kern/71431: [panic fix] [patch] geom_uzip.ko caused panic
Max Khon
fjoe at samodelkin.net
Tue Sep 14 11:42:22 PDT 2004
Hi!
On Tue, Sep 14, 2004 at 04:02:45PM +0900, daichi wrote:
> I think this problem depends on malloc/free confusion.
> In shortly, next code is bad I think.
>
> void * buf = malloc(size, M_GEOM, M_WAITOK);
> free(buf, M_GEOM_UZIP);
>
> In for_loop of g_uzip_taste, malloced area gets free
> with M_GEOM_UZIP flag. But the area is malloced with
> M_GEOM flag. I think this causes problem.
Now I see the problem! Does this patch fix the problem for you?
Index: g_uzip.c
===================================================================
RCS file: /home/ncvs/src/sys/geom/uzip/g_uzip.c,v
retrieving revision 1.1.2.1
diff -u -p -r1.1.2.1 g_uzip.c
--- g_uzip.c 10 Sep 2004 07:00:38 -0000 1.1.2.1
+++ g_uzip.c 14 Sep 2004 18:19:36 -0000
@@ -424,7 +424,7 @@ g_uzip_taste(struct g_class *mp, struct
for (blk = 1; offsets_read < total_offsets; blk++) {
uint32_t nread;
- free(buf, M_GEOM_UZIP);
+ free(buf, M_GEOM);
buf = g_read_data(
cp, blk * pp->sectorsize, pp->sectorsize, &error);
if (buf == NULL || error != 0)
@@ -470,7 +470,7 @@ err:
g_topology_lock();
g_access(cp, -1, 0, 0);
if (buf != NULL)
- free(buf, M_GEOM_UZIP);
+ free(buf, M_GEOM);
if (gp->softc != NULL) {
g_uzip_softc_free(gp->softc, NULL);
gp->softc = NULL;
/fjoe
More information about the freebsd-geom
mailing list