[PATCH] cpukit/score: avoid NULL and races in priority mutex
Gedare Bloom
gedare at rtems.org
Fri Jan 3 17:40:00 UTC 2020
On Fri, Jan 3, 2020 at 10:19 AM Joel Sherrill <joel at rtems.org> wrote:
>
>
>
> On Fri, Jan 3, 2020, 12:08 AM Sebastian Huber <sebastian.huber at embedded-brains.de> wrote:
>>
>> On 03/01/2020 00:24, Gedare Bloom wrote:
>> > while ( !_Chain_Is_empty( &the_thread->Priority_node.Inherited_priorities ) ) {
>> > + _ISR_Disable( level );
>> > _Thread_Dequeue_priority_node(
>> > ((Thread_Priority_node*)_Chain_First(
>> > &the_thread->Priority_node.Inherited_priorities
>> > ))
>> > );
>> > + _ISR_Enable( level );
>> > }
>>
>> I don't know how the stuff works in detail, but this looks like a TOCTOU
>> problem. Should this be changed into:
>>
>> _ISR_Disable( level );
>> while ( !_Chain_Is_empty(
>> &the_thread->Priority_node.Inherited_priorities ) ) {
>> _Thread_Dequeue_priority_node(
>> (Thread_Priority_node *) _Chain_First(
>> &the_thread->Priority_node.Inherited_priorities
>> )
>> );
>> _ISR_Flash( level );
>> }
>> _ISR_Enable( level );
>
>
> I think Sebastian is right. There is a small window.
I'll push with this change. I'm not even sure this is live code. It
requires a thread reset while the thread is holding a lock. I don't
know if this is possible. Definitely it is a bad idea.
>>
>>
>> --
>> Sebastian Huber, embedded brains GmbH
>>
>> Address : Dornierstr. 4, D-82178 Puchheim, Germany
>> Phone : +49 89 189 47 41-16
>> Fax : +49 89 189 47 41-09
>> E-Mail : sebastian.huber at embedded-brains.de
>> PGP : Public key available on request.
>>
>> Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.
>> _______________________________________________
>> devel mailing list
>> devel at rtems.org
>> http://lists.rtems.org/mailman/listinfo/devel
More information about the devel
mailing list