From 2f1a571c9707d596d7716cec9488e54ba4c0c946 Mon Sep 17 00:00:00 2001
From: Zdenek Kabelac <zkabelac@redhat.com>
Date: Wed, 29 May 2013 12:42:09 +0200
Subject: [PATCH] fid: fix reset of PV fid

Avoid hitting memory corruption (double free) in code path,
where PV FID has been already destroyed and the released pointer
was left in PV structure and could have been tried to be released
from there 2nd. time with final context destruction.
---
 WHATS_NEW               | 1 +
 lib/metadata/metadata.c | 3 +--
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/WHATS_NEW b/WHATS_NEW
index 40fd56949..f5adc0bfc 100644
--- a/WHATS_NEW
+++ b/WHATS_NEW
@@ -1,5 +1,6 @@
 Version 2.02.99 - 
 ===================================
+  Fix release of PV's fid in free_pv_fid().
   Skip monitoring of snapshots that are already bigger then origin.
   Add lv_is_cow_covering_origin() to check if cow covers origin size.
   Use libdm dm_get_status_snapshot() to parse snapshot status.
diff --git a/lib/metadata/metadata.c b/lib/metadata/metadata.c
index 351d157d7..62b5c3f4f 100644
--- a/lib/metadata/metadata.c
+++ b/lib/metadata/metadata.c
@@ -3402,8 +3402,7 @@ void free_pv_fid(struct physical_volume *pv)
 	if (!pv)
 		return;
 
-	if (pv->fid)
-		pv->fid->fmt->ops->destroy_instance(pv->fid);
+	pv_set_fid(pv, NULL);
 }
 
 /* This is only called by lv_from_lvid, which is only called from