From 73254c9ee781d34b941f4568c37829afc03a72de Mon Sep 17 00:00:00 2001 From: Sam Leffler Date: Sat, 4 Oct 2008 23:58:02 +0000 Subject: [PATCH] dynamically allocate the task structure in firmware_mountroot: when booting from an MFS root (e.g. from an install CD) firmware_mountroot can be called twice with the second call happening before the task callback occurs; this results in the task structure contents being corrupted because it was declared static. Submitted by: marius (original version) --- sys/kern/subr_firmware.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/sys/kern/subr_firmware.c b/sys/kern/subr_firmware.c index 34a16003a195..d1450e642182 100644 --- a/sys/kern/subr_firmware.c +++ b/sys/kern/subr_firmware.c @@ -386,6 +386,8 @@ set_rootvnode(void *arg, int npending) VREF(rootvnode); } FILEDESC_XUNLOCK(p->p_fd); + + free(arg, M_TEMP); } /* @@ -395,10 +397,14 @@ set_rootvnode(void *arg, int npending) static void firmware_mountroot(void *arg) { - static struct task setroot_task; + struct task *setroot_task; - TASK_INIT(&setroot_task, 0, set_rootvnode, NULL); - taskqueue_enqueue(firmware_tq, &setroot_task); + setroot_task = malloc(sizeof(struct task), M_TEMP, M_NOWAIT); + if (setroot_task != NULL) { + TASK_INIT(setroot_task, 0, set_rootvnode, setroot_task); + taskqueue_enqueue(firmware_tq, setroot_task); + } else + printf("%s: no memory for task!\n", __func__); } EVENTHANDLER_DEFINE(mountroot, firmware_mountroot, NULL, 0);