WSL2-Linux-Kernel/kernel
Martin Schwidefsky 9f96cb1e8b robust futex thread exit race
Calling handle_futex_death in exit_robust_list for the different robust
mutexes of a thread basically frees the mutex.  Another thread might grab
the lock immediately which updates the next pointer of the mutex.
fetch_robust_entry over the next pointer might therefore branch into the
robust mutex list of a different thread.  This can cause two problems: 1)
some mutexes held by the dead thread are not getting freed and 2) some
mutexs held by a different thread are freed.

The next point need to be read before calling handle_futex_death.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-01 07:52:23 -07:00
..
irq request_irq: fix DEBUG_SHIRQ handling 2007-08-31 01:42:23 -07:00
power hibernation doesn't even build on frv - tons of helpers are missing 2007-09-26 09:22:04 -07:00
time clockevents: remove the suspend/resume workaround^Wthinko 2007-09-22 17:15:34 -07:00
.gitignore
Kconfig.hz
Kconfig.preempt
Makefile
acct.c
audit.c
audit.h
auditfilter.c
auditsc.c kernel/auditsc.c: fix an off-by-one 2007-08-22 19:52:44 -07:00
capability.c
compat.c
configs.c
cpu.c PM: Fix dependencies of CONFIG_SUSPEND and CONFIG_HIBERNATION 2007-08-31 01:42:22 -07:00
cpuset.c
delayacct.c
die_notifier.c
dma.c
exec_domain.c
exit.c signalfd simplification 2007-09-20 13:19:59 -07:00
extable.c
fork.c signalfd simplification 2007-09-20 13:19:59 -07:00
futex.c robust futex thread exit race 2007-10-01 07:52:23 -07:00
futex_compat.c robust futex thread exit race 2007-10-01 07:52:23 -07:00
hrtimer.c
itimer.c
kallsyms.c
kexec.c
kfifo.c
kmod.c Restore call_usermodehelper_pipe() behaviour 2007-09-11 17:21:20 -07:00
kprobes.c fix compilation with gcc 4.2 2007-08-11 15:47:42 -07:00
ksysfs.c
kthread.c kthread: silence bogus section mismatch warning 2007-07-31 15:39:42 -07:00
latency.c
lockdep.c
lockdep_internals.h
lockdep_proc.c
module.c Fix Off-by-one in /sys/module/*/refcnt 2007-08-22 14:35:35 -07:00
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
nsproxy.c
panic.c
params.c
pid.c
posix-cpu-timers.c
posix-timers.c posix-timers: fix creation race 2007-08-22 19:52:46 -07:00
printk.c fix - ensure we don't use bootconsoles after init has been released 2007-08-21 20:23:53 -07:00
profile.c fix compilation with gcc 4.2 2007-08-11 15:47:42 -07:00
ptrace.c Fix spurious syscall tracing after PTRACE_DETACH + PTRACE_ATTACH 2007-09-10 18:57:47 -07:00
rcupdate.c
rcutorture.c
relay.c Fix a use after free bug in kernel->userspace relay file support 2007-07-31 15:39:42 -07:00
resource.c
rtmutex-debug.c
rtmutex-debug.h
rtmutex-tester.c
rtmutex.c
rtmutex.h
rtmutex_common.h
rwsem.c
sched.c sched: fix invalid sched_class use 2007-09-19 23:34:46 +02:00
sched_debug.c sched: debug: fix sum_exec_runtime clearing 2007-09-05 14:32:49 +02:00
sched_fair.c sched: add /proc/sys/kernel/sched_compat_yield 2007-09-19 23:34:46 +02:00
sched_idletask.c sched: remove the 'u64 now' parameter from ->put_prev_task() 2007-08-09 11:16:49 +02:00
sched_rt.c sched: optimize task_tick_rt() a bit 2007-08-24 20:39:10 +02:00
sched_stats.h [PATCH] sched: add schedstat_set() API 2007-08-02 17:41:40 +02:00
seccomp.c
signal.c signalfd simplification 2007-09-20 13:19:59 -07:00
softirq.c
softlockup.c
spinlock.c
srcu.c
stacktrace.c
stop_machine.c
sys.c Fix SMP poweroff hangs 2007-10-01 07:52:23 -07:00
sys_ni.c
sysctl.c sched: add /proc/sys/kernel/sched_compat_yield 2007-09-19 23:34:46 +02:00
taskstats.c
time.c
timer.c
tsacct.c
uid16.c
user.c Fix user namespace exiting OOPs 2007-09-19 11:24:18 -07:00
user_namespace.c Fix user namespace exiting OOPs 2007-09-19 11:24:18 -07:00
utsname.c Fix UTS corruption during clone(CLONE_NEWUTS) 2007-09-19 11:24:17 -07:00
utsname_sysctl.c
wait.c
workqueue.c fix bogus hotplug cpu warning 2007-08-27 10:27:48 -07:00