Bug 30306
| Summary: | Memory leak in __getcwd | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Mike Potanin <potanin> |
| Component: | kern | Assignee: | freebsd-bugs (Nobody) <bugs> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | 4.3-RELEASE | ||
| Hardware: | Any | ||
| OS: | Any | ||
In message <200109041159.f84BxMD67053@freefall.freebsd.org>, Mike Potanin writes: > for (vp = fdp->fd_cdir; vp != fdp->fd_rdir && vp != rootvnode;) { > if (vp->v_flag & VROOT) { >- if (vp->v_mount == NULL) { /* forced unmount */ >- free(buf, M_TEMP); >+ if (vp->v_mount == NULL) /* forced unmount */ > return (EBADF); >- } > vp = vp->v_mount->mnt_vnodecovered; > continue; Uhm, is this patch reversed by any chance ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. State Changed From-To: open->closed Committed in revision 1.60 of vfs_cache.c. Thanks for the bug report and the patch! Unfortunately this won't make it into 4.4 release, but I will merge it into -stable next week. |
Fix: "kern/vfs_cache.c" line 540 buf = bp = malloc(uap->buflen, M_TEMP, M_WAITOK); bp += uap->buflen - 1; *bp = '\0'; fdp = p->p_fd; slash_prefixed = 0; for (vp = fdp->fd_cdir; vp != fdp->fd_rdir && vp != rootvnode;) { if (vp->v_flag & VROOT) { - if (vp->v_mount == NULL) { /* forced unmount */ - free(buf, M_TEMP); + if (vp->v_mount == NULL) /* forced unmount */ return (EBADF); - } vp = vp->v_mount->mnt_vnodecovered; continue; } if (vp->v_dd->v_id != vp->v_ddid) { numcwdfail1++; free(buf, M_TEMP); return (ENOTDIR); } How-To-Repeat: mount ... /mnt mkdir /mnt/test cd /mnt/test umount -f /mnt /bin/pwd # Many times :-)