CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	markj <markj@FreeBSD.org>
	Tue, 19 Feb 2019 15:46:43 +0000 (15:46 +0000)
committer	markj <markj@FreeBSD.org>
	Tue, 19 Feb 2019 15:46:43 +0000 (15:46 +0000)
commit	60e27aa8fbb29e4d77dbff39fd79683ca6b372a1
tree	0914d52498d780a8f0f146c563ed31d3d6ca0af2	tree \| snapshot
parent	a15d207376838a6453c9639abbf7c2d1883709fd	commit \| diff

Move a racy assertion in filt_pipewrite().

EVFILT_WRITE knotes for pipes live on the knlist for the other end of the
pipe.  Since they do not hold a reference on the corresponding file
structure, they may be removed from the knlist by pipeclose() while still
remaining active.  In this case, there is no knlist lock acquired before
filt_pipewrite() is called, so the assertion fails.

Fix the problem by first checking whether that end of the pipe has been
closed.  These checks are memory safe since the knote holds a reference
on one end of the pipe, and the pipe structure is not freed until both
ends are closed.  The checks are not racy since PIPE_EOF is never cleared
after being set, and pipe_present is never set back to PIPE_ACTIVE after
pipeclose() has been called.

PR: 235640
Reported and tested by: pho
Reviewed by: kib
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19224