From owner-svn-src-all@FreeBSD.ORG Thu Dec 11 13:55:37 2008 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0EE151065673; Thu, 11 Dec 2008 13:55:37 +0000 (UTC) (envelope-from dfr@rabson.org) Received: from itchy.rabson.org (unknown [IPv6:2002:50b1:e8f2:1::143]) by mx1.freebsd.org (Postfix) with ESMTP id B9B028FC21; Thu, 11 Dec 2008 13:55:36 +0000 (UTC) (envelope-from dfr@rabson.org) Received: from [IPv6:2001:470:909f:1:21b:63ff:feb8:5abc] (unknown [IPv6:2001:470:909f:1:21b:63ff:feb8:5abc]) by itchy.rabson.org (Postfix) with ESMTP id 670E73FA9; Thu, 11 Dec 2008 13:55:08 +0000 (GMT) Message-Id: <25FCC66F-902B-49AF-9B9C-07AE3446B13B@rabson.org> From: Doug Rabson To: Paul Saab In-Reply-To: <200812110223.mBB2NnjW049843@svn.freebsd.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v929.2) Date: Thu, 11 Dec 2008 13:55:32 +0000 References: <200812110223.mBB2NnjW049843@svn.freebsd.org> X-Mailer: Apple Mail (2.929.2) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r185902 - head/sys/boot/zfs X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Dec 2008 13:55:37 -0000 On 11 Dec 2008, at 02:23, Paul Saab wrote: > Author: ps > Date: Thu Dec 11 02:23:49 2008 > New Revision: 185902 > URL: http://svn.freebsd.org/changeset/base/185902 > > Log: > Avoid a double free in devopen by not freeing the device structure > in zfs_dev_open. This stops a panic in the loader when trying to > read from a zfs device and no zfs devices exist. > > Modified: > head/sys/boot/zfs/zfs.c > > Modified: head/sys/boot/zfs/zfs.c > = > = > = > = > = > = > = > = > ====================================================================== > --- head/sys/boot/zfs/zfs.c Thu Dec 11 01:41:38 2008 (r185901) > +++ head/sys/boot/zfs/zfs.c Thu Dec 11 02:23:49 2008 (r185902) > @@ -474,7 +474,6 @@ zfs_dev_open(struct open_file *f, ...) > * the pool. > */ > unit = dev->d_unit; > - free(dev); > > i = 0; > STAILQ_FOREACH(spa, &zfs_pools, spa_link) { Doesn't this introduce a memory leak in the case where there is a ZFS pool? In that case, zfs_dev_open replaces f->f_devdata with a reference to the pool structure. Probably a better fix would be to move the free(dev) to just before the 'return (0)' statement.