Date: Wed, 29 Apr 2015 13:11:04 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: Scott Long <scott4long@yahoo.com> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r282227 - head/sys/cam/scsi Message-ID: <55411EB8.9020800@FreeBSD.org> In-Reply-To: <8FE78308-75E2-4161-9EC8-3B0823EEBE7E@yahoo.com> References: <201504291546.t3TFkwwU073637@svn.freebsd.org> <8FE78308-75E2-4161-9EC8-3B0823EEBE7E@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for finding .. and reverting (I was AFK). I'll document this in Bugzilla and Coverity. Pedro. On 04/29/15 11:48, Scott Long wrote: > This commit is broken, please revert: > > Fatal trap 12: page fault while in kernel mode > cpuid = 0; apic id = 00 > fault virtual address = 0x21000002d8 > fault code = supervisor read data, page not present > instruction pointer = 0x20:0xffffffff802fd074 > stack pointer = 0x28:0xfffffe100678f960 > frame pointer = 0x28:0xfffffe100678f9e0 > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags = interrupt enabled, resume, IOPL = 0 > current process = 2 (doneq0) > [ thread pid 2 tid 100025 ] > Stopped at scsi_scan_bus+0x54: movq 0x58(%rax),%rdi > db> bt > Tracing pid 2 tid 100025 td 0xfffff8000d3ac940 > scsi_scan_bus() at scsi_scan_bus+0x54/frame 0xfffffe100678f9e0 > xpt_done_process() at xpt_done_process+0x521/frame 0xfffffe100678fa20 > xpt_done_td() at xpt_done_td+0xf6/frame 0xfffffe100678fa70 > fork_exit() at fork_exit+0x71/frame 0xfffffe100678fab0 > fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe100678fab0 > --- trap 0, rip = 0, rsp = 0xfffffe100678fb70, rbp = 0 --- > db> > > >> On Apr 29, 2015, at 9:46 AM, Pedro F. Giffuni <pfg@FreeBSD.org> wrote: >> >> Author: pfg >> Date: Wed Apr 29 15:46:57 2015 >> New Revision: 282227 >> URL: https://svnweb.freebsd.org/changeset/base/282227 >> >> Log: >> Fix memory leak in scsi_scan_bus() >> >> CID: 1007770 >> PR: 199671 >> >> Modified: >> head/sys/cam/scsi/scsi_xpt.c >> >> Modified: head/sys/cam/scsi/scsi_xpt.c >> ============================================================================== >> --- head/sys/cam/scsi/scsi_xpt.c Wed Apr 29 15:41:19 2015 (r282226) >> +++ head/sys/cam/scsi/scsi_xpt.c Wed Apr 29 15:46:57 2015 (r282227) >> @@ -2008,6 +2008,7 @@ scsi_scan_bus(struct cam_periph *periph, >> " with status %#x, bus scan halted\n", >> status); >> free(scan_info, M_CAMXPT); >> + scan_info = NULL; >> request_ccb->ccb_h.status = status; >> xpt_free_ccb(work_ccb); >> xpt_done(request_ccb); >> @@ -2017,6 +2018,7 @@ scsi_scan_bus(struct cam_periph *periph, >> if (work_ccb == NULL) { >> xpt_free_ccb((union ccb *)scan_info->cpi); >> free(scan_info, M_CAMXPT); >> + scan_info = NULL; >> xpt_free_path(path); >> request_ccb->ccb_h.status = CAM_RESRC_UNAVAIL; >> xpt_done(request_ccb); >> @@ -2032,6 +2034,7 @@ scsi_scan_bus(struct cam_periph *periph, >> xpt_action(work_ccb); >> } >> >> + free(scan_info, M_CAMXPT); >> mtx_lock(mtx); >> break; >> } >>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55411EB8.9020800>