From owner-freebsd-fs@FreeBSD.ORG  Mon Mar 22 00:20:04 2010
Return-Path: <owner-freebsd-fs@FreeBSD.ORG>
Delivered-To: freebsd-fs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 56ADC106564A
	for <freebsd-fs@hub.freebsd.org>; Mon, 22 Mar 2010 00:20:04 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 46BF68FC15
	for <freebsd-fs@hub.freebsd.org>; Mon, 22 Mar 2010 00:20:04 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o2M0K4W2025880
	for <freebsd-fs@freefall.freebsd.org>; Mon, 22 Mar 2010 00:20:04 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o2M0K4Wd025879;
	Mon, 22 Mar 2010 00:20:04 GMT (envelope-from gnats)
Date: Mon, 22 Mar 2010 00:20:04 GMT
Message-Id: <201003220020.o2M0K4Wd025879@freefall.freebsd.org>
To: freebsd-fs@FreeBSD.org
From: Rick Macklem <rmacklem@uoguelph.ca>
Cc: 
Subject: Re: kern/144330: [nfs] mbuf leakage in nfsd with zfs
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Rick Macklem <rmacklem@uoguelph.ca>
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Mar 2010 00:20:04 -0000

The following reply was made to PR kern/144330; it has been noted by GNATS.

From: Rick Macklem <rmacklem@uoguelph.ca>
To: Mikolaj Golub <to.my.trociny@gmail.com>
Cc: Jeremy Chadwick <freebsd@jdc.parodius.com>, freebsd-fs@FreeBSD.org,
        Kai Kockro <kkockro@web.de>, bug-followup@FreeBSD.org,
        gerrit@pmp.uni-hannover.de, danny@cs.huji.ac.il
Subject: Re: kern/144330: [nfs] mbuf leakage in nfsd with zfs
Date: Sun, 21 Mar 2010 20:23:02 -0400 (EDT)

 On Sun, 21 Mar 2010, Mikolaj Golub wrote:
 
 >
 > Reviewing rpc/svc.c:svc_getreq() it looks for me that for RS_DONE case args
 > are nevere freed. Shouldn't it be like in the attached patch?
 >
 Oops, I meant to ask Daniel Braniss (not Jeremy) w.r.t testing the patch,
 since he can easily reproduce the problem. Of course, I'd appreciate
 anyone who can test it to do so and let us know how it goes.
 
 Daniel, here's the patch just in case you didn't see Mikolaj's email.
 
 rick
 Mikolaj's patch:
 --- sys/rpc/svc.c.orig	2010-03-21 10:17:20.000000000 +0200
 +++ sys/rpc/svc.c	2010-03-21 10:20:05.000000000 +0200
 @@ -819,6 +819,7 @@ svc_getreq(SVCXPRT *xprt, struct svc_req
   					free(r->rq_addr, M_SONAME);
   					r->rq_addr = NULL;
   				}
 +				m_freem(args);
   				goto call_done;
 
   			default: