d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

When creating a shadow vm_object in vmspace_fork(), only one

Browse Source 
reference count was transferred to the new object, but both the
new and the old map entries had pointers to the new object.
Correct this by transferring the second reference.

This fixes a panic that can occur when mmap(2) is used with the
MAP_INHERIT flag.

PR:		i386/25603
Reviewed by:	dillon, alc
This commit is contained in:
Ian Dowse 2001-03-09 18:25:54 +00:00
parent 3f610476ac
commit d30344bdfa
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/vm/vm_map.c
View File

@ -2155,6 +2155,10 @@ vmspace_fork(vm1)
&old_entry->offset,
atop(old_entry->end - old_entry->start));
old_entry->eflags &= ~MAP_ENTRY_NEEDS_COPY;
/* Transfer the second reference too. */
vm_object_reference(
old_entry->object.vm_object);
vm_object_deallocate(object);
object = old_entry->object.vm_object;
}
vm_object_clear_flag(object, OBJ_ONEMAPPING);