anchao commented on issue #17418: URL: https://github.com/apache/nuttx/issues/17418#issuecomment-3606587254
> The test case contains main thread and a detached thread, here is the sequence which trigger used after free: > > 1. main thread enter exit process > 2. main thread remove self from task group > 3. main thread cancel test thread > 4. test thread remove self from task group > 5. task group is freed affer step 4 since all threads in the group exit > 6. main thread run again and crash immediately since it's tcb(group) is freed at step 4 > > This problem isn't related to SMP directly. enable CONFIG_CANCELLATION_POINTS and works fine again: <img width="741" height="307" alt="Image" src="https://github.com/user-attachments/assets/0db76655-6472-48b0-b668-96600c86ee80"; /> @husong2 I couldn't find this configuration in the community code: /nuttx/boards/arm/qemu/qemu-armv8r-aarch32/configs/smp/defconfig I reiterate, please reproduce the issue using the community code, not Xiaomi's internal branches. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
