d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Clean possible td_su reference on the struct mount being unmounted as

Browse Source 
the last step of ffs_unmount().

It is possible that the mount point is recorded for cleanup in AST
context while softdep flush is executed during unmount.  The workitems
are flushed by other means for the unmount, but the stray reference to
struct mount blocks destruction of mount.  Check for the situation and
manually call vfs_rel() before returning from ffs_unmount().

Reported and tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
This commit is contained in:
Konstantin Belousov 2017-06-03 14:15:14 +00:00
parent a7ca2c6ad0
commit 4cbc378c61
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=319519
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/ufs/ffs/ffs_vfsops.c
View File

@ -1319,6 +1319,10 @@ ffs_unmount(mp, mntflags)
MNT_ILOCK(mp); MNT_ILOCK(mp);
mp->mnt_flag &= ~MNT_LOCAL; mp->mnt_flag &= ~MNT_LOCAL;
MNT_IUNLOCK(mp); MNT_IUNLOCK(mp);
if (td->td_su == mp) {
td->td_su = NULL;
vfs_rel(mp);
}
return (error); return (error);
fail: fail: