Page MenuHomeFreeBSD

kthread: Set *tdptr earlier in kproc_kthread_add()
ClosedPublic

Authored by markj on Apr 24 2024, 12:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jan 18, 9:28 PM
Unknown Object (File)
Thu, Jan 9, 3:20 PM
Unknown Object (File)
Dec 17 2024, 6:56 AM
Unknown Object (File)
Nov 3 2024, 3:27 AM
Unknown Object (File)
Oct 7 2024, 9:10 PM
Unknown Object (File)
Sep 25 2024, 11:21 AM
Unknown Object (File)
Sep 11 2024, 1:10 AM
Unknown Object (File)
Sep 11 2024, 1:09 AM
Subscribers

Details

Summary

See commit ae77041e0714 ("kthread: Set *newtdp earlier in
kthread_add1()") for details. That commit was incomplete since
g_init()'s first call to kproc_kthread_add() will cause
kproc_kthread_add() to take the *procptr == NULL branch, which avoids
kthread_create().

To ensure that the thread pointer is initialized before the thread
starts running, we have to start the kernel process with RFSTOPPED.
We could perhaps go further and use RFSTOPPED only when tdptr != NULL,
but it's probably better to have consistent behaviour.

Reported by: syzbot+e91e798f3c088215ace6@syzkaller.appspotmail.com

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 57324
Build 54212: arc lint + arc unit

Event Timeline

This revision is now accepted and ready to land.Apr 24 2024, 2:03 PM

I don't see any more path where the pointer to the new struct thread won't be initialized before the new thread is started, so I think this completely fixes the initial problem. Moreover, there most probably won't be any noticeable performance impact, since kproc_create() in the end calls fork1() with RFSTOPPED, so the only difference is now that the new process will be released only very slightly later.