Bugzilla – Bug 2387
libbe.so:beCopy() frees nvlist variables before using them
Last modified: 2008-11-24 12:56:13 UTC
You need to log in before you can comment on or make changes to this bug.
This bug is seen when doing a 'pkg image-update' on build 90. pkg produces the error: # pkg image-update pkg: attempt to mount opensolaris-1 failed. pkg: image-update cannot be done on live image The cause is that libbe_pymod/libbe.c:beCopy() is freeing nvlist variables before returning them to the caller. Here's the snippet: if (nvlist_lookup_string(beAttrs, BE_ATTR_NEW_BE_NAME, &trgtBeName) != 0) { goto cleanupFailure; } if (nvlist_lookup_string(beAttrs, BE_ATTR_SNAP_NAME, &trgtSnapName) != 0) { goto cleanupFailure; } nvlist_free(beAttrs); return (Py_BuildValue("[iss]", 0, trgtBeName, trgtSnapName)); Calling nvlist_free(beAttrs) before building python values and returning them results in deallocated references for trgtBeName and trgtSnapName resulting in junk being returned to the caller. Thanks to Ethan for root causing this one.
Fixed in changeset 172:6a0ad6662c90
The workaround for this bug is: $ pfexec beadm create opensolaris-<N+1> $ pfexec beadm mount opensolaris-<N+1> /mnt $ pfexec pkg -R /mnt image-update $ pfexec beadm unmount opensolaris-<N+1> $ pfexec beadm activate opensolaris-<N+1>
*** Bug 3539 has been marked as a duplicate of this bug. ***