[incubator-nuttx] branch master updated: sched/waitpid: handle waitpid waitting tcb->group is NULL

Sun, 04 Jul 2021 04:24:13 -0700 

This is an automated email from the ASF dual-hosted git repository.

xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git


The following commit(s) were added to refs/heads/master by this push:
     new ece224a  sched/waitpid: handle waitpid waitting tcb->group is NULL
ece224a is described below

commit ece224a7e302a61acaed211f98c9c7d52fff061f
Author: ligd <liguidi...@xiaomi.com>
AuthorDate: Tue Jun 29 14:16:00 2021 +0800

    sched/waitpid: handle waitpid waitting tcb->group is NULL
    
    Fail case:
    exit -> nxtask_terminate -> nxtask_exithook -> nxsched_release_tcb
                                group_leave     || nxsched_releasepid & 
group_leave
                                                /\
                                               /  \
                                           switch out & waitpid()
    
    Thread A group_leave in nxtask_exithook, switch out,
    Thread B do waitpid(thread A) then meet traget thread A group is NULL, 
error.
    
    Change-Id: Ia181d7a13aa645ec1c3141a45839fbf79db35b17
    Signed-off-by: ligd <liguidi...@xiaomi.com>
---
 sched/sched/sched_waitid.c  |  8 +++++---
 sched/sched/sched_waitpid.c | 11 +++++++----
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/sched/sched/sched_waitid.c b/sched/sched/sched_waitid.c
index 5392223..543a2a7 100644
--- a/sched/sched/sched_waitid.c
+++ b/sched/sched/sched_waitid.c
@@ -167,9 +167,11 @@ int nx_waitid(int idtype, id_t id, FAR siginfo_t *info, 
int options)
        */
 
       ctcb = nxsched_get_tcb((pid_t)id);
-      if (ctcb != NULL)
+      if (ctcb && ctcb->group)
         {
-          if (ctcb->group->tg_ppid != rtcb->group->tg_pid)
+          /* Make sure that the thread it is our child. */
+
+          if (ctcb->group->tg_ppid != rtcb->pid)
             {
               ret = -ECHILD;
               goto errout;
@@ -209,7 +211,7 @@ int nx_waitid(int idtype, id_t id, FAR siginfo_t *info, int 
options)
 
       ctcb = nxsched_get_tcb((pid_t)id);
 
-      if (ctcb == NULL || ctcb->group->tg_ppid != rtcb->group->tg_pid)
+      if (!ctcb || !ctcb->group || ctcb->group->tg_ppid != rtcb->pid)
         {
           ret = -ECHILD;
           goto errout;
diff --git a/sched/sched/sched_waitpid.c b/sched/sched/sched_waitpid.c
index 64c5af3..d13b718 100644
--- a/sched/sched/sched_waitpid.c
+++ b/sched/sched/sched_waitpid.c
@@ -81,7 +81,11 @@ pid_t nx_waitpid(pid_t pid, int *stat_loc, int options)
   /* Then the task group corresponding to this PID */
 
   group = ctcb->group;
-  DEBUGASSERT(group);
+  if (group == NULL)
+    {
+      ret = -ECHILD;
+      goto errout;
+    }
 
   /* Lock this group so that it cannot be deleted until the wait completes */
 
@@ -230,7 +234,7 @@ pid_t nx_waitpid(pid_t pid, int *stat_loc, int options)
        */
 
       ctcb = nxsched_get_tcb(pid);
-      if (ctcb != NULL)
+      if (ctcb && ctcb->group)
         {
           /* Make sure that the thread it is our child. */
 
@@ -273,8 +277,7 @@ pid_t nx_waitpid(pid_t pid, int *stat_loc, int options)
        */
 
       ctcb = nxsched_get_tcb(pid);
-
-      if (ctcb == NULL || ctcb->group->tg_ppid != rtcb->group->tg_pid)
+      if (!ctcb || !ctcb->group || ctcb->group->tg_ppid != rtcb->pid)
         {
           ret = -ECHILD;
           goto errout;

Reply via email to