Opened 11 years ago

Closed 11 years ago

#488 closed defect (fixed)

ipc_cleanup() may leave new callback connections behind

Reported by: Jakub Jermář Owned by: Jakub Jermář
Priority: major Milestone: 0.6.0
Component: helenos/kernel/generic Version: mainline
Keywords: ipc Cc:
Blocker for: Depends on:
See also:

Description

In theory, when an IPC_M_CONNECT_TO_ME call is answered after ipc_cleanup() calls ipc_answerbox_slam_phones(), the other side will have an open phone connected to the exiting task's answerbox. ipc_cleanup() will not notice this and will leave the foreign phone connected. This will sooner or later result in kernel memory corruption because the phone will be linked to unallocated memory.

Change History (2)

comment:1 by Jakub Jermář, 11 years ago

I am planning to fix this soon in lp:~jakub/helenos/camp2012.

comment:2 by Jakub Jermář, 11 years ago

Resolution: fixed
Status: newclosed

Fixed in mainline,1665.

Note: See TracTickets for help on using tickets.