diff options
author | davidxu <davidxu@FreeBSD.org> | 2006-10-21 23:59:15 +0000 |
---|---|---|
committer | davidxu <davidxu@FreeBSD.org> | 2006-10-21 23:59:15 +0000 |
commit | df9c81e66591e79ffef395a199aaf592dbcb767f (patch) | |
tree | 2eee58308d72921e49c711f34b362cacc7faa71a /sys | |
parent | 28e979171a910b478a8b7cce9fd4a27c1f9b8ff4 (diff) | |
download | FreeBSD-src-df9c81e66591e79ffef395a199aaf592dbcb767f.zip FreeBSD-src-df9c81e66591e79ffef395a199aaf592dbcb767f.tar.gz |
Since revision 1.333 of kern_sig.c no longer uses P_WEXIT, the change
opened a race window which can cause memory leak in signal queue.
Here we free memory for signal queue when process state is set to
PRS_ZOMBIE.
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_exit.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index 5b937b4..c857413 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -257,8 +257,6 @@ retry: KASSERT(!timevalisset(&p->p_realtimer.it_value), ("realtime timer is still armed")); } - sigqueue_flush(&p->p_sigqueue); - sigqueue_flush(&td->td_sigqueue); PROC_UNLOCK(p); /* @@ -512,6 +510,14 @@ retry: sx_xunlock(&proctree_lock); /* + * The state PRS_ZOMBIE prevents other proesses from sending + * signal to the process, to avoid memory leak, we free memory + * for signal queue at the time when the state is set. + */ + sigqueue_flush(&p->p_sigqueue); + sigqueue_flush(&td->td_sigqueue); + + /* * We have to wait until after acquiring all locks before * changing p_state. We need to avoid all possible context * switches (including ones from blocking on a mutex) while |