily it is easy to make sem_lock wait on the sma->lock, by
pretending there is a complex operation in progress while the sma
is being initialized.
The newary function already zeroes sma->complex_count before
unlocking the sma->lock.
if it is called before sma->sem_base has been pointed