luo980/libuv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

unix: fix processing process handles queue

Browse Source 
Make sure we initialize it after the handle was removed from the pending
queue so that QUEUE_REMOVE doesn't do an invalid write when the process
is closed.

Valgrind output:

==4362== Invalid write of size 8
==4362==    at 0x407DB8: uv__process_close (process.c:515)
==4362==    by 0x404F94: uv_close (core.c:138)
==4362==    by 0x4037C5: main (invalid_write.c:33)
==4362==  Address 0xffeffc820 is not stack'd, malloc'd or (recently) free'd
==4362==
==4362== Invalid write of size 8
==4362==    at 0x407DC3: uv__process_close (process.c:515)
==4362==    by 0x404F94: uv_close (core.c:138)
==4362==    by 0x4037C5: main (invalid_write.c:33)
==4362==  Address 0xffeffc828 is not stack'd, malloc'd or (recently) free'd

Refs: joyent/libuv/issues/1584
This commit is contained in:
Saúl Ibarra Corretgé 2014-11-26 11:07:24 +01:00
parent 06b78e1ead
commit c0ea37cf30
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/unix/process.c
View File

@ -85,9 +85,14 @@ static void uv__chld(uv_signal_t* handle, int signum) {
QUEUE_INSERT_TAIL(&pending, &process->queue);
}
QUEUE_FOREACH(q, &pending) {
h = &pending;
q = QUEUE_HEAD(h);
while (q != h) {
process = QUEUE_DATA(q, uv_process_t, queue);
QUEUE_REMOVE(q);
q = QUEUE_NEXT(q);
QUEUE_REMOVE(&process->queue);
QUEUE_INIT(&process->queue);
uv__handle_stop(process);
if (process->exit_cb == NULL)