proc: fix refcounting bug in proc_get_set()
authorBarret Rhoden <brho@cs.berkeley.edu>
Fri, 17 May 2019 03:03:11 +0000 (23:03 -0400)
committerBarret Rhoden <brho@cs.berkeley.edu>
Fri, 17 May 2019 03:03:11 +0000 (23:03 -0400)
commit023b2a861ae275db7f0b1d4fd634968b96d394f8
treef7c0ce1a2a21b431ec83ec9877bbb094bc9326ba
parent46f3b28fdbc8f4fcdeeb4eb5e7729ab12dee9d04
proc: fix refcounting bug in proc_get_set()

You can't blindly incref when iterating over the procs.  You need to
hold the hash lock, then call kref_get_not_zero.  You're synchronizing
with __proc_free().

Reported-by: syzbot+4ea9ed2220ee4d513e0b@syzkaller.appspotmail.com
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
kern/src/process.c