[issue1777] vn panic: Freeing already free credential! 0xdef403f8
Joe Talbott
josepht at cstone.net
Sat Jun 5 07:00:49 PDT 2010
On Fri, Jun 04, 2010 at 09:45:37PM -0700, Matthew Dillon wrote:
>
> :I'm not sure this is the correct approach, but the attached patch
> :should fix this issue.
> :
> :Joe
> :...
> :
> :diff --git a/sys/dev/disk/vn/vn.c b/sys/dev/disk/vn/vn.c
> :index 95bcf44..9f45281 100644
> :--- a/sys/dev/disk/vn/vn.c
> :+++ b/sys/dev/disk/vn/vn.c
> :@@ -697,7 +697,7 @@ vnsetcred(struct vn_softc *vn, struct ucred *cred)
> : * Set credits in our softc
> : */
> :
> :- if (vn->sc_cred)
> :+ if (vn->sc_cred && vn->sc_cred->cr_ref > 0)
> : crfree(vn->sc_cred);
> : vn->sc_cred = crdup(cred);
>
> That can't be right. If vn->sc_cred is set at all there must be a
> ref on it. If there isn't something is leaking a crfree() without
> clearing it.
I've been looking at the backtrace and in frame 6 vn->sc_cred is 0x00
but cr in frame 5 is non-NULL and appears to be corrupted.
Joe
More information about the Bugs
mailing list