Author: kib
Date: Sat Jun 3 14:15:14 2017
New Revision: 319519
URL: https://svnweb.freebsd.org/changeset/base/319519
Log:
Clean possible td_su reference on the struct mount being unmounted as
the last step of ffs_unmount().
It is possible that the mount point is recorded for cleanup in AST
context while softdep flush is executed during unmount. The workitems
are flushed by other means for the unmount, but the stray reference to
struct mount blocks destruction of mount. Check for the situation and
manually call vfs_rel() before returning from ffs_unmount().
Reported and tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Modified:
head/sys/ufs/ffs/ffs_vfsops.c
Modified: head/sys/ufs/ffs/ffs_vfsops.c
==============================================================================
--- head/sys/ufs/ffs/ffs_vfsops.c Sat Jun 3 14:12:17 2017
(r319518)
+++ head/sys/ufs/ffs/ffs_vfsops.c Sat Jun 3 14:15:14 2017
(r319519)
@@ -1319,6 +1319,10 @@ ffs_unmount(mp, mntflags)
MNT_ILOCK(mp);
mp->mnt_flag &= ~MNT_LOCAL;
MNT_IUNLOCK(mp);
+ if (td->td_su == mp) {
+ td->td_su = NULL;
+ vfs_rel(mp);
+ }
return (error);
fail:
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
