From owner-cvs-all@FreeBSD.ORG Fri Jan 25 09:34:31 2008 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: by hub.freebsd.org (Postfix, from userid 1033) id EEE8E16A419; Fri, 25 Jan 2008 09:34:31 +0000 (UTC) Date: Fri, 25 Jan 2008 09:34:31 +0000 From: Alexey Dokuchaev To: Jean-Sebastien Pedron Message-ID: <20080125093431.GA26126@FreeBSD.org> References: <200801241710.m0OHAJCG083388@repoman.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <200801241710.m0OHAJCG083388@repoman.freebsd.org> User-Agent: Mutt/1.4.2.1i Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/sys event.h src/sys/kern vfs_aio.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2008 09:34:32 -0000 On Thu, Jan 24, 2008 at 05:10:19PM +0000, Jean-Sebastien Pedron wrote: > dumbbell 2008-01-24 17:10:19 UTC > > FreeBSD src repository > > Modified files: > sys/sys event.h > sys/kern vfs_aio.c > Log: > When asked to use kqueue, AIO stores its internal state in the > `kn_sdata' member of the newly registered knote. The problem is that > this member is overwritten by a call to kevent(2) with the EV_ADD flag, > targetted at the same kevent/knote. For instance, a userland application > may set the pointer to NULL, leading to a panic. > > A testcase was provided by the submitter. Given we have a test case, should it be put in our regression suit? ./danfe