svn commit: r228071 - head/sys/net
Jaakko Heinonen
jh at FreeBSD.org
Mon Nov 28 20:40:02 UTC 2011
On 2011-11-28, Bjoern A. Zeeb wrote:
> > static void
> > if_clone_free(struct if_clone *ifc)
> > {
> > - for (int bytoff = 0; bytoff < ifc->ifc_bmlen; bytoff++) {
> > - KASSERT(ifc->ifc_units[bytoff] == 0x00,
> > - ("ifc_units[%d] is not empty", bytoff));
> > - }
> >
> > KASSERT(LIST_EMPTY(&ifc->ifc_iflist),
> > ("%s: ifc_iflist not empty", __func__));
> >
> > IF_CLONE_LOCK_DESTROY(ifc);
> > - free(ifc->ifc_units, M_CLONE);
> > + delete_unrhdr(ifc->ifc_unrhdr);
> > }
delete_unrhdr() KASSERTs that all allocations has been freed. Thus if
the leak below has occurred, the result will be a panic at this point
with INVARIANTS enabled kernel. If INVARIANTS is disabled, a memory leak
is possible.
> > + snprintf(name, IFNAMSIZ, "%s%d", ifc->ifc_name, *unit);
> > + if (ifunit(name) != NULL) {
> > + if (wildcard)
> > + goto retry; /* XXXGL: yep, it's a unit leak */
> > + else
> > + return (EEXIST);
--
Jaakko
More information about the svn-src-head
mailing list