Date: Mon, 13 Jan 2020 20:57:53 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 242913] Immediate page fault panic caused by executing firefox via ssh Message-ID: <bug-242913-227-NfAaQb3j3z@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-242913-227@https.bugs.freebsd.org/bugzilla/> References: <bug-242913-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242913 Mark Johnston <markj@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |markj@FreeBSD.org --- Comment #1 from Mark Johnston <markj@FreeBSD.org> --- The linuxkpi file close function doesn't handle a null thread argument. As noted in e.g., closef() and devfs_close_f(), the unix domain socket code passes a null thread pointer to fo_close, so linux_file_close() should try to handle it. I think using curthread is fine in this case. diff --git a/sys/compat/linuxkpi/common/src/linux_compat.c b/sys/compat/linuxkpi/common/src/linux_compat.c index 614148ae212e..7a4c0986bb08 100644 --- a/sys/compat/linuxkpi/common/src/linux_compat.c +++ b/sys/compat/linuxkpi/common/src/linux_compat.c @@ -1498,6 +1498,8 @@ linux_file_close(struct file *file, struct thread *td) KASSERT(file_count(filp) == 0, ("File refcount(%d) is not zero", file_count(filp))); + if (td == NULL) + td = curthread; error = 0; filp->f_flags = file->f_flag; linux_set_current(td); -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-242913-227-NfAaQb3j3z>