kernel: queue: k_queue_poll: Fix slist access race condition
All sys_slist_*() functions aren't threadsafe and calls to them must be protected with irq_lock. This is usually done in a wider caller context, but k_queue_poll() is called with irq_lock already relinquished, and is thus subject to hard to detect and explain race conditions, as e.g. was tracked in #4022. Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This commit is contained in:
Paul Sokolovsky
Carles Cufí
parent
22d02db46e
commit
199d07e655
1 changed files with 9 additions and 1 deletions
|
|
@ -199,6 +199,8 @@ static void *k_queue_poll(struct k_queue *queue, s32_t timeout)
|
|||
{
|
||||
struct k_poll_event event;
|
||||
int err;
|
||||
unsigned int key;
|
||||
void *val;
|
||||
|
||||
k_poll_event_init(&event, K_POLL_TYPE_FIFO_DATA_AVAILABLE,
|
||||
K_POLL_MODE_NOTIFY_ONLY, queue);
|
||||
|
|
@ -212,7 +214,13 @@ static void *k_queue_poll(struct k_queue *queue, s32_t timeout)
|
|||
|
||||
__ASSERT_NO_MSG(event.state == K_POLL_STATE_FIFO_DATA_AVAILABLE);
|
||||
|
||||
return sys_slist_get(&queue->data_q);
|
||||
/* sys_slist_* aren't threadsafe, so must be always protected by
|
||||
* irq_lock.
|
||||
*/
|
||||
key = irq_lock();
|
||||
val = sys_slist_get(&queue->data_q);
|
||||
irq_unlock(key);
|
||||
return val;
|
||||
}
|
||||
#endif /* CONFIG_POLL */
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue