summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGedare Bloom <gedare@rtems.org>2020-01-02 15:45:30 -0700
committerGedare Bloom <gedare@rtems.org>2020-01-03 09:10:09 -0700
commite3f6d35f65a49a2e5f79ddba0645bb9b7e51f182 (patch)
treed008d360a667b297907dd4cc67220a387f2686ce
parentshell: Correct argument order of `mfill` (diff)
downloadrtems-4.10.tar.bz2
cpukit/score: avoid NULL and races in priority mutex4.10
The PIP modifications from #3359 introduced new data structures to track priority inheritance. Prioritized mutexes without PIP share some of the code paths, and may result in NULL pointer accesses. This patch checks for NULL, and also adds ISR critical sections to an uncovered corner case during thread restarts. Closes #3829.
-rw-r--r--cpukit/score/src/threadqextractpriority.c4
-rw-r--r--cpukit/score/src/threadreset.c6
2 files changed, 9 insertions, 1 deletions
diff --git a/cpukit/score/src/threadqextractpriority.c b/cpukit/score/src/threadqextractpriority.c
index 5c8188d661..9288d17980 100644
--- a/cpukit/score/src/threadqextractpriority.c
+++ b/cpukit/score/src/threadqextractpriority.c
@@ -109,7 +109,9 @@ bool _Thread_queue_Extract_priority_helper(
}
mutex = _Thread_Dequeue_priority_node( &the_thread->Priority_node );
- _Thread_Evaluate_priority( mutex->holder );
+ if ( mutex != NULL ) {
+ _Thread_Evaluate_priority( mutex->holder );
+ }
if ( !_Watchdog_Is_active( &the_thread->Timer ) ) {
_ISR_Enable( level );
diff --git a/cpukit/score/src/threadreset.c b/cpukit/score/src/threadreset.c
index 464a611391..6a03135af1 100644
--- a/cpukit/score/src/threadreset.c
+++ b/cpukit/score/src/threadreset.c
@@ -48,6 +48,7 @@ void _Thread_Reset(
)
{
CORE_mutex_Control *mutex;
+ ISR_Level level;
the_thread->resource_count = 0;
#if defined(RTEMS_ITRON_API)
@@ -66,18 +67,23 @@ void _Thread_Reset(
(void) _Watchdog_Remove( &the_thread->Timer );
}
+ _ISR_Disable( level );
if ( the_thread->Priority_node.waiting_to_hold != NULL ) {
mutex = _Thread_Dequeue_priority_node( &the_thread->Priority_node );
_Thread_Evaluate_priority( mutex->holder );
}
+ _ISR_Enable( level );
+ _ISR_Disable( level );
while ( !_Chain_Is_empty( &the_thread->Priority_node.Inherited_priorities ) ) {
_Thread_Dequeue_priority_node(
((Thread_Priority_node*)_Chain_First(
&the_thread->Priority_node.Inherited_priorities
))
);
+ _ISR_Flash( level );
}
+ _ISR_Enable( level );
if ( the_thread->Priority_node.current_priority != the_thread->Start.initial_priority ) {
the_thread->Priority_node.real_priority = the_thread->Start.initial_priority;