From 495615802f3671f1656d92a8712341a9b78d8dd1 Mon Sep 17 00:00:00 2001
From: Olaf Buddenhagen <antrik@gmx.net>
Date: Tue, 19 Feb 2013 23:30:18 +0100
Subject: Fix spurious deallocation

* server.c (WriteDestroyArg): Only dealloc out-of-line memory from
request message if KERN_SUCCESS.
---
 server.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'server.c')

diff --git a/server.c b/server.c
index a49bb01..a041e61 100644
--- a/server.c
+++ b/server.c
@@ -761,16 +761,21 @@ WriteDestroyArg(FILE *file, register const argument_t *arg)
     if (akCheck(arg->argKind, akbIndefinite)) {
 	/*
 	 * Deallocate only if out-of-line.
+	 *
+	 * Also skip deallocation if error occured in processing the RPC.
+	 * (Generic RPC handling code will clean up in this case)
 	 */
 	argument_t *count = arg->argCount;
 	ipc_type_t *btype = it->itElement;
 	int	multiplier = btype->itTypeSize / btype->itNumber;
 
-	fprintf(file, "\tif (!In%dP->%s%s.msgt_inline)\n",
+	fprintf(file, "\tif (OutP->%s == KERN_SUCCESS)\n",
+		arg->argRoutine->rtRetCode->argMsgField);
+	fprintf(file, "\t\tif (!In%dP->%s%s.msgt_inline)\n",
 		arg->argRequestPos,
 		arg->argTTName,
 		arg->argLongForm ? ".msgtl_header" : "");
-	fprintf(file, "\t\t%smig_deallocate(* (vm_offset_t *) %s, ",
+	fprintf(file, "\t\t\t%smig_deallocate(* (vm_offset_t *) %s, ",
 		SubrPrefix, InArgMsgField(arg));
 	if (multiplier > 1)
 	    fprintf(file, "%d * ", multiplier);
-- 
cgit v1.2.3