svn commit: r287366 - head/sys/kern
Bryan Drewery
bdrewery at FreeBSD.org
Tue Sep 1 18:58:19 UTC 2015
On 9/1/15 11:26 AM, John-Mark Gurney wrote:
> Konstantin Belousov wrote this message on Tue, Sep 01, 2015 at 14:05 +0000:
>> Author: kib
>> Date: Tue Sep 1 14:05:29 2015
>> New Revision: 287366
>> URL: https://svnweb.freebsd.org/changeset/base/287366
>>
>> Log:
>> Exit notification for EVFILT_PROC removes knote from the knlist. In
>> particular, this invalidates the knote kn_link linkage, making the
>> SLIST_FOREACH() loop accessing undefined values (e.g. trashed by
>> QUEUE_MACRO_DEBUG). If the knote is freed by other thread when kq
>> lock is released or when influx is cleared, e.g. by knote_scan() for
>> kqueue owning the knote, the iteration step would access freed memory.
>>
>> Use SLIST_FOREACH_SAFE() to fix iteration.
>
> Please back this out immediately.
>
> I objected to this change, and you did not give me enough time to
> properly address this change.
>
FWIW we've had the same change in the Isilon codebase for some time as well.
--
Regards,
Bryan Drewery
More information about the svn-src-all
mailing list