From owner-cvs-all@FreeBSD.ORG  Wed Sep 24 05:52:57 2003
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id EB04916A4B3; Wed, 24 Sep 2003 05:52:57 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7603C44014; Wed, 24 Sep 2003 05:52:57 -0700 (PDT)
	(envelope-from davidxu@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.9/8.12.9) with ESMTP id h8OCqvXJ074642;
	Wed, 24 Sep 2003 05:52:57 -0700 (PDT)
	(envelope-from davidxu@repoman.freebsd.org)
Received: (from davidxu@localhost)
	by repoman.freebsd.org (8.12.9/8.12.9/Submit) id h8OCqv3p074641;
	Wed, 24 Sep 2003 05:52:57 -0700 (PDT)
	(envelope-from davidxu)
Message-Id: <200309241252.h8OCqv3p074641@repoman.freebsd.org>
From: David Xu <davidxu@FreeBSD.org>
Date: Wed, 24 Sep 2003 05:52:57 -0700 (PDT)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org,
	cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/lib/libpthread/thread thr_mutex.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Sep 2003 12:52:58 -0000

davidxu     2003/09/24 05:52:57 PDT

  FreeBSD src repository

  Modified files:
    lib/libpthread/thread thr_mutex.c 
  Log:
  As comments in _mutex_lock_backout state, only current thread
  can clear the pointer to mutex, not the thread doing mutex
  handoff. Because _mutex_lock_backout does not hold scheduler
  lock while testing THR_FLAGS_IN_SYNCQ and then reading mutex
  pointer, it is possible mutex owner begin to unlock and
  handoff the mutex to the current thread, and mutex pointer
  will be cleared to NULL before current thread reading it, so
  current thread will end up with deferencing a NULL pointer,
  Fix the race by making mutex waiters to clear their mutex pointers.
  While I am here, also save inherited priority in mutex for
  PTHREAD_PRIO_INERIT mutex in mutex_trylock_common just like what
  we did in mutex_lock_common.
  
  Revision  Changes    Path
  1.42      +4 -6      src/lib/libpthread/thread/thr_mutex.c