unix: Fix handling of listening sockets during garbage collection
ClosedPublic
Actions

Authored by markj on Thu, Nov 13, 7:42 PM.

Tags

None

Referenced Files

	F136224552: D53743.id166401.diff
	Sun, Nov 16, 6:16 PM

	F136224534: D53743.id166385.diff
	Sun, Nov 16, 6:16 PM

	F136209800: D53743.id166401.diff
	Sun, Nov 16, 4:38 PM

	F136209795: D53743.id166385.diff
	Sun, Nov 16, 4:38 PM

	F136209794: D53743.id.diff
	Sun, Nov 16, 4:38 PM

	F136192667: D53743.diff
	Sun, Nov 16, 2:36 PM

	Unknown Object (File)
	Fri, Nov 14, 8:57 PM

	Unknown Object (File)
	Fri, Nov 14, 8:57 PM

View All 18 Files

Subscribers

imp

olce

Details

Reviewers

glebius

Commits

rG9d9fa9a2c22f: unix: Fix handling of listening sockets during garbage collection

Summary

socantrcvmore() and unp_dispose() assume that the socket's socket
buffers are initialized, which isn't the case for listening sockets.

Reported by: syzbot+a62883292a5c257703be@syzkaller.appspotmail.com

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 68617
Build 65500: arc lint + arc unit

Event Timeline

markj created this revision.Thu, Nov 13, 7:42 PM

Herald added subscribers: olce, imp. · View Herald TranscriptThu, Nov 13, 7:42 PM

markj requested review of this revision.Thu, Nov 13, 7:42 PM

Harbormaster completed remote builds in B68617: Diff 166385.Thu, Nov 13, 7:42 PM

glebius accepted this revision.Thu, Nov 13, 10:39 PM

This revision is now accepted and ready to land.Thu, Nov 13, 10:39 PM

Closed by commit rG9d9fa9a2c22f: unix: Fix handling of listening sockets during garbage collection (authored by markj). · Explain WhyFri, Nov 14, 12:46 AM

This revision was automatically updated to reflect the committed changes.

markj added a commit: rG9d9fa9a2c22f: unix: Fix handling of listening sockets during garbage collection.

Revision Contents
Changeset List

Path

Size

sys/

kern/

uipc_usrreq.c

10 lines

tests/

sys/

kern/

unix_passfd_test.c

29 lines

Diff 166385

View Options

sys/kern/uipc_usrreq.c