On Tue, Nov 2, 2021 at 6:24 AM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote: > > On Fri, Oct 15, 2021 at 04:38:11PM -0700, Todd Kjos wrote: > > When freeing txn buffers, binder_transaction_buffer_release() > > attempts to detect whether the current context is the target by > > comparing current->group_leader to proc->tsk. This is an unreliable > > test. Instead explicitly pass an 'is_failure' boolean. > > > > Detecting the sender was being used as a way to tell if the > > transaction failed to be sent. When cleaning up after > > failing to send a transaction, there is no need to close > > the fds associated with a BINDER_TYPE_FDA object. Now > > 'is_failure' can be used to accurately detect this case. > > > > It's really hard for me to understand what this bug looks like to the > user? Is it a memory leak or do we free the wrong thing? It is a difficult case to hit (impossible for "well-behaved" processes), but it could result in file descriptors being closed when they shouldn't be. > > regards, > dan carpenter > > -- > To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@xxxxxxxxxxx. > _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
