The file being closed is (fdp->fd_lastfile - i), not i. So compare
(fdp->fd_lastfile - i) against fd_knlistsize. Otherwise we can call knote_fdclose() on a file descriptor that doesn't have a knote. This issue explains random panics I have had on process exit over the past few years.
This commit is contained in:
parent
b25ecfbe53
commit
6336cd3696
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: kern_descrip.c,v 1.131 2005/02/26 21:34:55 perry Exp $ */
|
||||
/* $NetBSD: kern_descrip.c,v 1.132 2005/05/20 16:13:00 wrstuden Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1982, 1986, 1989, 1991, 1993
|
||||
|
@ -37,7 +37,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.131 2005/02/26 21:34:55 perry Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.132 2005/05/20 16:13:00 wrstuden Exp $");
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/systm.h>
|
||||
|
@ -1285,7 +1285,7 @@ fdfree(struct proc *p)
|
|||
*fpp = NULL;
|
||||
simple_lock(&fp->f_slock);
|
||||
FILE_USE(fp);
|
||||
if (i < fdp->fd_knlistsize)
|
||||
if ((fdp->fd_lastfile - i) < fdp->fd_knlistsize)
|
||||
knote_fdclose(p, fdp->fd_lastfile - i);
|
||||
(void) closef(fp, p);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue