Date: Mon, 28 Nov 2011 22:23:07 +0200 From: Jaakko Heinonen <jh@FreeBSD.org> To: Gleb Smirnoff <glebius@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, "Bjoern A. Zeeb" <bz@FreeBSD.org>, src-committers@freebsd.org Subject: Re: svn commit: r228071 - head/sys/net Message-ID: <20111128202307.GA4064@jh> In-Reply-To: <E15FE643-3360-4D42-8736-827104FDD128@FreeBSD.org> References: <201111281444.pASEixdO095604@svn.freebsd.org> <E15FE643-3360-4D42-8736-827104FDD128@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2011-11-28, Bjoern A. Zeeb wrote:
> > static void
> > if_clone_free(struct if_clone *ifc)
> > {
> > - for (int bytoff = 0; bytoff < ifc->ifc_bmlen; bytoff++) {
> > - KASSERT(ifc->ifc_units[bytoff] == 0x00,
> > - ("ifc_units[%d] is not empty", bytoff));
> > - }
> >
> > KASSERT(LIST_EMPTY(&ifc->ifc_iflist),
> > ("%s: ifc_iflist not empty", __func__));
> >
> > IF_CLONE_LOCK_DESTROY(ifc);
> > - free(ifc->ifc_units, M_CLONE);
> > + delete_unrhdr(ifc->ifc_unrhdr);
> > }
delete_unrhdr() KASSERTs that all allocations has been freed. Thus if
the leak below has occurred, the result will be a panic at this point
with INVARIANTS enabled kernel. If INVARIANTS is disabled, a memory leak
is possible.
> > + snprintf(name, IFNAMSIZ, "%s%d", ifc->ifc_name, *unit);
> > + if (ifunit(name) != NULL) {
> > + if (wildcard)
> > + goto retry; /* XXXGL: yep, it's a unit leak */
> > + else
> > + return (EEXIST);
--
Jaakko
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111128202307.GA4064>