Remove all knotes from a file descriptor before closing the file in

fdfree(). This fixes a resource leak with cyclic kqueue references and
prevents a kernel stack exhaustion scenario with long kqueue chains.

OK mpi@

diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index a36a22f..f998b9c 100644 (file)
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_descrip.c,v 1.181 2018/08/21 13:50:31 visa Exp $ */
+/*     $OpenBSD: kern_descrip.c,v 1.182 2018/08/24 12:45:27 visa Exp $ */
 /*     $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $       */
 
 /*
@@ -1169,6 +1169,7 @@ fdfree(struct proc *p)
                fp = fdp->fd_ofiles[fd];
                if (fp != NULL) {
                        fdp->fd_ofiles[fd] = NULL;
+                       knote_fdclose(p, fd);
                         /* closef() expects a refcount of 2 */
                        FREF(fp);
                        (void) closef(fp, p);