Date: Thu, 11 Dec 2008 13:55:32 +0000 From: Doug Rabson <dfr@rabson.org> To: Paul Saab <ps@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r185902 - head/sys/boot/zfs Message-ID: <25FCC66F-902B-49AF-9B9C-07AE3446B13B@rabson.org> In-Reply-To: <200812110223.mBB2NnjW049843@svn.freebsd.org> References: <200812110223.mBB2NnjW049843@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11 Dec 2008, at 02:23, Paul Saab wrote: > Author: ps > Date: Thu Dec 11 02:23:49 2008 > New Revision: 185902 > URL: http://svn.freebsd.org/changeset/base/185902 > > Log: > Avoid a double free in devopen by not freeing the device structure > in zfs_dev_open. This stops a panic in the loader when trying to > read from a zfs device and no zfs devices exist. > > Modified: > head/sys/boot/zfs/zfs.c > > Modified: head/sys/boot/zfs/zfs.c > = > = > = > = > = > = > = > = > ====================================================================== > --- head/sys/boot/zfs/zfs.c Thu Dec 11 01:41:38 2008 (r185901) > +++ head/sys/boot/zfs/zfs.c Thu Dec 11 02:23:49 2008 (r185902) > @@ -474,7 +474,6 @@ zfs_dev_open(struct open_file *f, ...) > * the pool. > */ > unit = dev->d_unit; > - free(dev); > > i = 0; > STAILQ_FOREACH(spa, &zfs_pools, spa_link) { Doesn't this introduce a memory leak in the case where there is a ZFS pool? In that case, zfs_dev_open replaces f->f_devdata with a reference to the pool structure. Probably a better fix would be to move the free(dev) to just before the 'return (0)' statement.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?25FCC66F-902B-49AF-9B9C-07AE3446B13B>