[Bug 293382] Dead lock and kernel crash around closefp_impl
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 293382] Dead lock and kernel crash around closefp_impl"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 10 Apr 2026 07:53:48 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=293382
--- Comment #52 from Paul <devgs@ukr.net> ---
(In reply to Konstantin Belousov from comment #50)
Hi,
Thanks for the patch. Though, could't help but also include the assert implied
by Kyle. It should't hurt to have an extra check, I hope. This is the final
patch that we've applied to the current HEAD:
diff --git a/sys/kern/kern_event.c b/sys/kern/kern_event.c
index 01731ca46b6b..38b67d81dff2 100644
--- a/sys/kern/kern_event.c
+++ b/sys/kern/kern_event.c
@@ -2037,8 +2037,13 @@ kqueue_expand(struct kqueue *kq, const struct filterops
*fops, uintptr_t ident,
to_free = list;
} else {
if (kq->kq_knlist != NULL) {
- bcopy(kq->kq_knlist, list,
- kq->kq_knlistsize * sizeof(*list));
+ volatile char *src, *dst;
+ src = (void *)kq->kq_knlist;
+ dst = (void *)list;
+ for (size_t i = 0;
+ i < kq->kq_knlistsize *
sizeof(*list);
+ i++)
+ dst[i] = src[i];
to_free = kq->kq_knlist;
kq->kq_knlist = NULL;
}
@@ -2953,8 +2958,9 @@ knote_drop_detached(struct knote *kn, struct thread *td)
else
list = &kq->kq_knhash[KN_HASH(kn->kn_id, kq->kq_knhashmask)];
- if (!SLIST_EMPTY(list))
- SLIST_REMOVE(list, kn, knote, kn_link);
+ KASSERT(!SLIST_EMPTY(list),
+ ("knote %p is not on the list of %lu", kn, kn->kn_id));
+ SLIST_REMOVE(list, kn, knote, kn_link);
if (kn->kn_status & KN_QUEUED)
knote_dequeue(kn);
KQ_UNLOCK_FLUX(kq);
--
You are receiving this mail because:
You are the assignee for the bug.