freebsd-skq/sys
kib d690434e20 The unp_gc() function drops and reaquires lock between scan and
collect phases.  The unp_discard() function executes
unp_externalize_fp(), which might make the socket eligible for gc-ing,
and then, later, taskqueue will close the socket.  Since unp_gc()
dropped the list lock to do the malloc, close might happen after the
mark step but before the collection step, causing collection to not
find the socket and miss one array element.

I believe that the race was there before r216158, but the stated
revision made the window much wider by postponing the close to
taskqueue sometimes.

Only process as much array elements as we find the sockets during
second phase of gc [1].  Take linkage lock and recheck the eligibility
of the socket for gc, as well as call fhold() under the linkage lock.

Reported and tested by:	jmallett
Submitted by:   jmallett [1]
Reviewed by:	rwatson, jeff (possibly)
MFC after:	1 week
2011-02-01 13:33:49 +00:00
..
amd64 Regen for r218101. 2011-01-30 20:38:26 +00:00
arm Introduce macro FDT_MAP_IRQ to map from an interrupt controller and 2011-01-29 20:25:20 +00:00
boot Add kern.msgbufsize default setting to /boot/defaults/loader.conf. 2011-01-21 12:15:21 +00:00
bsm
cam In addition to r217444 ignore also ATA status errors on DMA Auto-Activation 2011-01-26 06:57:48 +00:00
cddl CDDL fixes for MIPS n32. 2011-01-28 06:12:59 +00:00
compat Yet another unimplemented futex operation, print out about. 2011-01-31 06:06:23 +00:00
conf Include some preliminary TX HT rate scenario setup code. 2011-02-01 08:03:01 +00:00
contrib Correct bogus initialization. It should be noted that this change 2011-01-14 04:24:53 +00:00
crypto Remove DEBUG sections. 2010-11-27 15:41:44 +00:00
ddb sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
dev Use correct kernel types for all fields in USB PF code and headers. 2011-02-01 10:25:48 +00:00
fs Quick fix to a comment. 2011-01-27 03:32:16 +00:00
gdb there must be only one SYSINIT with SI_SUB_RUN_SCHEDULER+SI_ORDER_ANY order 2010-09-30 17:05:23 +00:00
geom Add new user-friendly aliases for partition types for the MBR and 2011-01-28 11:13:01 +00:00
gnu Remove prtactive variable and related printf()s in the vop_inactive 2010-11-19 21:17:34 +00:00
i386 Regen for r218101. 2011-01-30 20:38:26 +00:00
ia64 Make MSGBUF_SIZE kernel option a loader tunable kern.msgbufsize. 2011-01-21 10:26:26 +00:00
isa bus_add_child: change type of order parameter to u_int 2010-09-10 11:19:03 +00:00
kern The unp_gc() function drops and reaquires lock between scan and 2011-02-01 13:33:49 +00:00
kgssapi
libkern Add support for asterisk characters when filling in the GELI password 2010-11-14 14:12:43 +00:00
mips Implement sf_buf using direct map (XKPHYS) in MIPS n64. 2011-01-27 14:49:22 +00:00
modules Include some preliminary TX HT rate scenario setup code. 2011-02-01 08:03:01 +00:00
net Fix a LOR by dropping the global ifnet locks while allocating a new ifnet 2011-01-24 22:21:58 +00:00
net80211 Instead of always returning 0 to a scan request, indicate if there is 2011-01-30 14:05:21 +00:00
netatalk
netgraph sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:53:39 +00:00
netinet Algorithm modules can define their own private congestion signal types in the 2011-02-01 13:32:27 +00:00
netinet6 Improve plausibility check in sctp_handle_sack(). 2010-12-22 17:59:38 +00:00
netipsec After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
netipx
netnatm
netncp
netsmb Change some variables from int to size_t. This is more accurate since 2011-01-08 23:06:54 +00:00
nfs Modify the experimental NFSv4 server so that it posts a SIGUSR2 2011-01-14 23:30:35 +00:00
nfsclient Fix the nlm so that it no longer depends on the regular 2011-01-03 20:37:31 +00:00
nfsserver ZFS might not return monotonically increasing directory offset cookies, 2010-12-28 21:12:15 +00:00
nlm sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
opencrypto Let cryptosoft(4) add its pseudo-device with a specific unit number and its 2010-11-14 13:09:32 +00:00
pc98 Make MSGBUF_SIZE kernel option a loader tunable kern.msgbufsize. 2011-01-21 10:26:26 +00:00
pci Add support for RTL8105E PCIe Fast Ethernet controller. It seems 2011-01-26 21:14:20 +00:00
powerpc Fix boot on SMP systems after r218075 by delaying CPU binding until a 2011-01-29 23:26:28 +00:00
rpc sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:19 +00:00
security sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:14 +00:00
sparc64 Make MSGBUF_SIZE kernel option a loader tunable kern.msgbufsize. 2011-01-21 10:26:26 +00:00
sun4v Make MSGBUF_SIZE kernel option a loader tunable kern.msgbufsize. 2011-01-21 10:26:26 +00:00
sys Add new user-friendly aliases for partition types for the MBR and 2011-01-28 11:13:01 +00:00
teken Use proper bounds checking on VPA. 2010-12-05 10:15:23 +00:00
tools Add an extra comment to the SDT probes definition. This allows us to get 2010-08-22 11:18:57 +00:00
ufs Embed a quota error message (C string) into uprintf() fmt. 2011-01-13 16:29:27 +00:00
vm Release the free page queues lock earlier in vm_page_alloc(). 2011-01-30 23:55:48 +00:00
x86 Introduce signed and unsigned version of CTLTYPE_QUAD, renaming 2011-01-19 23:00:25 +00:00
xdr
xen Fix a few more SYSCTL_PROC() that were missing a CTLFLAG type specifier. 2011-01-19 00:57:58 +00:00
Makefile Add lex and yacc sources to things cscope'd. 2010-11-21 03:58:11 +00:00