Fix filt_timer* races: Finish initializing a knote before we pass it to

a callout, and use the new callout_drain API to make sure that a callout
has finished before we deallocate memory it is using.

PR:		kern/64121
Discussed with:	gallatin
This commit is contained in:
Colin Percival 2004-04-07 05:59:57 +00:00
parent c3959ad01c
commit ec513ff759

View File

@ -348,8 +348,8 @@ filt_timerattach(struct knote *kn)
MALLOC(calloutp, struct callout *, sizeof(*calloutp),
M_KQUEUE, M_WAITOK);
callout_init(calloutp, 0);
callout_reset(calloutp, tticks, filt_timerexpire, kn);
kn->kn_hook = calloutp;
callout_reset(calloutp, tticks, filt_timerexpire, kn);
return (0);
}
@ -360,7 +360,7 @@ filt_timerdetach(struct knote *kn)
struct callout *calloutp;
calloutp = (struct callout *)kn->kn_hook;
callout_stop(calloutp);
callout_drain(calloutp);
FREE(calloutp, M_KQUEUE);
kq_ncallouts--;
}