freebsd-skq/sys/kern
Konstantin Belousov f7780c61e7 The unp_gc() function drops and reaquires lock between scan and
collect phases.  The unp_discard() function executes
unp_externalize_fp(), which might make the socket eligible for gc-ing,
and then, later, taskqueue will close the socket.  Since unp_gc()
dropped the list lock to do the malloc, close might happen after the
mark step but before the collection step, causing collection to not
find the socket and miss one array element.

I believe that the race was there before r216158, but the stated
revision made the window much wider by postponing the close to
taskqueue sometimes.

Only process as much array elements as we find the sockets during
second phase of gc [1].  Take linkage lock and recheck the eligibility
of the socket for gc, as well as call fhold() under the linkage lock.

Reported and tested by:	jmallett
Submitted by:   jmallett [1]
Reviewed by:	rwatson, jeff (possibly)
MFC after:	1 week
2011-02-01 13:33:49 +00:00
..
bus_if.m bus_add_child: add specialized default implementation that calls panic 2010-09-13 08:34:20 +00:00
clock_if.m
cpufreq_if.m
device_if.m
genassym.sh
imgact_aout.c Reorganize syscall entry and leave handling. 2010-05-23 18:32:02 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c Use the same expression to report stack protection mode for AT_STACKEXEC 2011-01-08 18:41:19 +00:00
imgact_gzip.c
imgact_shell.c Fix exec_imgact_shell()'s handling of two error cases: (1) Previously, if 2010-09-21 16:24:51 +00:00
inflate.c
init_main.c - Properly initialize the base priority (td_base_pri) of thread0 to PVM 2011-01-06 22:26:00 +00:00
init_sysent.c Regen 2010-08-30 14:26:02 +00:00
kern_acct.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
kern_alq.c - Rework the underlying ALQ storage to be a circular buffer, which amongst other 2010-04-26 13:48:22 +00:00
kern_clock.c After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
kern_clocksource.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
kern_condvar.c
kern_conf.c Fix race in devfs by using LIST_FIRST() instead of 2010-12-11 08:44:10 +00:00
kern_cons.c Add descriptions to a handful of sysctl nodes. 2010-08-09 14:48:31 +00:00
kern_context.c Move prototypes for kern_sigtimedwait() and kern_sigprocmask() to 2010-06-30 18:03:42 +00:00
kern_cpu.c cpufreq: allocate long-lived buffer for handling of sysctl requests 2010-07-23 16:46:42 +00:00
kern_cpuset.c Use integer for size of cpuset, as it won't be bigger than INT_MAX, 2010-11-01 00:42:25 +00:00
kern_ctf.c
kern_descrip.c Do not trip a KASSERT if /dev/null cannot be opened for a setuid program. 2011-01-28 15:29:35 +00:00
kern_dtrace.c Bump KDTRACE_THREAD_ZERO and use M_ZERO as a malloc flag instead of 2010-08-22 11:09:53 +00:00
kern_environment.c Merge change r198561 from projects/mips to head: 2010-01-10 22:34:18 +00:00
kern_et.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
kern_event.c Defer freeing a kevent list until after dropping kqueue locks. 2010-03-30 18:31:55 +00:00
kern_exec.c Create shared (readonly) page. Each ABI may specify the use of page by 2011-01-08 16:13:44 +00:00
kern_exit.c By using the 32-bit Linux version of Sun's Java Development Kit 1.6 2010-11-22 09:06:59 +00:00
kern_fail.c Initialize fp_location for explicitly managed fail points, and push 2010-12-21 18:23:03 +00:00
kern_fork.c Allow debugger to specify that children of the traced process should be 2011-01-25 10:59:21 +00:00
kern_gzio.c Do not set IO_NODELOCKED while writing to vnodes as our consumers 2010-04-30 03:10:53 +00:00
kern_hhook.c Fix hhook_head_is_virtualised() so that "ret" can't be used uninitialised. 2011-01-11 01:11:07 +00:00
kern_idle.c Split P_NOLOAD into a per-thread flag (TDF_NOLOAD). 2009-11-03 16:46:52 +00:00
kern_intr.c - Retire some unused ithread priorities: PI_TTYHIGH, PI_TAPE, and 2011-01-11 22:15:30 +00:00
kern_jail.c Add macro to test the sv_flags of any process. Change some places to test 2011-01-26 20:03:58 +00:00
kern_khelp.c - Introduce the Hhook (Helper Hook) KPI. The KPI is closely modelled on pfil(9), 2010-12-21 13:45:29 +00:00
kern_kthread.c - Properly initialize the base priority (td_base_pri) of thread0 to PVM 2011-01-06 22:26:00 +00:00
kern_ktr.c Probabilly defaulting to KTR_GEN is not the right decision when KTR_MASK 2010-07-21 10:14:04 +00:00
kern_ktrace.c - When disabling ktracing on a process, free any pending requests that 2010-10-21 19:17:40 +00:00
kern_linker.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:18 +00:00
kern_lock.c Remove unneeded includes of <sys/linker_set.h>. Other headers that use 2011-01-11 13:59:06 +00:00
kern_lockf.c In lf_iteratelocks_vnode, increment state->ls_threads around iterating 2009-06-25 18:54:56 +00:00
kern_lockstat.c Add the OpenSolaris dtrace lockstat provider. The lockstat provider 2009-05-26 20:28:22 +00:00
kern_malloc.c Explicitly wire the user buffer rather than doing it implicitly in 2011-01-27 00:34:12 +00:00
kern_mbuf.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
kern_mib.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
kern_module.c Style fix. 2010-11-22 15:28:54 +00:00
kern_mtxpool.c
kern_mutex.c - Remove <machine/mutex.h>. Most of the headers were empty, and the 2010-11-09 20:46:41 +00:00
kern_ntptime.c Fix up a few more sysctl(9) mis-typing found in various LINT builds. 2011-01-13 18:20:27 +00:00
kern_osd.c Make the rmlock(9) interface a bit more like the rwlock(9) interface: 2009-05-29 10:52:37 +00:00
kern_physio.c Account i/o done on cdevs. 2010-11-25 20:05:11 +00:00
kern_pmc.c
kern_poll.c Rather than fix questionable ifnet list locking in the implementation of 2009-08-15 23:07:43 +00:00
kern_priv.c Add an extra comment to the SDT probes definition. This allows us to get 2010-08-22 11:18:57 +00:00
kern_proc.c Allow debugger to specify that children of the traced process should be 2011-01-25 10:59:21 +00:00
kern_prot.c Revert r210225 - turns out I was wrong; the "/*-" is not license-only 2010-07-18 20:57:53 +00:00
kern_resource.c - Follow r216313, the sched_unlend_user_prio is no longer needed, always 2010-12-29 09:26:46 +00:00
kern_rmlock.c No need to include sys/systm.h twice. 2010-11-16 14:08:21 +00:00
kern_rwlock.c Print the pointer to the lock with the panic message. The previous 2010-03-24 19:21:26 +00:00
kern_sdt.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
kern_sema.c
kern_shutdown.c Mostly revert r203420, and add similar functionality into ada(4) since the 2010-10-24 16:31:57 +00:00
kern_sig.c Allow debugger to specify that children of the traced process should be 2011-01-25 10:59:21 +00:00
kern_switch.c Update several places that iterate over CPUs to use CPU_FOREACH(). 2010-06-11 18:46:34 +00:00
kern_sx.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
kern_synch.c Only change the priority of timeshare threads to PRI_MAX_TIMESHARE 2011-01-06 22:19:15 +00:00
kern_syscalls.c Call chainevh callback when we are invoked with neither MOD_LOAD nor 2010-10-21 20:31:50 +00:00
kern_sysctl.c Explicitly wire the user buffer rather than doing it implicitly in 2011-01-27 00:34:12 +00:00
kern_tc.c Introduce signed and unsigned version of CTLTYPE_QUAD, renaming 2011-01-19 23:00:25 +00:00
kern_thr.c In thr_exit() and kthread_exit(), only remove thread from 2010-10-23 13:16:39 +00:00
kern_thread.c MFp4: 2010-12-09 05:16:20 +00:00
kern_time.c Create a global thread hash table to speed up thread lookup, use 2010-10-09 02:50:23 +00:00
kern_timeout.c Revert r216805. 2011-01-08 18:51:15 +00:00
kern_umtx.c - Follow r216313, the sched_unlend_user_prio is no longer needed, always 2010-12-29 09:26:46 +00:00
kern_uuid.c Rework global locks for interface list and index management, correcting 2009-08-23 20:40:19 +00:00
kern_xxx.c Place hostnames and similar information fully under the prison system. 2009-05-29 21:27:12 +00:00
ksched.c sched_getparam was just plain broke for time-share 2010-03-03 21:46:51 +00:00
link_elf_obj.c Similar to sys/net/vnet.h, define the linker set name for sys/sys/pcpu.h 2010-11-14 20:14:25 +00:00
link_elf.c Whitespace and other aspects of style(9). No functional changes. 2010-11-08 20:57:08 +00:00
linker_if.m strict kobj signatures: linker_if fixes 2009-06-11 17:05:45 +00:00
Make.tags.inc
Makefile Adjust the all target message (but maybe all: sysent is better? 2010-10-02 22:12:41 +00:00
makesyscalls.sh Count number of threads that enter and leave dynamically registered 2010-06-28 18:06:46 +00:00
md4c.c
md5c.c
p1003_1b.c Set various POSIX capability sysctls to the version of the API that is 2010-11-19 17:56:16 +00:00
posix4_mib.c Set various POSIX capability sysctls to the version of the API that is 2010-11-19 17:56:16 +00:00
sched_4bsd.c Rework realtime priority support: 2011-01-14 17:06:54 +00:00
sched_ule.c Rework realtime priority support: 2011-01-14 17:06:54 +00:00
serdev_if.m
stack_protector.c Random number generator initialization cleanup: 2009-10-20 16:36:51 +00:00
subr_acl_nfs4.c Adapt filesystem-independent NFSv4 ACL code (used by UFS, but not by ZFS) 2010-12-13 18:56:04 +00:00
subr_acl_posix1e.c execve(2) has a special check for file permissions: a file must have at 2010-08-30 16:30:18 +00:00
subr_autoconf.c Retire PCONFIG and leave the priority of thread0 alone when waiting for 2011-01-06 22:09:37 +00:00
subr_blist.c
subr_bufring.c Switch to our preferred 2-clause BSD license. 2010-05-05 20:39:02 +00:00
subr_bus.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:18 +00:00
subr_clock.c Improve style and wording of comments and sysctl descriptions [1]. 2011-01-09 14:34:56 +00:00
subr_devstat.c Finish r210923, 210926. Mark some devices as eternal. 2011-01-04 10:59:38 +00:00
subr_disk.c Correct bioq_disksort so that bioq_insert_tail() offers barrier semantic. 2010-09-02 19:40:28 +00:00
subr_eventhandler.c Split eventhandler_register() into an internal part and a wrapper function 2010-03-19 19:51:03 +00:00
subr_fattime.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
subr_firmware.c Bump up the firmware_table from 30 to 50. bwn needs more than 30, it 2010-03-07 22:37:35 +00:00
subr_hash.c Decompose the most lousy named file in sys/kern; kern_subr.c. 2010-02-21 19:53:33 +00:00
subr_hints.c
subr_kdb.c debug.kdb.stop_cpus sysctl: hint that this is also a tunable 2010-09-30 16:47:01 +00:00
subr_kobj.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
subr_lock.c Explicitly wire the user buffer rather than doing it implicitly in 2011-01-27 00:34:12 +00:00
subr_log.c Finish r210923, 210926. Mark some devices as eternal. 2011-01-04 10:59:38 +00:00
subr_mbpool.c
subr_mchain.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
subr_module.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
subr_msgbuf.c
subr_param.c Make MSGBUF_SIZE kernel option a loader tunable kern.msgbufsize. 2011-01-21 10:26:26 +00:00
subr_pcpu.c Remove unneeded includes of <sys/linker_set.h>. Other headers that use 2011-01-11 13:59:06 +00:00
subr_power.c
subr_prf.c Use type-specific inline function imax() instead of deprecated macro MAX(). 2010-07-12 15:32:45 +00:00
subr_prof.c Revert r210225 - turns out I was wrong; the "/*-" is not license-only 2010-07-18 20:57:53 +00:00
subr_rman.c sysctl_rman: report shared resources to devinfo 2009-05-19 14:08:21 +00:00
subr_rtc.c Add the half of time-of-day clock resolution when we adjust system time from 2010-08-12 17:17:05 +00:00
subr_sbuf.c Re-add r212370 now that the LOR in powerpc64 has been resolved: 2010-09-16 16:13:12 +00:00
subr_scanf.c
subr_sglist.c This patch fixes two bugs in sglist(9) and improves robustness of the API via 2009-08-21 02:59:07 +00:00
subr_sleepqueue.c Explicitly wire the user buffer rather than doing it implicitly in 2011-01-27 00:34:12 +00:00
subr_smp.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
subr_stack.c kdb_backtrace: use stack_print_ddb instead of stack_print 2010-09-22 06:45:07 +00:00
subr_taskqueue.c taskqueue: drop unused tq_name field 2010-11-23 14:30:22 +00:00
subr_trap.c Allow debugger to specify that children of the traced process should be 2011-01-25 10:59:21 +00:00
subr_turnstile.c Introduce the new kernel thread called "deadlock resolver". 2010-01-09 01:46:38 +00:00
subr_uio.c Push down the page queues into vm_page_cache(), vm_page_try_to_cache(), and 2010-05-08 20:34:01 +00:00
subr_unit.c Remove redundant high >= 0. 2010-07-09 10:57:55 +00:00
subr_witness.c Explicitly wire the user buffer rather than doing it implicitly in 2011-01-27 00:34:12 +00:00
sys_generic.c For some file types, select code registers two selfd structures. E.g., 2010-08-28 17:42:08 +00:00
sys_pipe.c Introduce and use a new VM interface for temporarily pinning pages. This 2010-12-25 21:26:56 +00:00
sys_process.c Add macro to test the sv_flags of any process. Change some places to test 2011-01-26 20:03:58 +00:00
sys_socket.c Send SIGPIPE to the thread that issued the offending system call 2010-06-29 20:44:19 +00:00
syscalls.c Regen 2010-08-30 14:26:02 +00:00
syscalls.master Make the syscalls reserved for AFS usable by OpenAFS port. 2010-08-30 14:24:44 +00:00
systrace_args.c Regen 2010-08-30 14:26:02 +00:00
sysv_ipc.c Move SysV IPC freebsd32 compat shims helpers from freebsd32_misc.c to 2010-03-19 11:01:51 +00:00
sysv_msg.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:18 +00:00
sysv_sem.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:18 +00:00
sysv_shm.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:18 +00:00
tty_compat.c Make TIOCSTI work again. 2010-01-04 20:59:52 +00:00
tty_info.c Print an extra newline when not at the first column already. 2009-05-17 16:17:48 +00:00
tty_inq.c Remove statistics from the TTY queues. 2010-02-07 15:42:15 +00:00
tty_outq.c Remove statistics from the TTY queues. 2010-02-07 15:42:15 +00:00
tty_pts.c Do not leak master pty or ptmx vnode. 2010-04-08 08:58:18 +00:00
tty_tty.c Finish r210923, 210926. Mark some devices as eternal. 2011-01-04 10:59:38 +00:00
tty_ttydisc.c Print backspaces after echoing an EOF. 2009-10-17 08:59:41 +00:00
tty.c Finish r210923, 210926. Mark some devices as eternal. 2011-01-04 10:59:38 +00:00
uipc_accf.c (S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument. 2009-12-28 22:56:30 +00:00
uipc_cow.c Correct the order of the arguments to vm_fault_quick_hold_pages(). 2010-12-26 01:42:52 +00:00
uipc_debug.c Add missing socket options. 2009-05-26 09:19:21 +00:00
uipc_domain.c When registering a protocol to an existing protocol domain via 2009-08-24 10:03:41 +00:00
uipc_mbuf2.c Use ISO C99 integer types in sys/kern where possible. 2010-06-21 09:55:56 +00:00
uipc_mbuf.c Revert r210225 - turns out I was wrong; the "/*-" is not license-only 2010-07-18 20:57:53 +00:00
uipc_mqueue.c Create a global thread hash table to speed up thread lookup, use 2010-10-09 02:50:23 +00:00
uipc_sem.c Set the POSIX semaphore capability when the semaphore module is enabled. 2010-11-19 17:57:50 +00:00
uipc_shm.c Replace pointer to "struct uidinfo" with pointer to "struct ucred" 2010-12-02 17:37:16 +00:00
uipc_sockbuf.c In sbappendstream_locked() demote all incoming packet mbufs (and 2009-06-22 21:46:40 +00:00
uipc_socket.c This commit implements the SO_USER_COOKIE socket option, which lets 2010-11-12 13:02:26 +00:00
uipc_syscalls.c If more than one thread allocated sf buffers for sendfile(2), and 2011-01-28 17:37:09 +00:00
uipc_usrreq.c The unp_gc() function drops and reaquires lock between scan and 2011-02-01 13:33:49 +00:00
vfs_acl.c The 'acl_cnt' field is unsigned; no point in checking if it's >= 0. 2010-06-03 13:45:27 +00:00
vfs_aio.c Create a global thread hash table to speed up thread lookup, use 2010-10-09 02:50:23 +00:00
vfs_bio.c Remove OBJ_CLEANING flag. The vfs_setdirty_locked_object() is the only 2010-12-29 22:26:49 +00:00
vfs_cache.c Fix some more style(9) issues. 2010-11-14 16:10:15 +00:00
vfs_cluster.c Bumping the read-ahead count once more, to value equivalent to 512 KiB on 2010-08-09 22:56:10 +00:00
vfs_default.c If we read zero bytes from the directory, early out with ENOENT 2010-08-25 18:09:51 +00:00
vfs_export.c Set the prison in NFS anon and GSS SVC creds. 2009-09-28 18:07:16 +00:00
vfs_extattr.c Revert r210225 - turns out I was wrong; the "/*-" is not license-only 2010-07-18 20:57:53 +00:00
vfs_hash.c
vfs_init.c
vfs_lookup.c Add an extra comment to the SDT probes definition. This allows us to get 2010-08-22 11:18:57 +00:00
vfs_mount.c Replace spaces with tabs. 2011-01-24 17:08:26 +00:00
vfs_mountroot.c Make RB_CDROM work. This should probably check for a disc in cd1 and acd1 2011-01-08 19:50:13 +00:00
vfs_subr.c When vtruncbuf() iterates over the vnode buffer list, lock buffer object 2011-01-25 14:04:02 +00:00
vfs_syscalls.c Add an extra comment to the SDT probes definition. This allows us to get 2010-08-22 11:18:57 +00:00
vfs_vnops.c Correct arguments order. 2010-06-26 21:44:45 +00:00
vnode_if.src Add VOP_ADVLOCKPURGE so that the file system is called when purging 2010-05-12 21:24:46 +00:00