Date: Tue, 16 Mar 2004 11:11:53 -0800 (PST) From: "Ramy M. Hassan" <ramy@gawab.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/64347: Bug in sysv semaphore waiting processes count Message-ID: <200403161911.i2GJBr67036807@www.freebsd.org> Resent-Message-ID: <200403161920.i2GJK8wc044133@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 64347 >Category: misc >Synopsis: Bug in sysv semaphore waiting processes count >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Mar 16 11:20:08 PST 2004 >Closed-Date: >Last-Modified: >Originator: Ramy M. Hassan >Release: 4.9RELEASE >Organization: AAST >Environment: FreeBSD GawabSRV01.Gawab.com 4.9-RELEASE-p2 FreeBSD 4.9-RELEASE-p2 #0: Tue Mar 2 03:21:19 EET 2004 root@GawabSRV01.Gawab.com:/usr/obj/usr/src/sys/GAWABMAINSMPWFC i386 >Description: When a procss is waiting for a semaphore value to be more than zero ( calling semop ) , then receives a signal, the semop() returns -1 and errno is set to EINTR. This is fine, but the problem is that the number of processes waiting for the semaphore is not decremented. So a successive call to semctl(semsetid,semid,GETNCNT,0) will return an incorrect value. >How-To-Repeat: Write a program that intializes a semaphore set to zero , then call semop in a loop struct sembuf oplist[] = { { 0 , -1 , 0 } }; while ( semop(semid,oplist,1) < 0 ) { printf("Number of waiting processes %d \n",semctl(semid,prof,GETNCNT)); } while the process is waiting on the semaphore , send the process any signal that the process can handle. You will see that the number of waiting processes will increment each time a signal is sent which is incorrect. >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403161911.i2GJBr67036807>