Opened 12 years ago
Closed 12 years ago
#488 closed defect (fixed)
ipc_cleanup() may leave new callback connections behind
| Reported by: | Jakub Jermář | Owned by: | Jakub Jermář |
|---|---|---|---|
| Priority: | major | Milestone: | 0.6.0 |
| Component: | helenos/kernel/generic | Version: | mainline |
| Keywords: | ipc | Cc: | |
| Blocker for: | Depends on: | ||
| See also: |
Description
In theory, when an IPC_M_CONNECT_TO_ME call is answered after ipc_cleanup() calls ipc_answerbox_slam_phones(), the other side will have an open phone connected to the exiting task's answerbox. ipc_cleanup() will not notice this and will leave the foreign phone connected. This will sooner or later result in kernel memory corruption because the phone will be linked to unallocated memory.
Note:
See TracTickets
for help on using tickets.
I am planning to fix this soon in lp:~jakub/helenos/camp2012.