Page MenuHomeFreeBSD
Differential D18060

Fix unsynchronized updates to kn_status.
ClosedPublic
Actions

Authored by markj on Nov 20 2018, 9:33 PM.
Tags
None
Referenced Files
F111236507: D18060.diff
Sat, Mar 1, 6:13 AM
Unknown Object (File)
Jan 20 2025, 11:12 PM
Unknown Object (File)
Jan 20 2025, 7:08 AM
Unknown Object (File)
Jan 19 2025, 9:56 PM
Unknown Object (File)
Jan 18 2025, 5:09 PM
Unknown Object (File)
Jan 17 2025, 4:15 AM
Unknown Object (File)
Jan 12 2025, 7:54 PM
Unknown Object (File)
Dec 7 2024, 6:27 AM
View All 41 Files
Subscribers
imp

Details

Reviewers
kib
jmg
Commits
rS340734: Avoid unsynchronized updates to kn_status.
Summary

kn_status is protected by the kqueue's lock, but we were updating it
without the kqueue lock held. For EVFILT_TIMER knotes, there is no
knlist lock, so the knote activation could occur during the kn_status
update following event registration. The activation should enqueue the
knote and set KN_QUEUED, but I have a test case where the KN_QUEUED flag
gets lost, leading to corruption of the queue.

Fix the problem by setting or clearing KN_DISABLED before dropping the
kqueue lock to call into the filter. KN_DISABLED is only used by the
core kevent code, so there is no side effect from setting it earlier.

Test Plan

I have a test program that can trigger the race and a resulting crash; Peter
added it to stress2.

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 20914
Build 20279: arc lint + arc unit

Revision Contents
Changeset List

PathSize
sys/
kern/
21 lines

Diff 50647

View Options

sys/kern/kern_event.c

Loading...