site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Thanks for investigating the bug. -- Terry /* @@@@@@@@@@@@@@@@@@@*/ #include <stdio.h> #include <stdlib.h> #include <sys/types.h> #include <sys/event.h> int main (int argc, char **argv) { int kq; struct kevent ke; if (argc < 1) return -1; if ((kq = kqueue ()) < 0) { fprintf (stderr, "kqueue creation error\n"); return -1; } if (kevent(kq, &ke, 1, NULL, 0, NULL) < 0) { fprintf (stderr, "kevent set error\n"); return -1; } while (1) { memset(&ke, 0, sizeof(struct kevent)); if (kevent(kq, NULL, 0, &ke, 1, NULL) < 0) { fprintf (stderr, "kevent get error\n"); return -1; } if (ke.fflags & NOTE_FORK) printf("%d forked\n", ke.ident); if (ke.fflags & NOTE_CHILD) printf("child of %d is %d\n", ke.data, ke.ident); if (ke.fflags & NOTE_TRACKERR) printf("NOTE_TRACK error\n"); } return 0; } /* @@@@@@@@@@@@@@@@@@@*/ LOCATION OF BUG: Whoever re-organized the kqueue/kevent code, please fix it. Thanks, Lakshmipathy This email sent to tlambert@apple.com _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... You should file a bug report (http://bugreporter.apple.com). As Justin usually points out, this list isn't an official (or even an unofficial) channel for reporting bugs to Apple. On Jul 26, 2005, at 10:46 AM, B. S. N. Lakshmipathy wrote: Hi all, The kernel released with 10.4.* (Tiger) has a serious bug. The following user program causes kernel panic. EV_SET (&ke, atoi (argv[1]), EVFILT_PROC, EV_ADD, NOTE_FORK | NOTE_TRACK, 0, NULL); The problem is with the NULL pointer reference in fp_lookup() in bsd/kern/kern_descrip.c. The function call sequence is fork() -> fork1 () -> knote () -> filt_proc () -> kevent_register () -> fp_lookup (). filt_proc () calls kevent_register () with NULL as third argument. (kern_event.c:501), which is referenced in fp_lookup () without check for NULL. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/tlambert% 40apple.com This email sent to site_archiver@lists.apple.com