From nobody@FreeBSD.org  Sun Feb 15 14:25:36 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C473416A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 15 Feb 2004 14:25:36 -0800 (PST)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BF5C343D1D
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 15 Feb 2004 14:25:36 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.10/8.12.10) with ESMTP id i1FMPa72056542
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 15 Feb 2004 14:25:36 -0800 (PST)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.10/8.12.10/Submit) id i1FMPaVE056541;
	Sun, 15 Feb 2004 14:25:36 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200402152225.i1FMPaVE056541@www.freebsd.org>
Date: Sun, 15 Feb 2004 14:25:36 -0800 (PST)
From: Stephan Uphoff <ups@tree.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: proc pointer set by fork1 can be stale in fork,rfork,vfork
X-Send-Pr-Version: www-2.0

>Number:         62890
>Category:       kern
>Synopsis:       proc pointer set by fork1 can be stale in fork,rfork,vfork
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    ups
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Feb 15 14:30:22 PST 2004
>Closed-Date:    
>Last-Modified:  Sat Apr 09 00:50:59 GMT 2005
>Originator:     Stephan Uphoff
>Release:        current 15 Feb 2004
>Organization:
>Environment:
N/A
>Description:
fork(),rfork(),vfork() call fork1() to create a child process
and to obtain a pointer to the new proc structure.
They then use the pointer to the proc structure
to obtain the child's pid.

However if the parent process is not interested in waiting for the child
then the child process might already be dead and its proc structure
recycled by the time fork(),rfork(),vfork() try to obtain the pid.

>How-To-Repeat:
      
>Fix:
Add pidp parameter to fork1() and use it.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->ups 
Responsible-Changed-By: kris 
Responsible-Changed-When: Sat Apr 9 00:50:50 GMT 2005 
Responsible-Changed-Why:  
Submitter is now a committer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=62890 
>Unformatted:
