BUG FIX: 2.2.16 kernel
FILE : net/core/dev.c
ROUTINE: net_bh()
There is an SMP race condition in file net/core/dev.c routine net_bh() that can
result in skb_dequeue(&backlog) returning NULL.
It's pretty straight forward and goes like this...
0: dev_close() calls dev_clear_backlog() for the device it is closing
0: dev_clear_backlog() gets skb_queue_lock.
1: net_bh() tests skb_queue_empty(&backlog) == false WITHOUT skb_queue_lock
1: tries to get skb_queue_lock and waits...
0: empties the backlog queue for dev. backlog queue now completely empty.
0: releases skb_queue_lock
1: acquires skb_queue_lock
1: backlog queue is now empty, skb == NULL!
Attached is the obvious 2 line patch:
if (skb == NULL)
break;
Regards,
Steve Cooper
Consensys Computers Inc.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Aug 15 2000 - 21:00:34 EST