Skip to content

Commit

Permalink
When detaching common remote coverage, do not clear any fields. Instead,
Browse files Browse the repository at this point in the history 
let kr_free() do the work. Otherwise a thread currently inside a remote
section could end up not decrementing the number of ongoing sections
while exiting the same remote section.

Reported-by: syzbot+1252e696865efc29b767@syzkaller.appspotmail.com
  • Loading branch information
anton committed Aug 14, 2020
1 parent 85c3111 commit 2fa3abd
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions sys/dev/kcov.c
View file
@@ -1,4 +1,4 @@
/* $OpenBSD: kcov.c,v 1.22 2020/08/01 08:40:20 anton Exp $ */
/* $OpenBSD: kcov.c,v 1.23 2020/08/14 11:51:07 anton Exp $ */

/*
* Copyright (c) 2018 Anton Lindqvist <anton@openbsd.org>
Expand Down Expand Up @@ -643,11 +643,13 @@ kcov_remote_detach(struct kcov_dev *kd, struct kcov_remote *kr)
{
mtx_enter(&kr_mtx);
KASSERT(kd == kr->kr_kd);
kd->kd_kr = NULL;
kr->kr_kd = NULL;
kr->kr_state = KCOV_STATE_NONE;
if (kr->kr_subsystem == KCOV_REMOTE_COMMON)
if (kr->kr_subsystem == KCOV_REMOTE_COMMON) {
kr_free(kr);
} else {
kr->kr_state = KCOV_STATE_NONE;
kd->kd_kr = NULL;
kr->kr_kd = NULL;
}
mtx_leave(&kr_mtx);
}

Expand Down

0 comments on commit 2fa3abd

Please sign in to comment.