kernel panic in free() called from semop()
Robert Watson
rwatson at FreeBSD.org
Sat Nov 13 00:10:07 PST 2004
Sorry about that, fixes committed!
On Fri, 12 Nov 2004, Don Lewis wrote:
> @@ -900,7 +901,7 @@ semop(td, uap)
> semid = IPCID_TO_IX(semid); /* Convert back to zero origin */
>
> if (semid < 0 || semid >= seminfo.semmni)
> - return (EINVAL);
> + error = EINVAL;
This was part of a second set of changes that I haven't yet merged, which
slipped through while I was breaking out the ABI changes.
> @@ -1152,6 +1153,7 @@ done2:
> mtx_unlock(sema_mtxp);
> if (sops != small_sops)
> free(sops, M_SEM);
> + free(sops, M_SEM);
> return (error);
> }
And this is from incorrectly merging the small_sops change to the
TrustedBSD branch when it was originally committed.
I thought I'd gone through the patches pretty carefully for this sort of
thing, but I guess after reading through three files of the system v IPC
code, the eyes go numb.
Thanks,
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Principal Research Scientist, McAfee Research
More information about the freebsd-current
mailing list