cce83ba0ec
taskq_seq_show_impl walks the tq_active_list to show the tqent_func and tqent_arg. However for taskq_dispatch_ent, it's very likely that the task entry will be freed during the function call, and causes a use-after-free bug. To fix this, we duplicate the task entry to an on-stack struct, and assign it instead to tqt_task. This way, the tq_lock alone will guarantee its safety. Reviewed-by: Tim Chase <tim@chase2k.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Chunwei Chen <david.chen@osnexus.com> Closes #638 Closes #640 |
||
---|---|---|
.. | ||
Makefile.in | ||
spl-atomic.c | ||
spl-condvar.c | ||
spl-cred.c | ||
spl-err.c | ||
spl-generic.c | ||
spl-kmem-cache.c | ||
spl-kmem.c | ||
spl-kobj.c | ||
spl-kstat.c | ||
spl-mutex.c | ||
spl-proc.c | ||
spl-rwlock.c | ||
spl-taskq.c | ||
spl-thread.c | ||
spl-tsd.c | ||
spl-vmem.c | ||
spl-vnode.c | ||
spl-xdr.c | ||
spl-zlib.c |