fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2025-12-22 09:19:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Kernel: Close a Thread tid lookup race

Browse Source 
There is a window between dropping a thread's last reference and it
being removed from the list.

Found in #5541
This commit is contained in:
Tom
2021-05-20 13:58:36 -06:00
committed by Andreas Kling
parent adfdfd6aba
commit 9dcc7a67e5
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Kernel/Thread.cpp
View File

@@ -1034,9 +1034,16 @@ RefPtr<Thread> Thread::from_tid(ThreadID tid)
RefPtr<Thread> found_thread;
{
ScopedSpinLock lock(g_tid_map_lock);
auto it = g_tid_map->find(tid);
if (it != g_tid_map->end())
found_thread = it->value;
if (auto it = g_tid_map->find(tid); it != g_tid_map->end()) {
// We need to call try_ref() here as there is a window between
// dropping the last reference and calling the Thread's destructor!
// We shouldn't remove the threads from that list until it is truly
// destructed as it may stick around past finalization in order to
// be able to wait() on it!
if (it->value->try_ref()) {
found_thread = adopt_ref(*it->value);
}
}
}
return found_thread;
}