[src/kqueue]: src/sys/kern Make sure knote is detached from watched process w...

[jdolecek <jdolecek%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/29d33ea559b8
branches:  kqueue
changeset: 512460:29d33ea559b8
user:      jdolecek <jdolecek%NetBSD.org@localhost>
date:      Tue Apr 09 06:23:47 2002 +0000

description:
Make sure knote is detached from watched process when it exits, to avoid
using already-freed memory under some circumstancies.

(this bug was not NetBSD specific)

diffstat:

 sys/kern/kern_event.c |  14 +++++++++++++-
 1 files changed, 13 insertions(+), 1 deletions(-)

diffs (29 lines):

diff -r a611e0192163 -r 29d33ea559b8 sys/kern/kern_event.c
--- a/sys/kern/kern_event.c     Tue Apr 09 06:19:51 2002 +0000
+++ b/sys/kern/kern_event.c     Tue Apr 09 06:23:47 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_event.c,v 1.1.1.1.2.12 2002/04/09 06:19:52 jdolecek Exp $ */
+/*     $NetBSD: kern_event.c,v 1.1.1.1.2.13 2002/04/09 06:23:47 jdolecek Exp $ */
 /*-
  * Copyright (c) 1999,2000,2001 Jonathan Lemon <jlemon%FreeBSD.org@localhost>
  * All rights reserved.
@@ -424,7 +424,19 @@
         * process is gone, so flag the event as finished.
         */
        if (event == NOTE_EXIT) {
+               /*
+                * Detach the knote from watched process and mark
+                * it as such. We can't leave this to kqueue_scan(),
+                * since the process might not exist by then. And we
+                * have to do this now, since psignal KNOTE() is called
+                * also for zombies and we might end up reading freed
+                * memory if the kevent would already be picked up
+                * and knote g/c'ed. 
+                */
+               kn->kn_fop->f_detach(kn);
                kn->kn_status |= KN_DETACHED;
+
+               /* Mark as ONESHOT, so that the knote it g/c'ed when read */
                kn->kn_flags |= (EV_EOF | EV_ONESHOT); 
                return (1);
        }