svn commit: r294595 - head/sys/fs/devfs
Konstantin Belousov
kib at FreeBSD.org
Fri Jan 22 20:30:52 UTC 2016
Author: kib
Date: Fri Jan 22 20:30:51 2016
New Revision: 294595
URL: https://svnweb.freebsd.org/changeset/base/294595
Log:
When devfs dirent is freed, a vnode might still keep a pointer to it,
apparently. Interlock and clear the pointer to avoid free memory
dereference.
Submitted by: bde (previous version)
MFC after: 3 weeks
Modified:
head/sys/fs/devfs/devfs_devs.c
Modified: head/sys/fs/devfs/devfs_devs.c
==============================================================================
--- head/sys/fs/devfs/devfs_devs.c Fri Jan 22 20:28:24 2016 (r294594)
+++ head/sys/fs/devfs/devfs_devs.c Fri Jan 22 20:30:51 2016 (r294595)
@@ -304,6 +304,13 @@ devfs_vmkdir(struct devfs_mount *dmp, ch
void
devfs_dirent_free(struct devfs_dirent *de)
{
+ struct vnode *vp;
+
+ vp = de->de_vnode;
+ mtx_lock(&devfs_de_interlock);
+ if (vp != NULL && vp->v_data == de)
+ vp->v_data = NULL;
+ mtx_unlock(&devfs_de_interlock);
free(de, M_DEVFS3);
}
More information about the svn-src-head
mailing list