Date: Fri, 1 Oct 2004 05:01:00 +0000 (UTC) From: David Schultz <das@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/i386/linux linux_ptrace.c Message-ID: <200410010501.i91510No086396@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
das 2004-10-01 05:01:00 UTC
FreeBSD src repository
Modified files:
sys/i386/linux linux_ptrace.c
Log:
Fix the following race:
1. Process p1 is currently being swapped in.
2. Process p2 calls linux_ptrace(PTRACE_GETFPXREGS, p1_pid, ...)
3. After acquiring a reference to FIRST_THREAD_IN_PROC(p1),
p2 blocks in faultin() while p1 finishes being swapped in.
This means p2 won't get back the lock on p1 until after p1's
threads are runnable.
4. After p1 is swapped in, the first thread in p1 exits.
5. p2 now uses its dangling reference to p1's first thread.
Revision Changes Path
1.14 +4 -3 src/sys/i386/linux/linux_ptrace.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200410010501.i91510No086396>