[issue1777] vn panic: Freeing already free credential! 0xdef403f8
Joe Talbott
josepht at cstone.net
Sat Jun 5 11:59:16 PDT 2010
On Sat, Jun 05, 2010 at 09:00:51AM -0700, Matthew Dillon wrote:
>
> :> : * Set credits in our softc
> :> : */
> :> :
> :> :- if (vn->sc_cred)
> :> :+ if (vn->sc_cred && vn->sc_cred->cr_ref > 0)
> :> : crfree(vn->sc_cred);
> :> : vn->sc_cred = crdup(cred);
> :>
> :> That can't be right. If vn->sc_cred is set at all there must be a
> :> ref on it. If there isn't something is leaking a crfree() without
> :> clearing it.
> :
> :I've been looking at the backtrace and in frame 6 vn->sc_cred is 0x00
> :but cr in frame 5 is non-NULL and appears to be corrupted.
> :
> :Joe
>
> Check the rest of the vn structure and see if it is corrupted. If
> it isn't then what is probably happening is some other subsystem
> (possibly part of the call path into vn, before it gets to vn) might
> be blowing up the credential. It might not be VN's fault.
>
The vn structure appears to NOT be corrupt. Seems like a race if
vn->sc_cred goes from NULL to non-NULL between frame 6 and 5. Could
this be related to my recent link_elf change (setting p to proc0 if p
is NULL)?
Joe
More information about the Bugs
mailing list