From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: From: erik quanstrom Date: Thu, 30 Jul 2009 10:39:08 -0400 To: 9fans@9fans.net In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Race condition in /sys/src/9/pc/trap.c? Topicbox-Message-UUID: 32333fb4-ead5-11e9-9d60-3106f5b1d025 > > plan 9 threads are cooperatively scheduled. so > > the correct term is proc. but you are correct, > > another proc sharing memory with this one > > could be running. however, that proc would > > not have access to this proc's stack. (rfork > > doesn't allow shared stack.) and even if it > > did, plan 9 stacks don't shrink. > > What if sp points inside a segment which is not the actual stack segment? > Then could someone else come along and segdetach() it in between the two > mentioned lines? see below: > > let's suppose that the address is invalid later. > > the kernel always moves data to/from user > > buffers outside of any locks because even > > valid targets may be paged out. if the address > > is truely invalid, waserror() will be true and > > the else branch starting at 714 will be executed if you think this is possible, why don't you build a test case and prove that it can happen. the easiest way would be to disable the check completely. - erik