d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use the requested page's object field instead of the vnode's. In some

Browse Source 
cases, the vnode's object field is not initialized leading to a NULL
pointer dereference when the object is locked.

Tested by:	rwatson
This commit is contained in:
Alan Cox 2003-08-22 17:50:32 +00:00
parent 930d4ffa56
commit 49dc7ac17d
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=119318
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/fs/specfs/spec_vnops.c
View File

@ -765,7 +765,10 @@ spec_getpages(ap)
pmap_qremove(kva, pcount);
gotreqpage = 0;
VM_OBJECT_LOCK(vp->v_object);
/*
* While the page is busy, its object field is immutable.
*/
VM_OBJECT_LOCK(ap->a_m[ap->a_reqpage]->object);
vm_page_lock_queues();
for (i = 0, toff = 0; i < pcount; i++, toff = nextoff) {
nextoff = toff + PAGE_SIZE;
@ -818,7 +821,7 @@ spec_getpages(ap)
}
}
vm_page_unlock_queues();
VM_OBJECT_UNLOCK(vp->v_object);
VM_OBJECT_UNLOCK(ap->a_m[ap->a_reqpage]->object);
if (!gotreqpage) {
m = ap->a_m[ap->a_reqpage];
printf(