Re: [PATCH] fix race in AF_UNIX
From: Miklos Szeredi
Date: Mon Jun 18 2007 - 06:48:17 EST
> * Thomas Graf <tgraf@xxxxxxx> 2007-06-18 12:32
> > * Miklos Szeredi <miklos@xxxxxxxxxx> 2007-06-18 11:44
> > > Garbage collection only ever happens, if the app is sending AF_UNIX
> > > sockets over AF_UNIX sockets. Which is a rather rare case. And which
> > > is basically why this bug went unnoticed for so long.
> > >
> > > So my second patch only affects the performance of _exactly_ those
> > > apps which might well be bitten by the bug itself.
> >
> > That's not entirely the truth. It affects all applications using
> > AF_UNIX sockets while file descriptors are being transfered. I
> > agree that the performance impact is not severe on most systems
> > but if file descriptors are being transfered continously by just
> > a single application it can become rather severe.
>
> Also think of the scenario where an application, deliberately or not,
> begins a file descriptor tranfser using sendmsg() and the receiving
> part never invokes recvmsg() to decrement the inflight counters
> again. Every unix socket that gets closed would result in a gc call
> locking all sockets.
And if some of the sent files were unix sockets, rightly so, since the
sent sockets might need to be garbage collected.
And BTW the whole gc is done with the unix_table_lock held, so it will
stop some socket operations anyway. The fact that it needs to stop
some more operations is a necessary thing. But we are talking about a
_spinlocked_ region, which for zillions of sockets might run for a
long time, but it's not as if it's really going to affect performance
in real cases.
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/