On Thu, Apr 26, 2018 at 08:34:08AM +0200, Martin Pieuchot wrote:
> On 25/04/18(Wed) 17:07, Visa Hankala wrote:
> > On Wed, Apr 25, 2018 at 12:12:29PM +0200, Martin Pieuchot wrote:
> > > The goal is to avoid races between fd_getfile() and FREF(). So we want
> > > a properly refcounted 'struct file *' as soon as possible.
> >
> > Boot hangs with this patch. The last line on the console is
> > "setting tty flags".
> >
> > Two issues spotted so far:
> >
> > > @@ -201,9 +202,10 @@ fd_getfile_mode(struct filedesc *fdp, in
> > > KASSERT(mode != 0);
> > >
> > > fp = fd_getfile(fdp, fd);
> > > -
> > > - if (fp == NULL || (fp->f_flag & mode) == 0)
> > > + if (fp == NULL || (fp->f_flag & mode) == 0) {
> > > + FRELE(fp, curproc);
> > > return (NULL);
> > > + }
> > >
> > > return (fp);
> > > }
> >
> > * The FRELE() above can dereference a NULL pointer.
> >
> > * sys_close() lacks an FRELE().
>
> Thanks, updated diff below.
OK visa@
