fix a problem referencing free'd memory. This is only a problem for
kqueue write events on a socket and you regularly create tons of pipes which overwrites the structure causing a panic when removing the knote from the list. If the peer has gone away (and it's a write knote), then don't bother trying to remove the knote from the list. Submitted by: Brian Buchanan and myself Obtained from: nCircle
This commit is contained in:
jmg
parent
d2021de109
commit
f1d456150e
@ -1467,7 +1467,6 @@ pipe_kqfilter(struct file *fp, struct knote *kn)
|
||||
default:
|
||||
return (1);
|
||||
}
|
||||
kn->kn_hook = cpipe;
|
||||
|
||||
PIPE_LOCK(cpipe);
|
||||
SLIST_INSERT_HEAD(&cpipe->pipe_sel.si_note, kn, kn_selnext);
|
||||
@ -1478,7 +1477,13 @@ pipe_kqfilter(struct file *fp, struct knote *kn)
|
||||
static void
|
||||
filt_pipedetach(struct knote *kn)
|
||||
{
|
||||
struct pipe *cpipe = (struct pipe *)kn->kn_hook;
|
||||
struct pipe *cpipe = (struct pipe *)kn->kn_fp->f_data;
|
||||
|
||||
if (kn->kn_filter == EVFILT_WRITE) {
|
||||
if (cpipe->pipe_peer == NULL)
|
||||
return;
|
||||
cpipe = cpipe->pipe_peer;
|
||||
}
|
||||
|
||||
PIPE_LOCK(cpipe);
|
||||
SLIST_REMOVE(&cpipe->pipe_sel.si_note, kn, knote, kn_selnext);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user