relay_alloc() (in src/sys/rpc/replay.c) calls malloc() with the M_NOWAIT flag, then proceeds to assume the pointer returned by malloc() is not NULL. This could cause a panic in a situation in which malloc() cannot satisfy the request. Fix: Check the return code from malloc(). See attached patch. Patch attached with submission follows:
State Changed From-To: open->patched This had been already fixed in head/ by pjd.
Responsible Changed From-To: freebsd-bugs->pjd This had been already fixed in head/ by pjd.
Fixed by r211853