Author: pjd
Date: Sun Dec 16 14:53:27 2012
New Revision: 244296
URL: http://svnweb.freebsd.org/changeset/base/244296
Log:
Move expand_name() after process lock is released.
This fixed panic where we hold mutex (process lock) and try to obtain
sleepable
lock (vnode lock in expand_name()). The panic could occur when %I was used
in kern.corefile.
Additionally we avoid expand_name() overhead when coredumps are disabled.
Obtained from: WHEEL Systems
Modified:
head/sys/kern/kern_sig.c
Modified: head/sys/kern/kern_sig.c
==============================================================================
--- head/sys/kern/kern_sig.c Sun Dec 16 14:37:25 2012 (r244295)
+++ head/sys/kern/kern_sig.c Sun Dec 16 14:53:27 2012 (r244296)
@@ -3210,14 +3210,8 @@ coredump(struct thread *td)
MPASS((p->p_flag & P_HADTHREADS) == 0 || p->p_singlethread == td);
_STOPEVENT(p, S_CORE, 0);
- name = expand_name(p->p_comm, cred->cr_uid, p->p_pid, td, compress);
- if (name == NULL) {
- PROC_UNLOCK(p);
- return (EINVAL);
- }
if (!do_coredump || (!sugid_coredump && (p->p_flag & P_SUGID) != 0)) {
PROC_UNLOCK(p);
- free(name, M_TEMP);
return (EFAULT);
}
@@ -3232,11 +3226,14 @@ coredump(struct thread *td)
limit = (off_t)lim_cur(p, RLIMIT_CORE);
if (limit == 0 || racct_get_available(p, RACCT_CORE) == 0) {
PROC_UNLOCK(p);
- free(name, M_TEMP);
return (EFBIG);
}
PROC_UNLOCK(p);
+ name = expand_name(p->p_comm, cred->cr_uid, p->p_pid, td, compress);
+ if (name == NULL)
+ return (EINVAL);
+
restart:
NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, td);
flags = O_CREAT | FWRITE | O_NOFOLLOW;
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
