Page MenuHomeFreeBSD
Differential D42745

kqueue: on process exit, force-clear its registered signal events
ClosedPublic
Actions

Authored by kib on Nov 24 2023, 6:47 AM.
Tags
None
Referenced Files
F134765618: D42745.id130495.diff
Tue, Nov 4, 12:11 PM
F134765296: D42745.id130517.diff
Tue, Nov 4, 12:08 PM
F134765237: D42745.diff
Tue, Nov 4, 12:07 PM
F134765033: D42745.id.diff
Tue, Nov 4, 12:05 PM
Unknown Object (File)
Sat, Oct 18, 11:47 PM
Unknown Object (File)
Tue, Oct 14, 4:25 AM
Unknown Object (File)
Tue, Oct 14, 4:25 AM
Unknown Object (File)
Tue, Oct 14, 4:25 AM
View All 82 Files
Subscribers
emaste
imp

Details

Reviewers
markj
jhb
Commits
rG393ac29f0b8b: kqueue: on process exit, force-clear its registered signal events
Summary
Normally, process already has all its kqueue fds destroyed at the moment
p_klist is detached in exit flow. But, if the process was created with
rfork(2) with shared file descriptors, its signal knotes can survive.
Then, knlist_detach() does not destroy non-empty knlist. Later, when
owning kqueue is closed, we access freed (or rather, reused, because
struct proc is type-stable) memory by referencing p->p_klist from such
knote.

Handle this situation by deleting all knotes hanging from p_klist.

PR:     275286

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
kern/
1 line

Diff 130517

View Options

sys/kern/kern_exit.c

Loading...