Index: lib/libc/sys/poll.2 =================================================================== --- lib/libc/sys/poll.2 +++ lib/libc/sys/poll.2 @@ -28,7 +28,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd November 13, 2014 +.Dd October 23, 2018 .Dt POLL 2 .Os .Sh NAME @@ -232,7 +232,15 @@ A signal was delivered before the time limit expired and before any of the selected events occurred. .It Bq Er EINVAL -The specified time limit is invalid. One of its components is negative or too large. +The specified time limit is invalid. +One of its components is negative or too large. +.It Bq Er EINVAL +The number of pollfd structures specified by +.Fa nfds +exceeds the system tunable +.Va kern.maxfilesperproc +(and on systems where that tunable is set very low, exceeds +.Dv FD_SETSIZE ) . .El .Sh SEE ALSO .Xr accept 2 , Index: sys/kern/sys_generic.c =================================================================== --- sys/kern/sys_generic.c +++ sys/kern/sys_generic.c @@ -1339,6 +1339,13 @@ } else sbt = -1; + /* + * This is kinda bogus. We have fd limits, but that is not + * really related to the size of the pollfd array. Make sure + * we let the process use at least FD_SETSIZE entries and at + * least enough for the system-wide limits. We want to be reasonably + * safe, but not overly restrictive. + */ if (nfds > maxfilesperproc && nfds > FD_SETSIZE) return (EINVAL); if (nfds > nitems(stackfds))