Author: kib
Date: Wed Mar 12 15:13:57 2014
New Revision: 263092
URL: http://svnweb.freebsd.org/changeset/base/263092
Log:
Do not vdrop() the tmpfs vnode until it is unlocked. The hold
reference might be the last, and then vdrop() would free the vnode.
Reported and tested by: bdrewery
MFC after: 1 week
Modified:
head/sys/vm/vm_object.c
Modified: head/sys/vm/vm_object.c
==============================================================================
--- head/sys/vm/vm_object.c Wed Mar 12 14:29:08 2014 (r263091)
+++ head/sys/vm/vm_object.c Wed Mar 12 15:13:57 2014 (r263092)
@@ -536,17 +536,18 @@ vm_object_deallocate(vm_object_t object)
vhold(vp);
VM_OBJECT_WUNLOCK(object);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
- vdrop(vp);
VM_OBJECT_WLOCK(object);
if (object->type == OBJT_DEAD ||
object->ref_count != 1) {
VM_OBJECT_WUNLOCK(object);
VOP_UNLOCK(vp, 0);
+ vdrop(vp);
return;
}
if ((object->flags & OBJ_TMPFS) != 0)
VOP_UNSET_TEXT(vp);
VOP_UNLOCK(vp, 0);
+ vdrop(vp);
}
if (object->shadow_count == 0 &&
object->handle == NULL &&
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
